× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c3cbf30c474a9b1f6d803ac382d533901b83506909f22972e83fda56934fe8ba
File name: 80.exe
Detection ratio: 2 / 55
Analysis date: 2016-03-14 15:32:46 UTC ( 1 year, 9 months ago ) View latest
Antivirus Result Update
Kaspersky UDS:DangerousObject.Multi.Generic 20160314
Qihoo-360 HEUR/QVM07.1.Malware.Gen 20160314
Ad-Aware 20160314
AegisLab 20160314
Yandex 20160313
AhnLab-V3 20160314
Alibaba 20160314
ALYac 20160314
Antiy-AVL 20160314
Arcabit 20160314
Avast 20160314
AVG 20160314
AVware 20160314
Baidu 20160314
Baidu-International 20160314
BitDefender 20160314
Bkav 20160312
ByteHero 20160314
CAT-QuickHeal 20160314
ClamAV 20160311
CMC 20160314
Comodo 20160314
Cyren 20160314
DrWeb 20160314
Emsisoft 20160314
ESET-NOD32 20160314
F-Prot 20160314
F-Secure 20160314
Fortinet 20160314
GData 20160314
Ikarus 20160314
Jiangmin 20160314
K7AntiVirus 20160314
K7GW 20160314
Malwarebytes 20160314
McAfee 20160314
McAfee-GW-Edition 20160314
Microsoft 20160314
eScan 20160314
NANO-Antivirus 20160314
nProtect 20160311
Panda 20160313
Rising 20160314
Sophos AV 20160314
SUPERAntiSpyware 20160314
Symantec 20160310
Tencent 20160314
TheHacker 20160313
TrendMicro 20160314
TrendMicro-HouseCall 20160314
VBA32 20160314
VIPRE 20160314
ViRobot 20160314
Zillya 20160314
Zoner 20160314
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2008-02-22 21:32:45
Entry Point 0x00028DD2
Number of sections 4
PE sections
Overlays
MD5 9220af152e055721f27032db470a1f08
File type data
Offset 282624
Size 138175
Entropy 5.85
PE imports
GetBrushOrgEx
CreateICA
GetSystemPaletteEntries
CreateFontA
GetRgnBox
GetStockObject
ResizePalette
GetObjectW
SetStretchBltMode
SetTextAlign
GetExpandedNameW
__p__fmode
_wcsset
_mbsspn
_CIasin
_jn
acos
_adjust_fdiv
qsort
sin
_lrotl
_j0
__getmainargs
_initterm
__setusermatherr
_y0
__p__commode
__set_app_type
Number of PE resources by type
RT_GROUP_ICON 2
RT_VERSION 1
Number of PE resources by language
ENGLISH UK 3
PE resources
ExifTool file metadata
LegalTrademarks
Arkansas

SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.31.238.133

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Differentiators Compunction Chicanery

CharacterSet
Unicode

InitializedDataSize
626688

EntryPoint
0x28dd2

OriginalFileName
Awardl.EXE

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2016

FileVersion
0.254.28.21

TimeStamp
2008:02:22 22:32:45+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Dovetail

ProductVersion
0.250.114.10

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Safer Networking Limited

CodeSize
167936

ProductName
Buggers Converged

ProductVersionNumber
0.76.142.219

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 86a1459464acb4b0c0a9d333e46f4e08
SHA1 1b5574111874ccde523896739d15145225e00e63
SHA256 c3cbf30c474a9b1f6d803ac382d533901b83506909f22972e83fda56934fe8ba
ssdeep
6144:SdFp3ZaT7g65ZcaYuFXj2kgjC7vF9+Pki6vDwEmJfuieLI4h7iNnbDLHly:Wp3E46Xsg2HjuIsi6UlWXEqOnbvH8

authentihash fde6bcff8471e3b93ee041b119aed9e2cebbefa1311f1f528093513f27636e8b
imphash 3e21e71cf3cd6cfaa08cf2ba2d304239
File size 410.9 KB ( 420799 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-03-14 15:07:28 UTC ( 1 year, 9 months ago )
Last submission 2017-08-07 20:40:31 UTC ( 4 months, 1 week ago )
File names benkow4prez.exe
benkow4prez.exe
ppowqo.exe
benkow4prez.exe
wfjvwt.exe
benkow4prez.exe
jnlilb.exe
80.exe
benkow4prez.exe
c3cbf30c4.exe
lafbrh.exe
benkow4prez.exe
vt_1b5574111874ccde523896739d15145225e00e63
c3cbf30_mockdl.exe
benkow4prez.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!