× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c5184a30a88c234d3031c7661e0383114b54078448d62ae6fb51a4455863d4b5
File name: Ascgen2.exe
Detection ratio: 53 / 66
Analysis date: 2018-07-18 21:22:59 UTC ( 4 hours, 16 minutes ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Symmi.67297 20180718
AegisLab Uds.Dangerousobject.Multi!c 20180718
AhnLab-V3 Trojan/Win32.Dynamer.C1511982 20180718
ALYac Gen:Variant.Symmi.67297 20180718
Arcabit Trojan.Symmi.D106E1 20180718
Avast Win32:Trojan-gen 20180718
AVG Win32:Trojan-gen 20180718
Avira (no cloud) HEUR/AGEN.1017271 20180718
AVware Trojan.Win32.Generic!BT 20180718
Babable Malware.HighConfidence 20180406
BitDefender Gen:Variant.Symmi.67297 20180718
CAT-QuickHeal Trojan.Dynamer 20180718
Comodo TrojWare.Win32.Genome.vtmf 20180718
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180530
Cybereason malicious.021feb 20180225
Cylance Unsafe 20180718
Cyren W32/S-9c3daa8b!Eldorado 20180718
DrWeb Trojan.DownLoader22.7896 20180718
Emsisoft Gen:Variant.Symmi.67297 (B) 20180718
Endgame malicious (high confidence) 20180711
ESET-NOD32 Win32/TrojanDownloader.Zurgop.CB 20180718
F-Prot W32/S-9c3daa8b!Eldorado 20180718
F-Secure Gen:Variant.Symmi.67297 20180718
Fortinet W32/Sharik.XIG!tr 20180718
GData Gen:Variant.Symmi.67297 20180718
Ikarus Trojan-Downloader.Win32.Zurgop 20180718
Sophos ML heuristic 20180717
Jiangmin Trojan.Sharik.mb 20180718
K7AntiVirus Trojan-Downloader ( 004dc4591 ) 20180718
K7GW Trojan-Downloader ( 004dc4591 ) 20180718
Kaspersky Trojan.Win32.Sharik.xig 20180718
MAX malware (ai score=100) 20180718
McAfee Artemis!BCE202C021FE 20180718
McAfee-GW-Edition Artemis!Trojan 20180718
Microsoft Trojan:Win32/Dynamer!ac 20180718
eScan Gen:Variant.Symmi.67297 20180718
NANO-Antivirus Trojan.Win32.Dwn.eemnbi 20180718
Palo Alto Networks (Known Signatures) generic.ml 20180718
Panda Trj/GdSda.A 20180718
Qihoo-360 HEUR/QVM10.1.7761.Malware.Gen 20180718
Rising Downloader.Zurgop!8.4BB (CLOUD) 20180718
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV Mal/Generic-S 20180718
Symantec Trojan.Smoaler 20180718
Tencent Win32.Trojan.Sharik.Pkgw 20180718
TrendMicro TROJ_SHARIK.YUYJJ 20180718
TrendMicro-HouseCall TROJ_SHARIK.YUYJJ 20180718
VBA32 Trojan.Sharik 20180718
VIPRE Trojan.Win32.Generic!BT 20180718
Webroot W32.InfoStealer.Zeus 20180718
Yandex Trojan.Sharik!Rcgo1C4ab7Y 20180717
Zillya Trojan.Sharik.Win32.1963 20180718
ZoneAlarm by Check Point Trojan.Win32.Sharik.xig 20180718
Alibaba 20180713
Antiy-AVL 20180718
Avast-Mobile 20180718
Baidu 20180717
ClamAV 20180718
CMC 20180718
eGambit 20180718
Kingsoft 20180718
Malwarebytes 20180718
SUPERAntiSpyware 20180718
TACHYON 20180718
TheHacker 20180718
Trustlook 20180718
ViRobot 20180718
Zoner 20180717
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Jonathan Mathews

Product Ascii Generator 2
Original name Ascgen2.exe
Internal name Ascgen2.exe
File version 2.0.0.1
Description Ascii Generator 2
Comments http://ascgendotnet.jmsoftware.co.uk/
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-07-14 21:02:03
Entry Point 0x000036FD
Number of sections 4
PE sections
PE imports
GetStockObject
GetLastError
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetSystemInfo
GetOEMCP
LCMapStringA
HeapDestroy
GetTickCount
OutputDebugStringA
TlsAlloc
VirtualProtect
GetVersionExA
GetModuleFileNameA
RtlUnwind
GetNumaNodeProcessorMask
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
LoadLibraryExA
GetEnvironmentStrings
GetLocaleInfoA
GetCurrentProcessId
WideCharToMultiByte
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
TlsFree
GetStartupInfoA
GetCPInfo
GetStringTypeA
GetModuleHandleA
SetUnhandledExceptionFilter
WriteFile
GetComputerNameExW
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
HeapAlloc
TerminateProcess
QueryPerformanceCounter
InitializeCriticalSection
HeapCreate
VirtualQuery
VirtualFree
GetEnvironmentStringsW
InterlockedDecrement
Sleep
GetFileType
TlsSetValue
ExitProcess
GetCurrentThreadId
LeaveCriticalSection
VirtualAlloc
LocalAlloc
SetLastError
InterlockedIncrement
SetFocus
CharPrevA
GetForegroundWindow
GetParent
EndDialog
DestroyWindow
DefWindowProcW
DestroyMenu
DialogBoxParamW
LoadMenuW
RemoveMenu
CharToOemBuffA
SetWindowLongW
OemToCharBuffA
DestroyIcon
GetWindowRect
DispatchMessageA
EnableWindow
CharUpperBuffA
PeekMessageA
GetWindowDC
TranslateMessage
GetDlgItemTextW
PostMessageW
CharUpperA
SetDlgItemTextW
DispatchMessageW
GetAsyncKeyState
CheckDlgButton
SendMessageW
SetCursor
RegisterClassW
SendDlgItemMessageW
CharLowerA
GetWindowPlacement
LoadStringW
SetWindowTextW
GetDlgItem
SetMenuDefaultItem
DeleteMenu
PeekMessageW
GetSubMenu
TrackPopupMenu
ShowCursor
IsDlgButtonChecked
CharNextA
GetWindowTextW
RegisterClipboardFormatW
GetDesktopWindow
LoadCursorW
GetWindowTextLengthW
CreateWindowExW
InsertMenuW
GetWindowLongW
SetForegroundWindow
CharNextW
CharToOemA
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
LegalTrademarks
Ascgen

SubsystemVersion
5.0

Comments
http://ascgendotnet.jmsoftware.co.uk/

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.0.0.1

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Ascii Generator 2

CharacterSet
Unicode

InitializedDataSize
83968

EntryPoint
0x36fd

OriginalFileName
Ascgen2.exe

MIMEType
application/octet-stream

LegalCopyright
Jonathan Mathews

FileVersion
2.0.0.1

TimeStamp
2016:07:14 22:02:03+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Ascgen2.exe

ProductVersion
2.0.0.1

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Jonathan Mathews Software

CodeSize
35840

ProductName
Ascii Generator 2

ProductVersionNumber
2.0.0.1

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 bce202c021feb61783563e21fc026767
SHA1 1ff52bed5f0fae0f3d0dda272f4acd124222a425
SHA256 c5184a30a88c234d3031c7661e0383114b54078448d62ae6fb51a4455863d4b5
ssdeep
1536:RlJC8E1uJk9yBMBJ9i6e7Ww+ww+HHy/obMjmrI7csvxRPE:RnCRyBMzEWw+6zIjmO5I

authentihash 774f88515ba78262aff1beef9158f8d6d116f69fcc1e848412272cededa2b615
imphash 92b1089f3f5dc8addb7d76ae0a2902f6
File size 98.5 KB ( 100864 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-07-15 08:16:32 UTC ( 2 years ago )
Last submission 2018-01-13 09:36:36 UTC ( 6 months ago )
File names c5184a30a88c234d3031c7661e0383114b54078448d62ae6fb51a4455863d4b5.exe
Ascgen2.exe
gonext
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R023C0CGI16.

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Created processes
Opened mutexes
Runtime DLLs
UDP communications