× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c680e4eeb7939ef36a227fbdd8c26029df56fbd149afb57c82a935ce4a2dc4d1
File name: ACv2_Client.asi
Detection ratio: 7 / 55
Analysis date: 2014-11-23 23:39:57 UTC ( 4 years, 5 months ago ) View latest
Antivirus Result Update
AVG Win32/Blacked 20141123
Avira (no cloud) TR/Black.Gen2 20141123
Baidu-International Trojan.Win32.VMProtect.BABD 20141123
Bkav W32.HfsAutoA.1379 20141120
Comodo UnclassifiedMalware 20141123
ESET-NOD32 a variant of Win32/Packed.VMProtect.ABD 20141124
Sophos AV Mal/VMProtBad-A 20141123
Ad-Aware 20141123
AegisLab 20141123
Yandex 20141123
AhnLab-V3 20141123
Antiy-AVL 20141123
Avast 20141123
AVware 20141121
BitDefender 20141124
ByteHero 20141124
CAT-QuickHeal 20141122
ClamAV 20141123
CMC 20141121
Cyren 20141123
DrWeb 20141123
Emsisoft 20141124
F-Prot 20141124
F-Secure 20141123
Fortinet 20141123
GData 20141123
Ikarus 20141123
Jiangmin 20141123
K7AntiVirus 20141121
K7GW 20141121
Kaspersky 20141124
Kingsoft 20141124
Malwarebytes 20141123
McAfee 20141123
McAfee-GW-Edition 20141123
Microsoft 20141123
eScan 20141124
NANO-Antivirus 20141123
Norman 20141123
nProtect 20141121
Panda 20141123
Qihoo-360 20141124
Rising 20141123
SUPERAntiSpyware 20141123
Symantec 20141123
Tencent 20141124
TheHacker 20141121
TotalDefense 20141123
TrendMicro 20141123
TrendMicro-HouseCall 20141123
VBA32 20141121
VIPRE 20141124
ViRobot 20141123
Zillya 20141122
Zoner 20141120
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-11-12 02:09:47
Entry Point 0x00323128
Number of sections 8
PE sections
PE imports
AdjustTokenPrivileges
GetAdaptersInfo
LocalFree
SetHandleCount
LocalAlloc
GetModuleHandleA
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleFileNameA
GetModuleFileNameExA
ShellExecuteExA
MessageBoxW
DeleteUrlCacheEntry
timeBeginPeriod
WSAGetLastError
Direct3DCreate9
URLDownloadToFileA
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2014:11:12 03:09:47+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
766976

LinkerVersion
12.0

EntryPoint
0x323128

InitializedDataSize
246784

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

Compressed bundles
File identification
MD5 4e9a86c0c893be6293b135bfbca5bccc
SHA1 a3402b5a1dc934c828004d0f72596e7c0ec67cae
SHA256 c680e4eeb7939ef36a227fbdd8c26029df56fbd149afb57c82a935ce4a2dc4d1
ssdeep
49152:Sxgm9v5muEsJRGRBpNGrC8eGxgeYkEoWwNfOmk0PLczVXYgzwfxS1:e5nEsLmvX8eGxgeY9qk0PozVXY6W

authentihash 6a9f1a71c505b1d33dfda4a50f7012a9518fe346a9d164065c5a7859ff7bc0e7
imphash 4fa3255b5944c8c31b87ac7170f81aeb
File size 2.2 MB ( 2337280 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
pedll

VirusTotal metadata
First submission 2014-11-23 23:39:57 UTC ( 4 years, 5 months ago )
Last submission 2015-02-23 12:30:38 UTC ( 4 years, 2 months ago )
File names newjump_ac.asi
ACv2_Client.asi
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!