× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c781023b6e975b621eb6ceaf0a74d13bde1e9c1ea5f43d6c845361b8dae7be40
File name: 0471dfac3512f6539e2360ae40223922
Detection ratio: 12 / 57
Analysis date: 2015-08-29 21:13:15 UTC ( 3 years, 6 months ago )
Antivirus Result Update
Yandex Trojan.PWS.Tepfer!cyENzl9fy64 20150829
Antiy-AVL Trojan[PSW]/Win32.Tepfer 20150829
Avast Win32:Malware-gen 20150829
AVG Zbot.AGIS 20150829
Avira (no cloud) TR/Dldr.Waski.397312.2 20150829
AVware Trojan.Win32.Generic!BT 20150829
ESET-NOD32 Win32/Spy.Zbot.ABW 20150829
Fortinet W32/Tepfer.ABW!tr.pws 20150829
GData Win32.Trojan.Agent.FE0TZI 20150829
Ikarus Trojan-Spy.Agent 20150829
Kaspersky Trojan-PSW.Win32.Tepfer.pswwhy 20150829
VIPRE Trojan.Win32.Generic!BT 20150829
Ad-Aware 20150829
AegisLab 20150829
AhnLab-V3 20150829
Alibaba 20150828
ALYac 20150829
Arcabit 20150829
Baidu-International 20150829
BitDefender 20150829
Bkav 20150829
ByteHero 20150829
CAT-QuickHeal 20150829
ClamAV 20150829
CMC 20150827
Comodo 20150829
Cyren 20150829
DrWeb 20150829
Emsisoft 20150829
F-Prot 20150829
F-Secure 20150828
Jiangmin 20150829
K7AntiVirus 20150829
K7GW 20150829
Kingsoft 20150829
Malwarebytes 20150829
McAfee 20150829
McAfee-GW-Edition 20150829
Microsoft 20150829
eScan 20150829
NANO-Antivirus 20150829
nProtect 20150828
Panda 20150829
Qihoo-360 20150829
Rising 20150826
Sophos AV 20150829
SUPERAntiSpyware 20150829
Symantec 20150829
Tencent 20150829
TheHacker 20150828
TotalDefense 20150829
TrendMicro 20150829
TrendMicro-HouseCall 20150829
VBA32 20150828
ViRobot 20150829
Zillya 20150829
Zoner 20150829
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-04-04 16:42:11
Entry Point 0x00056920
Number of sections 4
PE sections
PE imports
PlayEnhMetaFileRecord
GetCharABCWidthsW
GetTextMetricsW
SetMapMode
GetNearestColor
PolyPolyline
ResizePalette
SetTextAlign
GetPaletteEntries
GetCharABCWidthsA
PathToRegion
PlayMetaFile
SetMetaFileBitsEx
GetObjectType
CreateMetaFileW
SetColorAdjustment
GetBoundsRect
GetTextExtentPointA
CopyEnhMetaFileW
SetPixel
EndDoc
SetPaletteEntries
AngleArc
StretchDIBits
CopyEnhMetaFileA
GetTextExtentPointW
PlgBlt
CreateEllipticRgn
GetTextFaceW
CreatePalette
EqualRgn
CreateDIBitmap
GetPolyFillMode
CreateEllipticRgnIndirect
ExtCreateRegion
GetEnhMetaFileBits
GetTextFaceA
GetKerningPairsW
ArcTo
Pie
SetWindowExtEx
GetKerningPairsA
WidenPath
ExtCreatePen
GetFontData
GetBkColor
SetRectRgn
CreateFontA
GetEnhMetaFileA
GetTextCharsetInfo
GetDIBColorTable
PolyPolygon
CombineRgn
TextOutW
CreateFontIndirectW
OffsetRgn
EnumFontsW
GetCurrentPositionEx
GetEnhMetaFileW
EnumFontsA
GetPixel
PolyDraw
ExcludeClipRect
OffsetViewportOrgEx
EnumFontFamiliesW
RectInRegion
GetTextMetricsA
OffsetClipRgn
SetBitmapDimensionEx
GetCharacterPlacementA
CreateSolidBrush
GetObjectA
CreateEnhMetaFileW
GetOutlineTextMetricsA
SetAbortProc
FrameRgn
CreateBrushIndirect
SelectPalette
SetBkColor
GetOutlineTextMetricsW
CreateEnhMetaFileA
SetBoundsRect
CloseEnhMetaFile
SetROP2
EndPage
LineTo
GetNearestPaletteIndex
SetDIBColorTable
EnumEnhMetaFile
PtVisible
SetPixelV
BeginPath
DeleteObject
SetGraphicsMode
PlayMetaFileRecord
GetWindowExtEx
SetBitmapBits
AddFontResourceW
SetStretchBltMode
DeleteEnhMetaFile
Rectangle
PolylineTo
GetDeviceCaps
EnumFontFamiliesExA
StrokePath
StrokeAndFillPath
StartPage
GdiComment
CreateHatchBrush
CreateDIBPatternBrushPt
SetEnhMetaFileBits
SetDIBitsToDevice
GetStockObject
GetPath
PlayEnhMetaFile
ExtTextOutA
UnrealizeObject
FlattenPath
SelectClipRgn
RoundRect
ExtEscape
GetTextExtentPoint32A
GetViewportOrgEx
GetEnhMetaFileHeader
GetClipRgn
SetTextCharacterExtra
GetTextExtentPoint32W
GetTextCharset
CreatePatternBrush
CreatePolygonRgn
Polygon
CreateHalftonePalette
GetGlyphOutlineW
GetBkMode
MaskBlt
GetBitmapBits
GetBitmapDimensionEx
SelectObject
FillPath
GetClipBox
GetCurrentObject
SetMiterLimit
MoveToEx
EnumFontFamiliesExW
SetViewportOrgEx
GetGraphicsMode
CreateRoundRectRgn
CreateCompatibleDC
PolyBezierTo
CreateFontW
PolyBezier
Chord
SetBrushOrgEx
SetViewportExtEx
SetPolyFillMode
CopyMetaFileW
GetTextCharacterExtra
SetTextJustification
GetStretchBltMode
Polyline
DPtoLP
CopyMetaFileA
AbortDoc
Ellipse
GetStartupInfoA
GetModuleHandleA
LoadLibraryExW
_except_handler3
__p__fmode
_acmdln
_exit
__p__commode
__setusermatherr
exit
_XcptFilter
__getmainargs
_initterm
_controlfp
_adjust_fdiv
__set_app_type
RasGetCountryInfoA
Number of PE resources by type
RT_ICON 8
RT_GROUP_ICON 4
RT_VERSION 1
Number of PE resources by language
MACEDONIAN DEFAULT 6
ENGLISH EIRE 4
SERBIAN ARABIC ALGERIA 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
1957888

ImageVersion
0.0

ProductName
Martial Lipped

FileVersionNumber
0.111.81.244

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Peppering

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
Inelegant.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
0.96.147.77

TimeStamp
2009:04:04 16:42:11+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
Odes

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 1932

MachineType
Intel 386 or later, and compatibles

CompanyName
Kookaburra Software

CodeSize
352256

FileSubtype
0

ProductVersionNumber
0.19.130.117

EntryPoint
0x56920

ObjectFileType
Executable application

File identification
MD5 0471dfac3512f6539e2360ae40223922
SHA1 e81ff1915f80af1ae1d0917d7c071ebd513ee214
SHA256 c781023b6e975b621eb6ceaf0a74d13bde1e9c1ea5f43d6c845361b8dae7be40
ssdeep
12288:hZ/4DYtz0D9uox/qCcfZMW3gVy8AkZRSnI2eH:hZQDqz0xn/q1FgVy/W8

authentihash d270121fe9fffdc58bc3622961fa719213eb3ec317aa36b4c5908f609d453d13
imphash afde3531fecc518eef9c1b0c24cff996
File size 388.0 KB ( 397312 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2015-08-29 21:13:15 UTC ( 3 years, 6 months ago )
Last submission 2015-08-29 21:13:15 UTC ( 3 years, 6 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Opened mutexes
Opened service managers
Runtime DLLs