× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c81c0a2b3daeb5a80644bda9faeab26357dec3e4e0256d4a0088aae8e3ad5a6f
File name: Dane aplikacjiwinupd.exe
Detection ratio: 6 / 44
Analysis date: 2012-10-23 00:40:52 UTC ( 6 years, 7 months ago ) View latest
Antivirus Result Update
BitDefender Gen:Variant.Barys.2940 20121023
Emsisoft Gen:Variant.Barys.2940 (B) 20121023
F-Secure Gen:Variant.Barys.2940 20121023
GData Gen:Variant.Barys.2940 20121023
Kaspersky Backdoor.Win32.DarkKomet.irc 20121023
eScan Gen:Variant.Barys.2940 20121023
Yandex 20121022
AhnLab-V3 20121022
AntiVir 20121022
Antiy-AVL 20121023
Avast 20121022
AVG 20121023
ByteHero 20121019
CAT-QuickHeal 20121022
ClamAV 20121023
Commtouch 20121023
Comodo 20121023
DrWeb 20121022
eSafe 20121017
ESET-NOD32 20121022
F-Prot 20121023
Fortinet 20121022
Ikarus 20121022
Jiangmin 20121022
K7AntiVirus 20121022
Kingsoft 20121008
McAfee 20121023
McAfee-GW-Edition 20121023
Microsoft 20121023
Norman 20121022
nProtect 20121022
Panda 20121022
PCTools 20121022
Rising 20121022
Sophos AV 20121023
SUPERAntiSpyware 20121023
Symantec 20121023
TheHacker 20121021
TotalDefense 20121022
TrendMicro 20121023
TrendMicro-HouseCall 20121023
VBA32 20121022
VIPRE 20121023
ViRobot 20121023
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Original name FUD.scr
Internal name FUD.scr
File version 0.0.0.0
Description
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-10-20 22:53:32
Entry Point 0x0007220E
Number of sections 3
.NET details
Module Version ID 2bc246b8-e211-4e14-b703-c93a7ad10998
TypeLib ID 00000000-0000-0000-0000-000000000000
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
1536

ImageVersion
0.0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
FUD.scr

MIMEType
application/octet-stream

FileVersion
0.0.0.0

TimeStamp
2012:10:20 22:53:32+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
FUD.scr

ProductVersion
0.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
459776

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0x7220e

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 3ae6a42edbb38ce65fd8b7130c1e7fd3
SHA1 194d6dd4f841ffa7787629cd1426c1b49669f445
SHA256 c81c0a2b3daeb5a80644bda9faeab26357dec3e4e0256d4a0088aae8e3ad5a6f
ssdeep
6144:DKIB8fu6M6Vsr1U+Baz0DZn/4tYoSwQD/7aP4418IN9CKoQtbPwrXfajI9AD:Db6MZ1NBa2V4tkDDD4Z0KoQgSR

authentihash 92912af12d1f9d03292b9dd34dc1c80cef0f8d90aad18caa638602bf21773ab9
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 451.0 KB ( 461824 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (82.9%)
Win32 Dynamic Link Library (generic) (7.4%)
Win32 Executable (generic) (5.1%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2012-10-23 00:40:52 UTC ( 6 years, 7 months ago )
Last submission 2016-01-18 05:06:10 UTC ( 3 years, 4 months ago )
File names ASVaSNL.dll
3ae6a42edbb38ce65fd8b7130c1e7fd3.exe
aa
Dane aplikacjiwinupd.exe
c81c0a2b3daeb5a80644bda9faeab26357dec3e4e0256d4a0088aae8e3ad5a6f.vir
FUD.scr
KPQLV.7z
acWaJBI.pdf
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!