× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c883a11036a8737f3e88225baeff306cad0bb887542c5bd2cd45d30fcb33d306
File name: 90c5115ed41d2f1e3a4f765f87c06961
Detection ratio: 31 / 55
Analysis date: 2014-11-23 19:41:42 UTC ( 3 years, 6 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Adware.Kazy.432610 20141123
AhnLab-V3 PUP/Win32.LoadMoney 20141123
Antiy-AVL RiskWare[Downloader:not-a-virus]/Win32.Plocust 20141123
Avast Win32:LoadMoney-JU [PUP] 20141123
AVG Crypt3.BGLL 20141123
Avira (no cloud) APPL/Downloader.Gen7 20141123
AVware Trojan.Win32.Generic.pak!cobra 20141121
BitDefender Gen:Variant.Adware.Kazy.432610 20141123
Bkav HW32.Packed.387D 20141120
ClamAV Win.Trojan.Agent-813592 20141123
Comodo Application.Win32.LoadMoney.XU 20141123
DrWeb Trojan.LoadMoney.364 20141123
Emsisoft Gen:Variant.Adware.Kazy.432610 (B) 20141123
ESET-NOD32 a variant of Win32/Kryptik.CQAT 20141123
F-Secure Gen:Variant.Adware.Kazy.432610 20141123
Fortinet W32/Kryptik.CPAR!tr 20141123
GData Gen:Variant.Adware.Kazy.432610 20141123
Ikarus Trojan.Win32.Crypt 20141123
K7AntiVirus Unwanted-Program ( 0040f9901 ) 20141121
K7GW Unwanted-Program ( 0040f9901 ) 20141121
Malwarebytes PUP.Optional.Bundle 20141123
McAfee Packed-CQ 20141123
McAfee-GW-Edition BehavesLike.Win32.Pate.gh 20141123
Microsoft TrojanDownloader:Win32/Ogimant.gen!C 20141123
eScan Gen:Variant.Adware.Kazy.432610 20141123
NANO-Antivirus Trojan.Win32.Plocust.diqana 20141123
Panda Trj/Genetic.gen 20141123
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 20141123
TotalDefense Win32/Ogiman.QUPbFaC 20141123
VBA32 Malware-Cryptor.Limpopo 20141121
VIPRE Trojan.Win32.Generic.pak!cobra 20141123
AegisLab 20141123
Yandex 20141122
Baidu-International 20141123
ByteHero 20141123
CAT-QuickHeal 20141122
CMC 20141121
Cyren 20141123
F-Prot 20141123
Jiangmin 20141123
Kaspersky 20141123
Kingsoft 20141123
Norman 20141123
nProtect 20141121
Qihoo-360 20141123
Sophos AV 20141123
SUPERAntiSpyware 20141123
Symantec 20141123
Tencent 20141123
TheHacker 20141121
TrendMicro 20141123
TrendMicro-HouseCall 20141123
ViRobot 20141123
Zillya 20141122
Zoner 20141120
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright c 2005 - 2013

Product Downloader default
Original name Downloader.exe
Internal name Downloader default
File version 1, 0, 0, 1
Description Downloader default
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00001804
Number of sections 6
PE sections
PE imports
AdjustTokenGroups
OpenBackupEventLogW
OpenServiceW
CryptSetProviderA
CredpConvertCredential
CommandLineFromMsiDescriptor
RegOpenKeyA
RegReplaceKeyW
SaferSetPolicyInformation
RegConnectRegistryA
CreateCodeAuthzLevel
AreAllAccessesGranted
GetNamedSecurityInfoExA
LookupPrivilegeNameA
EncryptedFileKeyInfo
LsaLookupSids
WmiQuerySingleInstanceA
LogonUserW
WmiFileHandleToInstanceNameA
LsaQuerySecurityObject
WmiQueryAllDataMultipleW
SetSecurityDescriptorSacl
InstallApplication
CryptSignHashA
EnumDependentServicesW
ConvertAccessToSecurityDescriptorA
ConvertSecurityDescriptorToStringSecurityDescriptorA
FlatSB_ShowScrollBar
ImageList_Read
InitializeFlatSB
ImageList_Destroy
ImageList_LoadImageW
ImageList_Draw
CreatePropertySheetPageW
DrawStatusTextA
CreateStatusWindow
ImageList_Copy
ImageList_ReplaceIcon
ImageList_DragEnter
PrintDlgA
GetOpenFileNameA
ReplaceTextA
FindTextA
GetFileTitleW
ChooseFontW
GetSaveFileNameW
GetFileTitleA
ChooseColorA
CommDlgExtendedError
LoadAlterBitmap
GetSaveFileNameA
ChooseFontA
dwOKSubclass
GetFontData
GdiConvertDC
TextOutW
SetTextJustification
MoveToEx
SetArcDirection
AddFontResourceTracking
CreateDIBitmap
EngCreateDeviceSurface
EnumEnhMetaFile
GetEnhMetaFileHeader
GetAspectRatioFilterEx
EngCreateSemaphore
SetROP2
EngMarkBandingSurface
BRUSHOBJ_ulGetBrushColor
GetEnhMetaFileBits
GetTextMetricsW
STROBJ_bEnumPositionsOnly
GdiSetAttrs
LPtoDP
SetThreadLocale
VerifyVersionInfoA
DelayLoadFailureHook
ScrollConsoleScreenBufferA
DebugBreak
GetVolumePathNameA
GetFileAttributesW
VerifyVersionInfoW
OpenFileMappingW
lstrcatW
HeapWalk
SetTimerQueueTimer
FindResourceExW
FindNextVolumeMountPointW
QueryDosDeviceA
GetProfileIntW
ConnectNamedPipe
GetConsoleFontInfo
InterlockedDecrement
QueryDosDeviceW
MoveFileW
SetFileAttributesW
FindFirstVolumeMountPointA
SetLastError
GetUserDefaultUILanguage
GetSystemTime
GlobalFindAtomW
GetModuleFileNameW
ReplaceFile
DeleteTimerQueueEx
RemoveDirectoryA
FatalAppExitW
Heap32First
InvalidateConsoleDIBits
ActivateActCtx
GetSystemDefaultLCID
EnumDateFormatsA
CreateThread
GetSystemDefaultUILanguage
GetExitCodeThread
GlobalMemoryStatus
GetCurrentConsoleFont
LZStart
GetNumberFormatW
LocalCompact
GetThreadPriorityBoost
FillConsoleOutputCharacterA
MoveFileWithProgressW
SetEvent
GetTickCount
WriteConsoleOutputAttribute
GetProcessIoCounters
CreateDirectoryA
GetModuleHandleW
SetFileValidData
FormatMessageW
GetNumberOfConsoleFonts
CloseProfileUserMapping
lstrcmpW
IsValidLanguageGroup
GetTimeZoneInformation
WriteProfileSectionW
RemoveVectoredExceptionHandler
DefineDosDeviceW
GlobalDeleteAtom
GetTapeStatus
UnregisterWaitEx
BuildCommDCBW
EnumTimeFormatsW
PrivMoveFileIdentityW
WritePrivateProfileStringA
LockResource
BuildCommDCBAndTimeoutsW
QueryActCtxW
VirtualUnlock
GetDiskFreeSpaceW
GlobalFlags
OpenMutexW
ReadConsoleOutputCharacterA
GetConsoleInputWaitHandle
SetThreadUILanguage
WriteConsoleOutputCharacterW
OpenEventW
LZClose
SetComputerNameExW
FindResourceA
CoUnmarshalHresult
PropStgNameToFmtId
StgOpenAsyncDocfileOnIFillLockBytes
OleLoadFromStream
WriteClassStg
HMENU_UserUnmarshal
HBRUSH_UserMarshal
StgCreatePropStg
CreateGenericComposite
GetConvertStg
GetHookInterface
HWND_UserFree
OleCreateFromDataEx
CoReleaseServerProcess
CoGetApartmentID
CoSetProxyBlanket
VarUI2FromI8
VarI2FromDisp
SafeArrayGetElement
VarR8FromCy
VarWeekdayName
LPSAFEARRAY_Size
VarCyFromUI4
VarDecFromI8
VarUI8FromR8
VarUI8FromUI4
VarBstrFromI1
VarCyFromStr
OACreateTypeLib2
VarI4FromI2
CreateTypeLib2
VarR8FromUI2
VarDecFromI4
VarDateFromUI8
SHGetFolderPathW
SHGetDataFromIDListW
SHLoadInProc
DragFinish
StrRChrIW
DragQueryPoint
ShellHookProc
ExtractAssociatedIconW
SHGetInstanceExplorer
FindExecutableW
StrCmpNIA
SHGetIconOverlayIndexW
SheSetCurDrive
StrRStrIW
StrNCmpIA
PathGetCharTypeA
StrFormatKBSizeA
StrPBrkA
SHGetInverseCMAP
UrlEscapeW
SHRegGetUSValueA
PathFindSuffixArrayW
PathIsFileSpecA
SHOpenRegStreamW
UrlIsNoHistoryA
StrCatW
SHRegGetBoolUSValueA
AssocQueryKeyW
PathIsDirectoryEmptyW
StrToInt64ExA
PathCommonPrefixA
PathIsUNCServerA
ChrCmpIA
StrCmpW
SHRegOpenUSKeyW
PathAddExtensionA
StrDupW
SHCreateThread
StrChrNW
SHDeleteEmptyKeyW
PathMatchSpecA
GetMessageA
GetMonitorInfoW
MapVirtualKeyA
GetClassInfoExW
CreateDialogIndirectParamW
GetClipboardViewer
UnregisterHotKey
PostMessageA
ToAsciiEx
LoadMenuA
OpenWindowStationW
GetKeyboardLayoutNameW
GetComboBoxInfo
CharNextA
CloseDesktop
MapVirtualKeyW
SetSystemCursor
GetCaretPos
GetPropA
GetNextDlgGroupItem
ShowStartGlass
GetWindowThreadProcessId
MessageBoxExA
GetKeyNameTextA
ShowCursor
GetLastInputInfo
MonitorFromRect
SetDeskWallpaper
SetWindowWord
SetWindowsHookW
SetCapture
ReleaseCapture
LoadImageW
GetAltTabInfoA
AppendMenuW
AdjustWindowRectEx
SetCaretBlinkTime
BeginPaint
SetCursorContents
GetMenuDefaultItem
RegisterClipboardFormatW
GetKeyState
CharUpperA
SetSysColors
SetClassWord
MessageBoxExW
UnlockWindowStation
GetMenuItemRect
GetInputDesktop
AnyPopup
ShowScrollBar
WinHelpW
SetDoubleClickTime
GetUpdateRect
SubtractRect
GetDlgItem
DrawMenuBar
SystemParametersInfoW
BringWindowToTop
CopyAcceleratorTableA
EnableMenuItem
GetKeyNameTextW
LoadAcceleratorsA
DrawFocusRect
CreateMenu
LoadCursorA
CharToOemBuffA
IsDialogMessageW
GetMenuItemInfoA
UnhookWindowsHook
IsDlgButtonChecked
ModifyMenuW
OemToCharBuffA
GetSysColorBrush
PostThreadMessageW
RealChildWindowFromPoint
SetRectEmpty
LoadAcceleratorsW
GetWindowLongW
CloseClipboard
DrawTextW
GetUserObjectSecurity
SendMessageTimeoutW
DialogBoxIndirectParamA
TranslateAcceleratorW
VerLanguageNameA
GetFileVersionInfoA
VerFindFileW
VerInstallFileA
VerQueryValueW
VerLanguageNameW
VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueA
AddPrintProvidorW
SetPrinterA
DeletePrintProvidorA
SetPrinterDataW
FreePrinterNotifyInfo
DeletePrinterDriverExW
AddJobA
ResetPrinterA
SetFormA
DeletePrinterKeyW
CreatePrinterIC
GetJobA
EnumMonitorsA
AddPrinterA
GetPrintProcessorDirectoryA
AddPrinterDriverA
getaddrinfo
WSCUpdateProvider
WSAInstallServiceClassA
WSASendDisconnect
WSARecv
WSCInstallNameSpace
WSASocketW
WPUCompleteOverlappedRequest
WSAResetEvent
WSASetBlockingHook
WSALookupServiceBeginA
WSAJoinLeaf
getsockopt
WSAAccept
WSAHtons
WSAGetServiceClassInfoW
ntohs
WSAHtonl
WSASetServiceW
WSAStringToAddressA
WSAUnhookBlockingHook
gethostbyname
WSANtohs
WSAStringToAddressW
bind
recvfrom
WSAEnumNetworkEvents
WSCDeinstallProvider
WTSQueryUserConfigW
WTSVirtualChannelPurgeInput
WTSQuerySessionInformationA
WTSSendMessageW
WTSTerminateProcess
WTSOpenServerA
WTSVirtualChannelClose
WTSQuerySessionInformationW
WTSSetSessionInformationW
WTSEnumerateSessionsW
WTSEnumerateServersW
WTSEnumerateProcessesA
WTSEnumerateServersA
WTSVirtualChannelQuery
WTSQueryUserToken
RegDeleteKeyA
SetNamedSecurityInfoExW
CredEnumerateW
UninstallApplication
GetInheritanceSourceW
MD5Final
SetServiceStatus
SetEntriesInAccessListW
LsaLookupNames
DecryptFileW
EqualPrefixSid
CryptDeriveKey
GetNamedSecurityInfoW
LsaClearAuditLog
DeleteAce
RegQueryValueA
QueryServiceStatus
GetUserNameW
SetFileSecurityW
WmiQueryAllDataA
FreeEncryptionCertificateHashList
WmiNotificationRegistrationA
InitiateSystemShutdownA
BuildImpersonateExplicitAccessWithNameW
GetTraceEnableLevel
AreAllAccessesGranted
LsaQueryTrustedDomainInfo
GetSidIdentifierAuthority
RegQueryMultipleValuesW
LsaOpenSecret
EqualDomainSid
DeregisterEventSource
CreateRestrictedToken
UnregisterIdleTask
ElfReportEventW
CryptDecrypt
TraceMessage
CryptGetUserKey
WmiQuerySingleInstanceA
WriteEncryptedFileRaw
RegSetValueExW
PrivilegeCheck
SetNamedSecurityInfoA
LsaSetDomainInformationPolicy
InitializeSecurityDescriptor
WmiFileHandleToInstanceNameW
RegSaveKeyW
ConvertSecurityDescriptorToAccessW
SaferiPopulateDefaultsInRegistry
CloseServiceHandle
LsaGetRemoteUserName
SetPrivateObjectSecurityEx
WmiMofEnumerateResourcesW
ImageList_Read
FlatSB_GetScrollRange
DrawStatusTextW
ImageList_AddMasked
MakeDragList
DllGetVersion
ImageList_Draw
InitMUILanguage
FlatSB_SetScrollInfo
ImageList_SetImageCount
DestroyPropertySheetPage
ImageList_GetDragImage
ImageList_Create
GetMUILanguage
ImageList_GetBkColor
DrawStatusTextA
ImageList_SetIconSize
FlatSB_SetScrollPos
CreatePropertySheetPageA
UninitializeFlatSB
PrintDlgA
GetOpenFileNameA
WantArrows
FindTextA
PrintDlgW
GetFileTitleW
ChooseColorW
PageSetupDlgA
GetFileTitleA
ChooseColorA
ReplaceTextW
CommDlgExtendedError
PrintDlgExA
LoadAlterBitmap
PageSetupDlgW
GetSaveFileNameA
ChooseFontA
dwOKSubclass
GetEnhMetaFileA
EngFillPath
OffsetRgn
EngEraseSurface
SetDeviceGammaRamp
MaskBlt
GetMetaRgn
GetBitmapBits
GdiPlayEMF
GetDeviceCaps
OffsetViewportOrgEx
EngBitBlt
GdiGetBatchLimit
GetBoundsRect
SetBkMode
GdiStartPageEMF
FrameRgn
DeviceCapabilitiesExW
EngLockSurface
EngCreateSemaphore
GetFontLanguageInfo
RealizePalette
CreateHatchBrush
EndFormPage
ClearBrushAttributes
CreateEllipticRgn
GdiGetPageCount
GetColorSpace
EnumObjects
EqualRgn
PolyPatBlt
EngComputeGlyphSet
EngPaint
CreateCompatibleDC
GdiAlphaBlend
GetFontUnicodeRanges
GdiSetServerAttr
EngUnlockSurface
Chord
EndPage
EngLineTo
GdiGetSpoolFileHandle
GetCharacterPlacementA
SetWindowExtEx
GdiAddGlsBounds
SetBitmapDimensionEx
GdiIsMetaPrintDC
ExtCreatePen
ResetDCW
SetThreadLocale
CreateJobObjectA
VerifyVersionInfoA
GetFileAttributesA
lstrlen
CreateJobObjectW
DebugBreak
ScrollConsoleScreenBufferW
GetTapeParameters
DisconnectNamedPipe
OpenFileMappingW
GetConsoleMode
GetVolumeInformationW
OpenFileMappingA
LZCreateFileW
SetErrorMode
FreeEnvironmentStringsW
GetThreadContext
CommConfigDialogA
TerminateJobObject
GetCommModemStatus
FindResourceExA
GetOverlappedResult
EnumCalendarInfoExW
GetDiskFreeSpaceW
RequestDeviceWakeup
IsBadHugeReadPtr
EnumResourceLanguagesA
GetStringTypeW
GetOEMCP
GetProfileIntW
TransmitCommChar
AddVectoredExceptionHandler
InitAtomTable
GetExpandedNameW
GetEnvironmentVariableA
FindClose
HeapDestroy
DeleteTimerQueue
GetPrivateProfileSectionNamesW
OutputDebugStringA
GetEnvironmentVariableW
InitializeCriticalSection
GlobalFindAtomW
FindNextVolumeA
RemoveDirectoryW
Beep
ReplaceFile
GlobalFindAtomA
FindNextVolumeW
FoldStringA
FatalAppExitW
EnumSystemLocalesA
CreateActCtxA
GetSystemDefaultLCID
SetFileShortNameA
EnumCalendarInfoW
WritePrivateProfileSectionA
SetProcessAffinityMask
GetPrivateProfileStringW
CreateMutexA
GetVolumeNameForVolumeMountPointA
LockFileEx
CreateDirectoryExW
SetEnvironmentVariableW
MoveFileExW
GetSystemDirectoryW
GetNumberOfConsoleMouseButtons
SetEnvironmentVariableA
GetModuleHandleExW
VirtualQuery
FindAtomA
DosPathToSessionPathA
BackupSeek
WriteConsoleW
EnterCriticalSection
FillConsoleOutputCharacterA
SetTapeParameters
MoveFileWithProgressW
lstrcmp
QueryPerformanceCounter
CallNamedPipeA
ClearCommError
LoadLibraryA
CopyFileW
GetDateFormatA
GetFileSize
CreateDirectoryA
DeleteFileA
FindActCtxSectionGuid
WaitForMultipleObjects
GetConsoleAliasesA
SetSystemTimeAdjustment
GetProcessHeap
CreateWaitableTimerW
AssignProcessToJobObject
GetFileSizeEx
ExpandEnvironmentStringsW
GetModuleHandleA
GetProfileStringA
ResetEvent
GetComputerNameExW
QueryInformationJobObject
GetBinaryTypeA
lstrcmpi
LocalSize
SetFileApisToOEM
TlsSetValue
PrepareTape
LeaveCriticalSection
DosDateTimeToFileTime
GetShortPathNameW
GetSystemInfo
GetProcessTimes
GlobalUnlock
IsDBCSLeadByte
GlobalAlloc
OpenFile
ProcessIdToSessionId
GetCommandLineW
MapUserPhysicalPages
GetConsoleInputExeNameA
QueryActCtxW
BackupRead
GetGeoInfoW
WritePrivateProfileStringW
SuspendThread
SetUserGeoID
GetGeoInfoA
PeekConsoleInputW
SetComputerNameW
RtlCaptureContext
UnlockFileEx
DeleteVolumeMountPointA
GetModuleHandleW
GetConsoleInputWaitHandle
GetFileAttributesExW
HeapCreate
WriteConsoleOutputCharacterA
TransactNamedPipe
LZClose
GetFileAttributesExA
GetProcessVersion
CoUnmarshalInterface
CoEnableCallCancellation
OleDraw
CoPopServiceDomain
CoRegisterSurrogate
PropSysAllocString
GetClassFile
CoMarshalInterThreadInterfaceInStream
OleGetAutoConvert
UtConvertDvtd16toDvtd32
HMETAFILE_UserSize
StringFromCLSID
CoDosDateTimeToFileTime
CoDisconnectObject
CreateFileMoniker
OleGetClipboard
SNB_UserFree
MkParseDisplayName
CLSIDFromString
CoTreatAsClass
CoRevokeMallocSpy
LoadTypeLib
VarUI8FromUI2
VariantCopyInd
VarUI1FromCy
VarCyFromI4
VarUI1FromStr
VARIANT_UserUnmarshal
VarI4FromBool
SafeArrayGetIID
VarDateFromR4
VarCyCmpR8
VarR8FromDisp
LHashValOfNameSysA
VarCyFromDec
OleIconToCursor
VarR4FromCy
VarUI4FromBool
OleLoadPicture
VarI1FromI4
SafeArrayLock
VarCySub
VarUI2FromI2
VarNeg
VarI8FromUI2
VarI1FromDisp
VarUI4FromDec
DispGetIDsOfNames
VarR4FromUI8
SetOaNoCache
RegisterTypeLib
VarBstrFromDisp
VarUI1FromUI8
VarI2FromDec
VarBstrFromR4
VarDateFromUI8
OleTranslateColor
VarI2FromUI8
VarDateFromUI4
VarCyFromBool
SafeArrayPutElement
SHGetFileInfoA
StrChrW
SHHelpShortcuts_RunDLL
SHLoadInProc
ExtractIconExA
SheChangeDirExW
ShellExecuteW
FreeIconList
DllInstall
InternalExtractIconListW
RealShellExecuteExA
OpenAs_RunDLL
SHFileOperation
SHGetFileInfoW
Control_RunDLL
SHLoadNonloadedIconOverlayIdentifiers
UrlCreateFromPathA
PathFindExtensionA
PathUndecorateW
SHGetInverseCMAP
UrlApplySchemeW
wvnsprintfW
PathRemoveArgsW
PathCommonPrefixW
UrlGetLocationA
SHRegEnumUSKeyA
SHRegisterValidateTemplate
PathFindSuffixArrayW
PathAppendA
StrCSpnIW
ColorRGBToHLS
PathMakeSystemFolderA
ColorHLSToRGB
PathStripToRootA
StrToIntExA
SHDeleteValueW
PathStripToRootW
PathFileExistsA
StrCmpLogicalW
StrStrIA
SHRegQueryUSValueA
SHRegSetUSValueA
StrFromTimeIntervalA
PathRemoveExtensionA
StrToInt64ExA
SHRegSetUSValueW
PathSetDlgItemPathW
StrCatBuffA
AssocQueryKeyW
PathMatchSpecW
SHQueryValueExA
UrlIsA
PathFindFileNameA
StrDupA
SHRegOpenUSKeyA
PathSkipRootW
PathIsNetworkPathA
StrPBrkW
ChangeDisplaySettingsW
GetMessagePos
GetMenuInfo
SetMenuItemBitmaps
DrawTextW
DrawStateA
BroadcastSystemMessageA
DrawAnimatedRects
DestroyMenu
LoadCursorFromFileA
PostQuitMessage
MessageBoxTimeoutA
LoadBitmapA
GetClipboardViewer
OemToCharBuffA
DispatchMessageA
WindowFromPoint
GetMessageTime
SetMenuItemInfoW
SetActiveWindow
GetMenuItemID
CharLowerBuffW
LoadBitmapW
IsWindowEnabled
GetClientRect
SetMenuDefaultItem
CopyAcceleratorTableA
GetNextDlgTabItem
CharPrevExA
GetWindowTextLengthA
LoadImageW
BlockInput
ShowCursor
GetUpdateRgn
GetWindowTextW
LoadImageA
CreateCursor
CharToOemW
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
DestroyWindow
GetUserObjectInformationW
GetClassInfoExW
CharNextExA
CheckRadioButton
MapVirtualKeyExW
GetMessageW
ShowWindow
GetCaretPos
SetWindowsHookA
GetNextDlgGroupItem
GetDesktopWindow
CharToOemBuffA
SetInternalWindowPos
GetClipboardFormatNameA
EnableWindow
CopyAcceleratorTableW
ChildWindowFromPoint
ArrangeIconicWindows
GetKeyNameTextA
GetProgmanWindow
GetWindow
CharUpperA
GetDlgItemInt
GetMenuBarInfo
EditWndProc
LoadStringA
BroadcastSystemMessageExW
CharLowerA
GetWindowPlacement
WindowFromDC
DrawMenuBar
IsWindow
BroadcastSystemMessageExA
OpenDesktopA
DrawFocusRect
EnumPropsA
GetKeyboardLayout
FlashWindow
MonitorFromPoint
CopyRect
DlgDirListW
OemToCharW
ToUnicode
GetWindowLongW
GetGUIThreadInfo
GetUserObjectSecurity
RegisterWindowMessageW
GetMonitorInfoW
MapVirtualKeyA
DefWindowProcW
GetMouseMovePointsEx
CharNextA
TrackMouseEvent
GetClipboardOwner
SetMenuContextHelpId
CheckMenuRadioItem
GetClipboardData
ToUnicodeEx
RegisterDeviceNotificationA
GetMessageExtraInfo
GetMenuState
SetClipboardViewer
PostMessageW
InvalidateRect
SwapMouseButton
SetWindowTextA
ShowCaret
DrawIconEx
CharUpperBuffW
GetRawInputDeviceInfoA
GetDlgItem
MenuWindowProcW
BringWindowToTop
CloseWindowStation
IsCharUpperA
LoadCursorA
LoadIconA
GetMenuStringA
CreateIconFromResourceEx
CreateIconFromResource
GetSystemMenu
TranslateAcceleratorA
PostThreadMessageA
OpenClipboard
CreateDialogIndirectParamW
ChildWindowFromPointEx
SetLayeredWindowAttributes
EndDialog
HideCaret
FindWindowW
PrivateExtractIconsA
LoadMenuW
RemoveMenu
RegisterClipboardFormatA
MessageBoxIndirectA
DialogBoxParamW
MessageBoxA
CascadeWindows
AdjustWindowRectEx
LoadCursorFromFileW
RegisterClassExA
UpdateLayeredWindow
CreateMDIWindowW
GetAltTabInfoA
IsWindowVisible
WinHelpW
SetCursorPos
SystemParametersInfoW
DeleteMenu
GetAltTabInfoW
wsprintfA
CharNextW
ChangeMenuA
DragObject
DefDlgProcA
AdjustWindowRect
ModifyMenuW
GetClassNameA
GetDlgItemTextW
VerLanguageNameA
GetFileVersionInfoA
VerFindFileW
VerInstallFileA
VerQueryValueW
VerLanguageNameW
VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueA
PlayGdiScriptOnPrinterIC
DocumentPropertiesW
AddPrinterDriverExW
SetPrinterDataW
EnumPortsW
ResetPrinterA
GetSpoolFileHandle
DeletePrinter
EnumFormsW
EnumPrinterDataW
PrinterProperties
DeletePrinterIC
StartPagePrinter
DeletePrinterKeyA
EnumPrinterDriversA
FlushPrinter
AddPrintProcessorW
SetPortW
FindNextPrinterChangeNotification
EnumPrinterKeyW
StartDocDlgW
PerfOpen
EXTDEVICEMODE
AddPortExA
AddPrintProvidorA
PerfClose
WSAConnect
WSAInstallServiceClassA
getnameinfo
ioctlsocket
WSACleanup
WSASocketW
getsockname
WSAAddressToStringA
htons
WSASetLastError
WSACancelAsyncRequest
WSALookupServiceBeginA
WSAJoinLeaf
WSAAsyncGetHostByName
WSCWriteProviderOrder
WSASend
WSALookupServiceEnd
WSARecvDisconnect
WSAGetServiceClassNameByClassIdW
listen
shutdown
WSAEventSelect
WSAGetOverlappedResult
getpeername
WSCWriteNameSpaceOrder
WSANtohs
WSASetEvent
WSACancelBlockingCall
WSALookupServiceBeginW
WSASendTo
recvfrom
WSCDeinstallProvider
connect
WTSVirtualChannelPurgeInput
WTSEnumerateSessionsA
WTSTerminateProcess
WTSVirtualChannelClose
WTSVirtualChannelPurgeOutput
WTSUnRegisterSessionNotification
WTSDisconnectSession
WTSSendMessageA
WTSWaitSystemEvent
WTSSetSessionInformationA
WTSCloseServer
WTSOpenServerA
WTSFreeMemory
WTSRegisterSessionNotification
WTSSetSessionInformationW
WTSSetUserConfigW
WTSOpenServerW
WTSVirtualChannelOpen
WTSQueryUserConfigW
WTSQuerySessionInformationA
WTSQueryUserToken
WTSVirtualChannelWrite
WTSVirtualChannelRead
WTSEnumerateProcessesW
WTSEnumerateServersW
WTSEnumerateProcessesA
WTSVirtualChannelQuery
WTSEnumerateServersA
Number of PE resources by type
RT_ICON 3
RT_DIALOG 3
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
RUSSIAN 5
NEUTRAL 4
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
65024

ImageVersion
0.0

ProductName
Downloader default

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Windows, Cyrillic

LinkerVersion
2.25

OriginalFilename
Downloader.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1, 0, 0, 1

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Downloader default

FileAccessDate
2014:11:23 20:42:27+01:00

ProductVersion
1, 0, 0, 1

FileDescription
Downloader default

OSVersion
4.0

FileCreateDate
2014:11:23 20:42:27+01:00

FileOS
Win32

LegalCopyright
Copyright c 2005 - 2013

MachineType
Intel 386 or later, and compatibles

CodeSize
428032

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x1804

ObjectFileType
Executable application

File identification
MD5 90c5115ed41d2f1e3a4f765f87c06961
SHA1 30801084241404f18f6a5b36c40afdf0733dcd1b
SHA256 c883a11036a8737f3e88225baeff306cad0bb887542c5bd2cd45d30fcb33d306
ssdeep
12288:HE5+0DcHWu+uE5XdRc4Fo1gj5UIv8yuzLhK:k5t6gumXTAgjmIu

authentihash 7fdbd0eccf7508238d66dc90ac4ab792bf1fe62702fa8dbefc825fb2c4346400
imphash 0bd81e331cc9076f308e07d997ef3a74
File size 482.5 KB ( 494080 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Windows Screen Saver (43.2%)
Win32 Dynamic Link Library (generic) (21.7%)
Win32 Executable (generic) (14.8%)
Win16/32 Executable Delphi generic (6.8%)
Generic Win/DOS Executable (6.6%)
Tags
peexe

VirusTotal metadata
First submission 2014-11-23 19:41:42 UTC ( 3 years, 6 months ago )
Last submission 2014-11-23 19:41:42 UTC ( 3 years, 6 months ago )
File names 90c5115ed41d2f1e3a4f765f87c06961
Downloader default
Downloader.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
HTTP requests
DNS requests
TCP connections