× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ca291c773d7c2a7522b3f7b895654f6f2ddce48b7e3f8422ba6d52d6da2b1d56
File name: 72276798d465d0608b0c1c40b6dd3936
Detection ratio: 14 / 54
Analysis date: 2016-02-13 18:30:50 UTC ( 3 years, 1 month ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Graftor.270313 20160213
Arcabit Trojan.Graftor.D41FE9 20160213
Avast Win32:Malware-gen 20160213
AVG Crypt5.AIHC 20160213
BitDefender Gen:Variant.Graftor.270313 20160213
ByteHero Trojan.Malware.Obscu.Gen.002 20160213
DrWeb Trojan.Packed.29982 20160213
Emsisoft Gen:Variant.Graftor.270313 (B) 20160213
ESET-NOD32 a variant of Win32/Kryptik.ENUL 20160213
Fortinet W32/Kryptik.ENUL!tr 20160213
Kaspersky Trojan-Spy.Win32.Zbot.wjtt 20160213
Malwarebytes Backdoor.Andromeda 20160213
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.dh 20160213
Qihoo-360 HEUR/QVM41.1.Malware.Gen 20160213
AegisLab 20160213
Yandex 20160211
AhnLab-V3 20160213
Alibaba 20160204
Antiy-AVL 20160211
Avira (no cloud) 20160213
Baidu-International 20160213
Bkav 20160204
CAT-QuickHeal 20160213
ClamAV 20160213
CMC 20160205
Comodo 20160213
Cyren 20160213
F-Prot 20160213
F-Secure 20160213
GData 20160213
Ikarus 20160213
Jiangmin 20160213
K7AntiVirus 20160213
K7GW 20160213
McAfee 20160213
Microsoft 20160213
eScan 20160213
NANO-Antivirus 20160213
nProtect 20160212
Panda 20160213
Rising 20160213
Sophos AV 20160213
SUPERAntiSpyware 20160213
Symantec 20160212
Tencent 20160213
TheHacker 20160213
TotalDefense 20160213
TrendMicro 20160213
TrendMicro-HouseCall 20160213
VBA32 20160212
VIPRE 20160213
ViRobot 20160213
Zillya 20160213
Zoner 20160213
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2004-2007(c) Newzie. All rights reserved.

Product Newzie
Original name Newzie.exe
Internal name Newzie.exe
File version 0.99.9
Description Newzie : News Aggregator
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-02-12 15:41:48
Entry Point 0x00003173
Number of sections 5
PE sections
Overlays
MD5 7691c74026c65571b1c02784bac6e2e2
File type data
Offset 247296
Size 512
Entropy 7.58
PE imports
CreateCompatibleDC
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
RequestDeviceWakeup
GetOEMCP
LCMapStringA
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
GetModuleFileNameA
RtlUnwind
LoadLibraryA
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetEnvironmentStrings
GetWindowsDirectoryW
GetLocaleInfoA
LocalAlloc
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
QueryPerformanceCounter
TlsFree
GetStartupInfoW
LeaveCriticalSection
CompareStringW
WideCharToMultiByte
GetStringTypeA
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
CompareStringA
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
SetEnvironmentVariableA
HeapAlloc
LocalFree
TerminateProcess
GetTimeZoneInformation
IsValidCodePage
HeapCreate
VirtualFree
TlsGetValue
Sleep
GetFileType
TlsSetValue
GetTickCount
GetCurrentThreadId
InterlockedIncrement
VirtualAlloc
GetCurrentProcessId
SetLastError
ResetEvent
SHGetPathFromIDListW
RedrawWindow
PeekMessageW
GetMenuItemRect
RegisterClassW
GetKeyboardType
GetQueueStatus
OpenClipboard
GetThreadDesktop
ArrangeIconicWindows
GetKeyState
VerQueryValueA
Number of PE resources by type
RT_DIALOG 3
RT_STRING 2
RT_RCDATA 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 5
NEUTRAL 3
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.9.9.9

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
205824

EntryPoint
0x3173

OriginalFileName
Newzie.exe

MIMEType
application/octet-stream

LegalCopyright
2004-2007(c) Newzie. All rights reserved.

FileVersion
0.99.9

TimeStamp
2016:02:12 16:41:48+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Newzie.exe

ProductVersion
0.99.9

FileDescription
Newzie : News Aggregator

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Newzie

CodeSize
40448

ProductName
Newzie

ProductVersionNumber
0.9.9.9

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 72276798d465d0608b0c1c40b6dd3936
SHA1 ee18fc8aa2f1b8491b66eda7891400e2d5fd3cbe
SHA256 ca291c773d7c2a7522b3f7b895654f6f2ddce48b7e3f8422ba6d52d6da2b1d56
ssdeep
6144:OL3HwocCvVq7jcw+rgoS7lsu/e5jxYz9iSX65PlW8:OzH390jB+rRSOu/iNYz9iJPlZ

authentihash 35ea2fb42b20f8f3f9922b2695ff6cd91a031f87a60c1ce47877f9e60dd5ccf7
imphash bd09f4e76ad1be99994e7d30dd07c745
File size 242.0 KB ( 247808 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-02-13 18:30:50 UTC ( 3 years, 1 month ago )
Last submission 2016-02-13 18:30:50 UTC ( 3 years, 1 month ago )
File names Newzie.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Created mutexes
Opened mutexes
Runtime DLLs
UDP communications