× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cabd6a707a679f24d05dc9017033592b7edefb0d4ff28ab374db176c5488ca42
File name: cabd6a707a679f24d05dc9017033592b7edefb0d4ff28ab374db176c5488ca42
Detection ratio: 7 / 66
Analysis date: 2019-04-17 16:31:55 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Acronis suspicious 20190415
CrowdStrike Falcon (ML) win/malicious_confidence_80% (D) 20190212
FireEye Generic.mg.1e9a562ecf7a96dd 20190417
Sophos ML heuristic 20190313
Rising Trojan.Agent!8.B1E/N3#83% (RDM+:cmRtazrII5VuR6r9JCzzJ63o0+gb) 20190417
SentinelOne (Static ML) DFI - Malicious PE 20190407
Trapmine malicious.high.ml.score 20190325
Ad-Aware 20190417
AegisLab 20190417
AhnLab-V3 20190417
Alibaba 20190402
ALYac 20190417
Antiy-AVL 20190417
Arcabit 20190417
Avast 20190417
Avast-Mobile 20190415
AVG 20190417
Avira (no cloud) 20190417
Babable 20180918
Baidu 20190318
BitDefender 20190417
Bkav 20190416
CAT-QuickHeal 20190416
ClamAV 20190416
CMC 20190321
Comodo 20190417
Cybereason 20190417
Cyren 20190417
DrWeb 20190417
eGambit 20190417
Emsisoft 20190417
Endgame 20190403
ESET-NOD32 20190417
F-Secure 20190416
Fortinet 20190417
GData 20190417
Ikarus 20190416
Jiangmin 20190417
K7AntiVirus 20190417
K7GW 20190417
Kaspersky 20190417
Kingsoft 20190417
Malwarebytes 20190417
MAX 20190417
McAfee 20190417
McAfee-GW-Edition 20190416
Microsoft 20190417
eScan 20190417
NANO-Antivirus 20190417
Palo Alto Networks (Known Signatures) 20190417
Panda 20190416
Qihoo-360 20190417
Sophos AV 20190417
SUPERAntiSpyware 20190410
Symantec Mobile Insight 20190410
TACHYON 20190417
Tencent 20190417
TheHacker 20190411
TotalDefense 20190416
TrendMicro-HouseCall 20190417
Trustlook 20190417
VBA32 20190416
ViRobot 20190417
Yandex 20190416
Zillya 20190416
ZoneAlarm by Check Point 20190417
Zoner 20190417
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product Exciteatom
Original name Exciteatom.exe
File version 9.4.44.59
Description Exciteatom
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-04-17 10:33:58
Entry Point 0x0001FAC4
Number of sections 7
PE sections
PE imports
RegCreateKeyA
SystemFunction036
RegQueryValueExA
RegCloseKey
ExcludeClipRect
LineTo
SetBkMode
GetStdHandle
InterlockedPopEntrySList
SetEndOfFile
EncodePointer
CreateTimerQueue
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
EnumSystemLocalesW
FreeEnvironmentStringsW
InitializeSListHead
GetLocaleInfoW
SetStdHandle
GetCPInfo
WriteFile
GetSystemTimeAsFileTime
GetCommandLineA
GetThreadTimes
HeapReAlloc
GetStringTypeW
FreeLibrary
GetThreadPriority
FreeLibraryAndExitThread
FindClose
TlsGetValue
SignalObjectAndWait
InterlockedPushEntrySList
SetLastError
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
SetThreadPriority
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
DeleteTimerQueueTimer
RegisterWaitForSingleObject
CreateThread
InterlockedFlushSList
GetExitCodeThread
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
ExitThread
DecodePointer
TerminateProcess
GetModuleHandleExW
ChangeTimerQueueTimer
ReadConsoleW
GetCurrentThreadId
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
RtlUnwind
GetStartupInfoW
GetProcAddress
VirtualProtectEx
GetProcessHeap
QueryDepthSList
FindFirstFileExA
ResetEvent
CreateTimerQueueTimer
FindNextFileA
IsValidLocale
DuplicateHandle
GetUserDefaultLCID
GetProcessAffinityMask
CreateEventW
CreateFileW
GetNumaHighestNodeNumber
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GetConsoleCP
UnregisterWaitEx
GetEnvironmentStringsW
WaitForSingleObjectEx
SwitchToThread
UnregisterWait
GetCurrentProcessId
GetCommandLineW
GetCurrentDirectoryA
HeapSize
SetThreadAffinityMask
GetCurrentThread
RaiseException
ReleaseSemaphore
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetLogicalProcessorInformation
WideCharToMultiByte
IsValidCodePage
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
GetAsyncKeyState
GetMessagePos
UpdateWindow
EnumChildWindows
SetDlgItemInt
GetClassNameA
FindWindowA
GetWindowTextA
ShowWindow
InsertMenuItemA
GetDlgItemInt
GetDC
SetCursor
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
Exciteatom

UninitializedDataSize
0

InitializedDataSize
126976

ImageVersion
0.0

ProductName
Exciteatom

FileVersionNumber
9.4.44.59

LanguageCode
Neutral

FileFlagsMask
0x0000

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
ASCII

LinkerVersion
14.0

FileTypeExtension
exe

OriginalFileName
Exciteatom.exe

MIMEType
application/octet-stream

FileVersion
9.4.44.59

TimeStamp
2017:04:17 12:33:58+02:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
6.0

ProductVersion
9.4.44.59

FileDescription
Exciteatom

OSVersion
6.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
King point Oceanhouse Media

CodeSize
364544

FileSubtype
0

ProductVersionNumber
9.4.44.59

EntryPoint
0x1fac4

ObjectFileType
Executable application

File identification
MD5 1e9a562ecf7a96dd7173d24c438ff8f9
SHA1 0f1f17e67c0c7f46578ac013d7df33134280a5d5
SHA256 cabd6a707a679f24d05dc9017033592b7edefb0d4ff28ab374db176c5488ca42
ssdeep
12288:WGb1pPPdXhRE3PJHa6K3t52CsN4cBIs0c/yZbc:W47PPdXhRYBHa6K3u4cBIs0cq6

authentihash 34a4da9e7e148f49364a1de58b53c7074f58b7d021bb9a8cd8f9b689b96f5267
imphash b95590b11e390748292daecd4f039a53
File size 476.5 KB ( 487936 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2019-04-17 16:30:22 UTC ( 1 month, 1 week ago )
Last submission 2019-04-18 16:03:10 UTC ( 1 month, 1 week ago )
File names ovuujQe1.exe
ij7zqGdybMd9.exe
U2hAyTVQeuHh.exe
RiGGlTMI2t.exe
Yr5P6NSsu.exe
JCJdTepUk7km.exe
p3uC1mylQs.exe
AVjsCkepoAFb.exe
vSUfu5MMDl.exe
vAzzfikTQ4VS.exe
zjOPb5Yz.exe
KWLMtHhmGRI.exe
yBjUmSH3h.exe
bhZJXHS0.exe
UtPoK8ZFsQ.exe
CX0ye7mOGXs.exe
6LB140o1.exe
3TSlFTdmR.exe
m49sXpZDxr.exe
fqzkClOMxe2.exe
fMHYQtbn.exe
VnPPoW2Z.exe
838.exe
IEFhfabyVNE.exe
6sEzYCJ3.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!