× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cc4bdb4e6fad10b9b3bf07e0177310df63e48314c7946189af6119585a32155d
File name: cc4bdb4e6fad10b9b3bf07e0177310df63e48314c7946189af6119585a32155d.bin
Detection ratio: 12 / 56
Analysis date: 2015-07-01 12:24:25 UTC ( 3 years, 8 months ago )
Antivirus Result Update
Avast Win32:Malware-gen 20150701
AVG Inject2.CJYD 20150701
ESET-NOD32 a variant of Win32/Kryptik.DNKJ 20150701
K7AntiVirus Trojan ( 004c6eda1 ) 20150701
K7GW Trojan ( 004c6eda1 ) 20150701
Kaspersky Trojan-Spy.Win32.Zbot.vpsf 20150701
Malwarebytes Backdoor.Bot 20150701
Microsoft PWS:Win32/Zbot 20150701
Panda Generic Suspicious 20150701
Qihoo-360 HEUR/QVM10.1.Malware.Gen 20150701
Sophos AV Mal/Generic-S 20150701
Symantec Trojan.Gen.2 20150701
Ad-Aware 20150701
AegisLab 20150701
Yandex 20150630
AhnLab-V3 20150701
Alibaba 20150630
ALYac 20150701
Antiy-AVL 20150701
Arcabit 20150630
Avira (no cloud) 20150701
AVware 20150701
Baidu-International 20150701
BitDefender 20150701
Bkav 20150701
ByteHero 20150701
CAT-QuickHeal 20150701
ClamAV 20150701
Comodo 20150701
Cyren 20150701
DrWeb 20150701
Emsisoft 20150701
F-Prot 20150701
F-Secure 20150701
Fortinet 20150701
GData 20150701
Ikarus 20150701
Jiangmin 20150630
Kingsoft 20150701
McAfee 20150701
McAfee-GW-Edition 20150701
eScan 20150701
NANO-Antivirus 20150701
nProtect 20150701
Rising 20150701
SUPERAntiSpyware 20150701
Tencent 20150701
TheHacker 20150701
TotalDefense 20150701
TrendMicro 20150701
TrendMicro-HouseCall 20150701
VBA32 20150701
VIPRE 20150701
ViRobot 20150701
Zillya 20150701
Zoner 20150701
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Bdrive Inc. All rights reserved.

Publisher Bdrive Inc
Product NetDrive2
Original name NetDrive2.exe
Internal name NetDrive2.exe
File version 2.4.3.0
Description NetDrive2
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-06-24 10:21:27
Entry Point 0x0003BDE1
Number of sections 5
PE sections
PE imports
FillRgn
DeleteDC
RestoreDC
SelectObject
GetTextExtentPoint32A
GetStockObject
CreateSolidBrush
BitBlt
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
ImmGetDefaultIMEWnd
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
LoadLibraryW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
IsProcessorFeaturePresent
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
GetConsoleMode
DecodePointer
GetCurrentProcessId
UnhandledExceptionFilter
WideCharToMultiByte
ExitProcess
TlsGetValue
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
EncodePointer
GetFileType
SetStdHandle
GetModuleHandleA
GetCPInfo
GetModuleFileNameW
TlsFree
SetFilePointer
HeapSetInformation
SetUnhandledExceptionFilter
WriteFile
SetConsoleTitleA
CloseHandle
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
TerminateProcess
IsValidCodePage
HeapCreate
CreateFileW
InterlockedDecrement
Sleep
SetLastError
TlsSetValue
CreateFileA
HeapAlloc
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
LeaveCriticalSection
SafeArrayGetLBound
SafeArrayGetDim
VariantTimeToSystemTime
SafeArrayGetUBound
SetSuspendState
GetProcessMemoryInfo
RasDialDlgA
SHGetFileInfoA
SHGetPathFromIDListA
PathRemoveArgsA
CreateWindowExA
GetForegroundWindow
UpdateWindow
EndDialog
LoadMenuA
PostQuitMessage
DefWindowProcA
SetWindowTextA
DrawFrameControl
FindWindowA
GetSystemMetrics
AppendMenuA
DispatchMessageA
EndPaint
LoadImageA
MessageBoxA
SetWindowLongA
IsWindowEnabled
GetWindow
SetActiveWindow
RegisterClassExA
GetCursorPos
DrawTextA
BeginPaint
CreatePopupMenu
wsprintfA
ShowWindow
IsWindowVisible
SendMessageA
SetForegroundWindow
CreateMenu
GetDlgItem
IsIconic
RegisterClassA
TrackPopupMenuEx
GetWindowLongA
GetWindowTextLengthA
SetTimer
LoadCursorA
CopyRect
CallWindowProcA
EnableWindow
GetWindowTextA
GetKeyboardLayoutList
DestroyWindow
GdipGetDC
GdipGetImageHeight
GdipCreateFromHWND
GdipGetDpiX
GdiplusStartup
GdipGetImageWidth
GdipGetDpiY
GdipDrawImageRectI
GdipDeleteGraphics
Number of PE resources by type
RT_STRING 8
RT_HTML 7
RT_CURSOR 7
RT_DIALOG 3
RT_MANIFEST 1
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 28
PE resources
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.4.3.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
71168

EntryPoint
0x3bde1

OriginalFileName
NetDrive2.exe

MIMEType
application/octet-stream

LegalCopyright
Bdrive Inc. All rights reserved.

FileVersion
2.4.3.0

TimeStamp
2015:06:24 11:21:27+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
NetDrive2.exe

ProductVersion
2.4.3.0

FileDescription
NetDrive2

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Bdrive Inc

CodeSize
281600

ProductName
NetDrive2

ProductVersionNumber
2.4.3.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 5591e65446a52c2f70110b016945456a
SHA1 967d1242b3f080726566526cc4372b72f5377892
SHA256 cc4bdb4e6fad10b9b3bf07e0177310df63e48314c7946189af6119585a32155d
ssdeep
6144:Fn6BqR6P1stccGeB8PcLvCtTP6t+cxq8rLfyz2EutbUYD:F6B4estccGeB8ULqtTP6t+cxq6LfyzaJ

authentihash b07b215e75fab1a2331fbe06608f3a9af7fbd3b3cf05d982cf25621cee2a1096
imphash 33b08bf33417892ba19874ad754633f4
File size 345.5 KB ( 353792 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2015-06-24 12:23:01 UTC ( 3 years, 9 months ago )
Last submission 2015-06-24 12:23:01 UTC ( 3 years, 9 months ago )
File names NetDrive2.exe
cc4bdb4e6fad10b9b3bf07e0177310df63e48314c7946189af6119585a32155d.bin
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Copied files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.