× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cc6c121899a682d838b93889a4fa4d6c7a7b1523e1cc834dfea287aff2ef08bd
File name: issxesil.exe
Detection ratio: 36 / 56
Analysis date: 2015-10-21 05:43:30 UTC ( 3 years, 7 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.2794905 20151021
Yandex Backdoor.Androm!OEPz+AZT0bE 20151020
AhnLab-V3 Trojan/Win32.Teerac 20151021
ALYac Trojan.Ransom.cryptolocker 20151021
Antiy-AVL Trojan[Backdoor]/Win32.Androm 20151021
Arcabit Trojan.Generic.D2AA599 20151021
Avast Win32:Malware-gen 20151021
AVG Generic36.CFRU 20151020
Avira (no cloud) TR/AD.Teerac.Y.72 20151021
AVware Trojan.Win32.Generic!BT 20151021
Baidu-International Trojan.Win32.Injector.CKIQ 20151020
BitDefender Trojan.GenericKD.2794905 20151021
Bkav HW32.Packed.3A3B 20151020
Cyren W32/Trojan.QSYN-4485 20151020
DrWeb Trojan.PWS.Siggen1.42857 20151021
Emsisoft Trojan.GenericKD.2794905 (B) 20151021
ESET-NOD32 a variant of Win32/Injector.CKIQ 20151021
F-Secure Trojan.GenericKD.2794905 20151021
Fortinet W32/CKIQ!tr 20151021
GData Trojan.GenericKD.2794905 20151021
Ikarus Trojan.Win32.Injector 20151021
K7AntiVirus Trojan ( 004d403a1 ) 20151020
K7GW Trojan ( 004d403a1 ) 20151021
Kaspersky Backdoor.Win32.Androm.ilfk 20151021
McAfee Artemis!78CC33F7F5BE 20151021
McAfee-GW-Edition BehavesLike.Win32.Malware.fh 20151021
Microsoft Ransom:Win32/Teerac 20151021
eScan Trojan.GenericKD.2794905 20151021
NANO-Antivirus Trojan.Win32.Androm.dxyetz 20151021
nProtect Trojan.GenericKD.2794905 20151020
Panda Trj/Genetic.gen 20151020
Sophos AV Mal/Generic-S 20151021
Symantec Trojan.Gen.2 20151020
Tencent Win32.Backdoor.Androm.Akfs 20151021
VIPRE Trojan.Win32.Generic!BT 20151021
ViRobot Trojan.Win32.Z.Teerac.348160[h] 20151021
AegisLab 20151020
Alibaba 20151021
ByteHero 20151021
CAT-QuickHeal 20151021
ClamAV 20151021
CMC 20151016
Comodo 20151021
F-Prot 20151021
Jiangmin 20151020
Kingsoft 20151021
Malwarebytes 20151021
Qihoo-360 20151021
Rising 20151020
SUPERAntiSpyware 20151021
TheHacker 20151020
TrendMicro 20151021
TrendMicro-HouseCall 20151021
VBA32 20151020
Zillya 20151020
Zoner 20151021
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-10-11 21:35:50
Entry Point 0x000130E0
Number of sections 4
PE sections
PE imports
GetTempFileNameW
GetModuleHandleA
LoadLibraryW
DefineDosDeviceA
GetCommandLineA
GetDevicePowerState
Ord(324)
Ord(3825)
Ord(3147)
Ord(4080)
Ord(2124)
Ord(5199)
Ord(3749)
Ord(4627)
Ord(2385)
Ord(1168)
Ord(4853)
Ord(6375)
Ord(4622)
Ord(3136)
Ord(2982)
Ord(641)
Ord(3079)
Ord(2512)
Ord(3262)
Ord(4234)
Ord(1576)
Ord(1089)
Ord(1775)
Ord(2055)
Ord(4837)
Ord(5307)
Ord(5241)
Ord(3798)
Ord(6052)
Ord(3259)
Ord(4424)
Ord(3081)
Ord(2648)
Ord(5714)
Ord(2446)
Ord(3830)
Ord(4079)
Ord(4407)
Ord(4078)
Ord(2725)
Ord(5065)
Ord(5289)
Ord(2396)
Ord(5300)
Ord(6376)
Ord(561)
Ord(3831)
Ord(3346)
Ord(6374)
Ord(5280)
Ord(5302)
Ord(1727)
Ord(3597)
Ord(2976)
Ord(2985)
Ord(815)
Ord(4486)
Ord(3922)
Ord(3738)
Ord(4698)
Ord(4998)
Ord(5163)
Ord(4353)
Ord(2514)
Ord(5265)
Ord(4425)
Ord(4673)
Ord(2554)
Ord(5277)
Ord(4441)
Ord(4274)
Ord(4376)
Ord(5261)
Ord(4465)
Ord(5731)
_except_handler3
_acmdln
exit
__CxxFrameHandler
_exit
__p__commode
_ismbclower
_setmbcp
__dllonexit
_onexit
__setusermatherr
__p__fmode
_XcptFilter
__getmainargs
_initterm
_controlfp
_adjust_fdiv
__set_app_type
GetDesktopWindow
EnableWindow
GetFileTitleA
GetFileTitleW
CommDlgExtendedError
Number of PE resources by type
RT_ACCELERATOR 17
RT_ICON 8
RT_GROUP_ICON 8
RT_MENU 3
RT_DIALOG 2
HfwPY7K8 1
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
TATAR DEFAULT 14
ENGLISH BELIZE 14
ENGLISH TRINIDAD 13
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.97.87.139

UninitializedDataSize
0

LanguageCode
Unknown (WALL)

FileFlagsMask
0x003f

CharacterSet
Unknown (PAPERS)

InitializedDataSize
266240

EntryPoint
0x130e0

MIMEType
application/octet-stream

LegalCopyright
2016 (C) 2013

FileVersion
Actual 0,170,177,202

TimeStamp
2004:10:11 22:35:50+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Uninterpretable

ProductVersion
0,243,157,61

FileDescription
Serener Advisable Slogan

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Network Automation, Inc.

CodeSize
77824

ProductName
Triples Turtle

ProductVersionNumber
0.42.65.175

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 78cc33f7f5be12aa7871dd854de1741b
SHA1 4c65feb447a2484fb84f047798c7d99ebe5b8bb1
SHA256 cc6c121899a682d838b93889a4fa4d6c7a7b1523e1cc834dfea287aff2ef08bd
ssdeep
6144:3SYl4XXeRUt3zPl44SIp/JjyRnT3a8/hreMC4x8LK8S5Razb4nIhW:3SYGXXeMh44/p8RnT3a8xeMCpLK8S5R8

authentihash 1719e6d098515ea511ad879a1152ae721429ddaa114dbfd4cd241862ff19a92d
imphash 07993950d0ad7d6597377daa2f06cdeb
File size 340.0 KB ( 348160 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2015-10-13 12:47:20 UTC ( 3 years, 7 months ago )
Last submission 2015-10-26 06:19:50 UTC ( 3 years, 7 months ago )
File names issxesil.exe
TMPB9.tmp
ymekixhq.exe
yzosoxcf.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Opened mutexes
Runtime DLLs