× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cd55d49d013aa594374a24535b263a7a70d300445ef87ee9658a0e2f3103eb80
File name: contacts.exe
Detection ratio: 35 / 42
Analysis date: 2012-03-31 15:31:12 UTC ( 5 years, 4 months ago )
Antivirus Result Update
AhnLab-V3 Downloader/Win32.Small 20120330
AntiVir TR/Crypt.XPACK.Gen 20120330
Antiy-AVL Trojan/win32.agent.gen 20120331
Avast Win32:Crypt-LWR [Trj] 20120331
AVG Downloader.Generic12.BJAM 20120331
BitDefender Gen:Trojan.Heur.GZ.biW@b8k5GYb 20120331
ClamAV Trojan.Agent-271923 20120331
Commtouch W32/Menti.B3.gen!Eldorado 20120330
Comodo UnclassifiedMalware 20120331
DrWeb Trojan.Packed.22297 20120331
Emsisoft Trojan.Win32.Spy!IK 20120331
eTrust-Vet Win32/Small.AGV 20120331
F-Prot W32/Menti.B3.gen!Eldorado 20120330
F-Secure Gen:Trojan.Heur.GZ.biW@b8k5GYb 20120331
Fortinet W32/Drwex.A 20120331
GData Gen:Trojan.Heur.GZ.biW@b8k5GYb 20120331
Ikarus Trojan.Win32.Spy 20120331
Jiangmin Trojan/Generic.zqyf 20120331
K7AntiVirus Riskware 20120331
Kaspersky Trojan-Downloader.Win32.Small.cgwk 20120331
McAfee Generic Downloader.io 20120331
McAfee-GW-Edition Generic Downloader.io 20120331
Microsoft TrojanDownloader:Win32/Drstwex.A 20120331
NOD32 a variant of Win32/TrojanDownloader.Drstwex.A 20120331
Norman W32/Troj_Generic.ANJIM 20120331
Panda Generic Trojan 20120331
Sophos AV Mal/Drwex-A 20120331
SUPERAntiSpyware Trojan.Agent/Gen-MultiDrop 20120329
Symantec Suspicious.Cloud.5 20120331
TheHacker Trojan/Downloader.Drstwex.a 20120331
TrendMicro TROJ_GEN.R47C9CI 20120331
TrendMicro-HouseCall TROJ_GEN.R47C9CI 20120331
VBA32 TrojanDownloader.Small.cgwk 20120330
VIPRE Trojan.Win32.Drwex.aa (v) 20120331
VirusBuster Trojan.DL.Drstwex.Gen!Pac.4 20120331
ByteHero 20120328
CAT-QuickHeal 20120331
eSafe 20120328
nProtect 20120331
PCTools 20120326
Rising 20120331
ViRobot 20120331
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-03-13 17:58:50
Entry Point 0x00001375
Number of sections 2
PE sections
PE imports
EnumFontsA
CreateThread, ExitProcess, GetLastError, GetTickCount, Sleep, WaitForSingleObject
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2012:03:13 18:58:50+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
30208

LinkerVersion
5.12

EntryPoint
0x1375

InitializedDataSize
384

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 fe7f96be4982e4486a9c93abf5977a7a
SHA1 fdd1343cfa531674cd4cb65dec8b6389e7634476
SHA256 cd55d49d013aa594374a24535b263a7a70d300445ef87ee9658a0e2f3103eb80
ssdeep
192:I6ARi/jHXl9BO3OHgh0aNqUJ1s1T33zMxQ:I6WAj3TIeHZvv1jjoQ

File size 30.5 KB ( 31232 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2012-03-14 20:19:16 UTC ( 5 years, 5 months ago )
Last submission 2012-03-31 15:31:12 UTC ( 5 years, 4 months ago )
File names contacts.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!