× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cdf0db6fb425081059db73b3ea5d03d225f0d5b93cad784078169c05a1607838
File name: SBotP_1.0.38.exe
Detection ratio: 25 / 58
Analysis date: 2017-02-18 12:39:17 UTC ( 2 years, 3 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Barys.2668 20170218
AegisLab Uds.Dangerousobject.Multi!c 20170218
ALYac Gen:Variant.Barys.2668 20170218
Arcabit Trojan.Barys.DA6C 20170218
Avast Win32:Malware-gen 20170218
AVware Trojan.Win32.Generic!BT 20170218
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9998 20170217
BitDefender Gen:Variant.Barys.2668 20170218
Bkav W32.Clod55b.Trojan.b8c3 20170218
CAT-QuickHeal (Suspicious) - DNAScan 20170217
ClamAV Win.Trojan.Agent-5461780-0 20170218
Cyren W32/Trojan.RGFP-3929 20170218
Emsisoft Gen:Variant.Barys.2668 (B) 20170218
Endgame malicious (moderate confidence) 20170217
F-Secure Gen:Variant.Barys.2668 20170218
GData Gen:Variant.Barys.2668 20170218
Kaspersky UDS:DangerousObject.Multi.Generic 20170218
McAfee Artemis!B159794BE0DD 20170218
McAfee-GW-Edition Artemis 20170217
eScan Gen:Variant.Barys.2668 20170218
Qihoo-360 Win32/Trojan.09d 20170218
Rising Trojan.Generic (cloud:paE1NCJUzVO) 20170218
Symantec Trojan.Gen.2 20170217
TrendMicro-HouseCall TROJ_GEN.R01BH09LT16 20170218
VIPRE Trojan.Win32.Generic!BT 20170218
AhnLab-V3 20170217
Alibaba 20170217
Antiy-AVL 20170218
AVG 20170218
Avira (no cloud) 20170218
CMC 20170218
Comodo 20170218
CrowdStrike Falcon (ML) 20170130
DrWeb 20170218
ESET-NOD32 20170218
F-Prot 20170218
Fortinet 20170218
Ikarus 20170218
Sophos ML 20170203
Jiangmin 20170218
K7AntiVirus 20170218
K7GW 20170218
Kingsoft 20170218
Malwarebytes 20170218
Microsoft 20170218
NANO-Antivirus 20170218
nProtect 20170218
Panda 20170218
Sophos AV 20170218
SUPERAntiSpyware 20170218
Tencent 20170218
TheHacker 20170217
TrendMicro 20170218
Trustlook 20170218
VBA32 20170217
ViRobot 20170218
Webroot 20170218
WhiteArmor 20170215
Yandex 20170217
Zillya 20170216
Zoner 20170218
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(C)2008-2015 by Botcave Software Development

Product SBot
Original name SBot.exe
Internal name SBot
File version 1, 0, 0, 1
Description SBot - Ultimate bot for Silkroad Online
Packers identified
F-PROT embedded
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-06-22 22:42:32
Entry Point 0x01C01600
Number of sections 9
PE sections
PE imports
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegQueryValueExA
AdjustTokenPrivileges
RegOpenKeyExA
PrintDlgA
PageSetupDlgA
GetOpenFileNameA
ChooseColorA
CommDlgExtendedError
GetSaveFileNameA
ChooseFontA
SetMapMode
GetPaletteEntries
GetCharABCWidthsA
CombineRgn
SetPixel
EndDoc
CopyEnhMetaFileA
CreatePalette
EqualRgn
CreateDIBitmap
GetDIBits
ExtCreateRegion
SetTextAlign
StretchBlt
StretchDIBits
GetTextMetricsA
SetWindowExtEx
Arc
ExtCreatePen
SetBkColor
GetBkColor
GetEnhMetaFileA
GetDIBColorTable
DeleteEnhMetaFile
GetSystemPaletteEntries
GetClipBox
Pie
TextOutA
CreateFontIndirectA
CreateRectRgnIndirect
GetPixel
ExcludeClipRect
SetBkMode
RectInRegion
PtInRegion
GetRegionData
BitBlt
GetObjectA
SetAbortProc
SelectPalette
ExtSelectClipRgn
SetROP2
EndPage
GetNearestPaletteIndex
GetTextColor
PolyPolygon
DeleteObject
CreateCompatibleDC
PatBlt
CreatePen
SetStretchBltMode
Rectangle
GetDeviceCaps
CreateDCA
LineTo
DeleteDC
StartPage
RealizePalette
CreateHatchBrush
CreatePatternBrush
OffsetRgn
CreateBitmap
GetStockObject
GdiFlush
SelectClipRgn
RoundRect
GetTextExtentPoint32A
SetWindowOrgEx
SelectObject
CreateICA
Polygon
GetRgnBox
SaveDC
MaskBlt
GetTextExtentExPointA
RestoreDC
CreateDIBSection
SetTextColor
ExtFloodFill
MoveToEx
SetViewportOrgEx
EnumFontFamiliesExA
PolyBezier
SetBrushOrgEx
CreateRectRgn
SetViewportExtEx
StartDocA
SetPolyFillMode
Ellipse
CreateSolidBrush
Polyline
CreateCompatibleBitmap
ExtractIconA
DragFinish
DragAcceptFiles
ShellExecuteEx
ExtractIconEx
SHBrowseForFolder
SHGetSpecialFolderLocation
DragQueryPoint
SHGetPathFromIDList
SHGetFolderPathA
SHGetMalloc
DragQueryFile
PathRemoveFileSpecA
PathAppendA
PathFileExistsA
RedrawWindow
GetMessagePos
SetWindowRgn
UnregisterHotKey
DestroyWindow
DrawStateA
DestroyMenu
PostQuitMessage
GetForegroundWindow
LoadBitmapA
SetWindowPos
DdeDisconnect
DdeCreateStringHandleA
IsWindow
DispatchMessageA
ClientToScreen
GetWindowLongA
VkKeyScanA
SetMenuItemInfoA
WindowFromPoint
GetMessageTime
GetDC
GetCursorPos
DrawTextA
DdeInitializeA
GetClassInfoA
wvsprintfA
GetMenu
UnregisterClassA
GetWindowTextLengthA
DefFrameProcA
GetClientRect
CallNextHookEx
DdeFreeDataHandle
IsClipboardFormatAvailable
GetActiveWindow
RegisterHotKey
GetUpdateRgn
LoadImageA
GetMenuStringA
GetWindowTextA
ChangeDisplaySettingsA
GetKeyState
DdeQueryStringA
PtInRect
GetMessageA
ShowCursor
GetParent
UpdateWindow
EnumWindows
DefWindowProcA
ShowWindow
DrawFrameControl
ValidateRect
TranslateMDISysAccel
EnableWindow
PeekMessageA
ChildWindowFromPoint
TranslateMessage
IsWindowEnabled
GetWindow
InsertMenuItemA
SetWindowsHookExA
GetIconInfo
SetParent
SetClipboardData
ScrollWindow
IsZoomed
DdeConnect
DrawMenuBar
IsIconic
RegisterClassA
DrawFocusRect
CreateMenu
DdeClientTransaction
FlashWindow
CopyRect
DeferWindowPos
CloseWindow
EndPaint
GetUpdateRect
GetWindowInfo
CreateAcceleratorTableA
MapWindowPoints
CreateWindowExA
OpenIcon
DrawEdge
PostMessageA
BeginPaint
OffsetRect
SetFocus
ReleaseCapture
keybd_event
KillTimer
MessageBoxA
DefMDIChildProcA
CheckMenuRadioItem
GetSystemMetrics
EnableMenuItem
DdeGetData
GetWindowRect
InflateRect
IsDialogMessage
SetCapture
DrawIcon
GetMenuState
SetWindowLongA
InvalidateRect
CreatePopupMenu
CheckMenuItem
GetSubMenu
DrawIconEx
SetTimer
DdeGetLastError
CreateDialogParamA
SetCursor
BringWindowToTop
ScreenToClient
InsertMenuA
CreateDialogIndirectParamA
LoadCursorA
LoadIconA
TrackPopupMenu
EnumDisplaySettingsA
SendMessageA
GetMenuItemCount
DestroyAcceleratorTable
GetDesktopWindow
GetSystemMenu
FillRect
SetForegroundWindow
PostThreadMessageA
OpenClipboard
GetAsyncKeyState
ReleaseDC
IntersectRect
GetScrollInfo
HideCaret
CreateIconIndirect
GetCapture
SetWindowTextA
MessageBeep
RemoveMenu
GetWindowThreadProcessId
DdeCreateDataHandle
BeginDeferWindowPos
AppendMenuA
UnhookWindowsHookEx
RegisterClipboardFormatA
MoveWindow
DdePostAdvise
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
SetScrollInfo
GetMenuItemInfoA
EndDeferWindowPos
SystemParametersInfoA
IsWindowVisible
DdeNameService
SetCursorPos
UnionRect
DdeUninitialize
wsprintfA
TranslateAccelerator
CallWindowProcA
GetClassNameA
GetFocus
CloseClipboard
GetDlgItem
ModifyMenuA
SetMenu
DdeFreeStringHandle
OpenPrinterA
DocumentPropertiesA
ClosePrinter
getsockopt
setsockopt
socket
__WSAFDIsSet
bind
send
inet_addr
accept
ioctlsocket
WSAStartup
gethostbyname
WSAGetLastError
connect
WSACleanup
closesocket
inet_ntoa
htons
recv
select
listen
ImageList_GetImageCount
ImageList_BeginDrag
ImageList_Destroy
ImageList_DragLeave
ImageList_Draw
ImageList_GetIconSize
InitCommonControls
ImageList_DragEnter
CreateStatusWindowA
ImageList_DragMove
ImageList_Create
ImageList_Add
ImageList_ReplaceIcon
ImageList_SetDragCursorImage
ImageList_EndDrag
CreateUpDownControl
SymGetSymFromAddr
StackWalk
SymFunctionTableAccess
SymGetModuleBase
GetStdHandle
GetDriveTypeW
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
lstrlen
HeapDestroy
EncodePointer
GetFileAttributesW
GetExitCodeProcess
DeleteCriticalSection
HeapReAlloc
GetConsoleMode
GetLocaleInfoA
LocalAlloc
ExpandEnvironmentStringsA
SetErrorMode
GetFileInformationByHandle
GetThreadContext
GetLocaleInfoW
SetStdHandle
GetTempPathA
GetCPInfo
GetDiskFreeSpaceW
InterlockedExchange
WriteFile
FormatMessageW
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
GetStringTypeW
GetFullPathNameA
GetOEMCP
LocalFree
MoveFileA
ResumeThread
GetEnvironmentVariableA
OutputDebugStringW
FindClose
InterlockedDecrement
FormatMessageA
GetFullPathNameW
OutputDebugStringA
SetLastError
PeekNamedPipe
OpenThread
InitializeCriticalSection
WriteProcessMemory
GetModuleFileNameW
TryEnterCriticalSection
CopyFileA
HeapAlloc
GetVersionExA
GetModuleFileNameA
HeapSetInformation
EnumSystemLocalesA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetLocalTime
FlushInstructionCache
CreateMutexA
GetModuleHandleA
LockFileEx
CreateThread
SetUnhandledExceptionFilter
GetCurrentProcess
CreateMutexW
IsProcessorFeaturePresent
UnlockFile
ExitThread
DecodePointer
SetEnvironmentVariableA
SetThreadContext
TerminateProcess
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
GetProcAddress
SetCurrentDirectoryA
WriteConsoleW
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
GetSystemTime
TerminateThread
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
GlobalSize
LeaveCriticalSection
GetDateFormatA
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetStartupInfoW
ReadProcessMemory
DeleteFileW
GetUserDefaultLCID
GetProcessHeap
CreateFileMappingW
CompareStringW
FreeEnvironmentStringsW
FindFirstFileExA
FindFirstFileA
HeapValidate
GetTimeFormatA
GetTempFileNameA
CreateFileMappingA
FindNextFileA
IsValidLocale
GlobalLock
GetTimeZoneInformation
CreateFileW
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
SystemTimeToFileTime
LCMapStringW
VirtualAllocEx
GetSystemInfo
GlobalFree
GetConsoleCP
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
VirtualQuery
HeapCompact
WaitForSingleObjectEx
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
LockFile
WideCharToMultiByte
HeapSize
GetCommandLineA
InterlockedCompareExchange
UnmapViewOfFile
GetCurrentThread
SuspendThread
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
UnlockFileEx
GetACP
GetModuleHandleW
GetFileAttributesExW
CreateProcessA
IsValidCodePage
HeapCreate
GetTempPathW
Sleep
OleUninitialize
OleInitialize
CoLockObjectExternal
ReleaseStgMedium
CoCreateGuid
RegisterDragDrop
CoCreateInstance
OleFlushClipboard
RevokeDragDrop
OleGetClipboard
OleIsCurrentClipboard
OleSetClipboard
Ord(2)
Number of PE resources by type
RT_ICON 35
RT_GROUP_ICON 25
RT_GROUP_CURSOR 11
RT_CURSOR 11
RT_MANIFEST 2
RT_BITMAP 2
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 87
NEUTRAL 1
PE resources
ExifTool file metadata
SubsystemVersion
5.1

InitializedDataSize
5373908

ImageVersion
0.0

ProductName
SBot

FileVersionNumber
1.0.0.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

LinkerVersion
10.0

FileTypeExtension
exe

OriginalFileName
SBot.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1, 0, 0, 1

TimeStamp
2015:06:22 23:42:32+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
SBot

ProductVersion
1, 0, 0, 1

FileDescription
SBot - Ultimate bot for Silkroad Online

OSVersion
5.1

FileOS
Win32

LegalCopyright
(C)2008-2015 by Botcave Software Development

MachineType
Intel 386 or later, and compatibles

CompanyName
Botcave Software Development

CodeSize
3551744

FileSubtype
0

ProductVersionNumber
1.0.0.1

EntryPoint
0x1c01600

ObjectFileType
Dynamic link library

PE resource-wise parents
Compressed bundles
File identification
MD5 b159794be0dd3b396d343c0134446377
SHA1 d3ebd3393586a57a1d5d8a2299ad593a06c41b7d
SHA256 cdf0db6fb425081059db73b3ea5d03d225f0d5b93cad784078169c05a1607838
ssdeep
196608:ExHgkHMVNGylg2oi89QRF0movJElMoSiCwtKtVw799w5Z7HhW:ErMVNGymfTQRF/Go5GO799aHhW

authentihash a4a42c1597ce2c83da3a5aeb55c1be0a3100541b64d10aee8666c2982a52fc2f
imphash 1016df8c42951e66770799e9750a79d2
File size 28.1 MB ( 29417472 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe

VirusTotal metadata
First submission 2016-09-12 22:49:46 UTC ( 2 years, 8 months ago )
Last submission 2019-02-28 14:09:54 UTC ( 2 months, 3 weeks ago )
File names SBotP_1.0.38.exe
SBotP_1.0.38.exe
SBot.exe
cdf0db6fb425081059db73b3ea5d03d225f0d5b93cad784078169c05a1607838
SBot
SBotP_1.0.38.exe
CDF0DB6FB425081059DB73B3EA5D03D225F0D5B93CAD784078169C05A1607838.dat
SBotP_1.0.38.exe
SBotP_1.0.38.exe
SBOT.exe
gSBotP_1.0.38.exe
cdf0db6fb4250810_sbotp_1.0.38.exe
cdf0db6fb4250810_sbot.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!