× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cf172de0027f3e37fea47087a594e2c222958a4f04ce9feef9fb8d0903dd83a8
File name: beb0212bd090ccc2e2cd7caace851434.virus
Detection ratio: 23 / 54
Analysis date: 2016-08-09 16:32:39 UTC ( 2 years, 7 months ago )
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Tobfy.N2074137139 20160809
Avast Win32:Malware-gen 20160809
AVG Generic_r.LWC 20160809
Avira (no cloud) TR/Crypt.Xpack.raqd 20160809
DrWeb Trojan.KillProc.44411 20160809
ESET-NOD32 a variant of Win32/Injector.DDEC 20160809
Fortinet W32/Injector.DDEC!tr 20160809
Ikarus Trojan.Win32.Injector 20160809
Jiangmin Trojan.Nymaim.qz 20160809
K7AntiVirus Riskware ( 0040eff71 ) 20160809
K7GW Riskware ( 0040eff71 ) 20160809
Kaspersky HEUR:Trojan.Win32.Generic 20160809
McAfee Generic.afi 20160809
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.dc 20160809
Microsoft PWS:Win32/Zbot 20160809
Panda Trj/GdSda.A 20160809
Qihoo-360 HEUR/QVM07.1.0000.Malware.Gen 20160809
Sophos AV Mal/Zbot-UM 20160809
Symantec Trojan.Zbot 20160809
Tencent Win32.Trojan.Generic.Pjwy 20160809
TrendMicro TROJ_GEN.R0EBC0EH616 20160809
TrendMicro-HouseCall TROJ_GEN.R0EBC0EH616 20160809
Yandex Trojan.Agent!e/2pdZIX0go 20160808
Ad-Aware 20160809
AegisLab 20160809
Alibaba 20160809
ALYac 20160809
Antiy-AVL 20160809
Arcabit 20160809
AVware 20160809
Baidu 20160809
BitDefender 20160809
Bkav 20160809
CAT-QuickHeal 20160809
ClamAV 20160809
CMC 20160804
Comodo 20160809
Cyren 20160809
Emsisoft 20160809
F-Prot 20160809
GData 20160809
Kingsoft 20160809
Malwarebytes 20160809
eScan 20160809
NANO-Antivirus 20160809
nProtect 20160809
SUPERAntiSpyware 20160809
TheHacker 20160806
TotalDefense 20160808
VBA32 20160809
VIPRE 20160809
ViRobot 20160809
Zillya 20160809
Zoner 20160809
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-07-19 17:20:49
Entry Point 0x00007816
Number of sections 4
PE sections
PE imports
SetPixel
SetBkMode
ExtTextOutW
SetTextColor
GetCharWidthW
GetLastError
GetStartupInfoA
LocalAlloc
GetModuleHandleA
lstrlenA
LocalFree
GetEnvironmentVariableW
VirtualFree
InterlockedDecrement
MultiByteToWideChar
SetEndOfFile
CreateFileMappingA
CreateFileA
FlushFileBuffers
GetModuleFileNameA
HeapReAlloc
GetACP
HeapDestroy
Ord(1775)
Ord(4080)
Ord(2362)
Ord(4710)
Ord(3597)
Ord(939)
Ord(3136)
Ord(693)
Ord(6375)
Ord(755)
Ord(3798)
Ord(2621)
Ord(3259)
Ord(5953)
Ord(5290)
Ord(2446)
Ord(5277)
Ord(815)
Ord(922)
Ord(641)
Ord(4353)
Ord(2514)
Ord(4402)
Ord(3640)
Ord(3092)
Ord(567)
Ord(1134)
Ord(941)
Ord(4465)
Ord(2863)
Ord(5300)
Ord(2293)
Ord(4627)
Ord(1168)
Ord(3738)
Ord(4853)
Ord(2982)
Ord(4234)
Ord(825)
Ord(3081)
Ord(5199)
Ord(5307)
Ord(6907)
Ord(4441)
Ord(4424)
Ord(540)
Ord(4078)
Ord(2554)
Ord(6376)
Ord(2294)
Ord(1727)
Ord(3370)
Ord(823)
Ord(2642)
Ord(2379)
Ord(2725)
Ord(4998)
Ord(800)
Ord(3749)
Ord(2512)
Ord(470)
Ord(4274)
Ord(5261)
Ord(4079)
Ord(1146)
Ord(3147)
Ord(2124)
Ord(2370)
Ord(2366)
Ord(3262)
Ord(1576)
Ord(3301)
Ord(5065)
Ord(4407)
Ord(3097)
Ord(3346)
Ord(858)
Ord(2396)
Ord(3831)
Ord(6374)
Ord(5280)
Ord(3825)
Ord(4425)
Ord(2976)
Ord(1089)
Ord(2985)
Ord(3922)
Ord(6052)
Ord(4160)
Ord(4376)
Ord(1776)
Ord(2582)
Ord(324)
Ord(3830)
Ord(2385)
Ord(3079)
Ord(6334)
Ord(2055)
Ord(4837)
Ord(5241)
Ord(2648)
Ord(5714)
Ord(5289)
Ord(2784)
Ord(4622)
Ord(561)
Ord(2302)
Ord(4486)
Ord(4698)
Ord(5163)
Ord(6055)
Ord(5265)
Ord(4673)
Ord(5302)
Ord(860)
Ord(5731)
_except_handler3
__CxxFrameHandler
_CxxThrowException
__p__fmode
_acmdln
??1type_info@@UAE@XZ
_adjust_fdiv
__setusermatherr
__p__commode
_setmbcp
__dllonexit
_onexit
exit
_XcptFilter
__getmainargs
_initterm
_controlfp
_exit
__set_app_type
GetErrorInfo
SysFreeString
VariantClear
VariantInit
SysAllocString
EmptyClipboard
GetSystemMetrics
IsIconic
AppendMenuA
EnableWindow
DrawIcon
FindWindowW
SendMessageA
GetClientRect
GetSystemMenu
GetDlgItemTextA
GetWindowPlacement
LoadIconA
CoCreateInstance
CoInitialize
OleRun
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2016:07:19 18:20:49+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
28672

LinkerVersion
7.0

EntryPoint
0x7816

InitializedDataSize
266240

SubsystemVersion
4.5

ImageVersion
0.0

OSVersion
4.4

UninitializedDataSize
0

File identification
MD5 beb0212bd090ccc2e2cd7caace851434
SHA1 ffa47dc13eee10347d0c1c671d409677ab2bb246
SHA256 cf172de0027f3e37fea47087a594e2c222958a4f04ce9feef9fb8d0903dd83a8
ssdeep
6144:EN7xkeFII8YmSH4ETbnZPjSmeSEdgGK8m:ENF9IzYlXZPemeSEJE

authentihash ec6794818d2d0adfe1921dfa9b16a5ffd19804278efc7a0db9173a820a99ecb5
imphash ae28af01afc87cd7754b2e8d85d40157
File size 292.0 KB ( 299008 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (78.5%)
Win32 Executable (generic) (11.3%)
Generic Win/DOS Executable (5.0%)
DOS Executable Generic (5.0%)
Tags
peexe

VirusTotal metadata
First submission 2016-08-09 16:32:39 UTC ( 2 years, 7 months ago )
Last submission 2016-08-09 16:32:39 UTC ( 2 years, 7 months ago )
File names beb0212bd090ccc2e2cd7caace851434.virus
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!