× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cfa9aebcbb5a15d68e2e5f56a22f50c5b045e94e33e0edd84f181e21bf796953
File name: vt-upload-oIsGK
Detection ratio: 28 / 45
Analysis date: 2013-07-23 06:57:06 UTC ( 1 year, 11 months ago )
Antivirus Result Update
AVG BackDoor.Generic17.XJU 20130723
AhnLab-V3 Backdoor/Win32.Androm 20130722
AntiVir TR/Malagent.A.5749 20130723
Avast MSIL:Injector-DB [Trj] 20130723
BitDefender Trojan.GenericKDZ.22939 20130723
Comodo UnclassifiedMalware 20130723
DrWeb BackDoor.Comet.152 20130723
ESET-NOD32 a variant of MSIL/Injector.BNC 20130722
Emsisoft Trojan.GenericKDZ.22939 (B) 20130723
Fortinet W32/Androm.YWA!tr.bdr 20130723
GData Trojan.GenericKDZ.22939 20130723
Ikarus Backdoor.Win32.Androm 20130723
K7AntiVirus Backdoor 20130722
K7GW Backdoor 20130722
Kaspersky Backdoor.Win32.Androm.ywa 20130723
Malwarebytes Trojan.MSIL 20130723
McAfee Artemis!108D6FB7081C 20130723
McAfee-GW-Edition Artemis!108D6FB7081C 20130723
Microsoft Trojan:Win32/Malagent 20130723
NANO-Antivirus Trojan.Win32.Androm.bxhjdc 20130723
Norman Troj_Generic.MYGIL 20130723
Panda Generic Malware 20130722
Sophos Mal/Generic-S 20130723
Symantec WS.Reputation.1 20130723
TheHacker Trojan/Generic.bnc 20130722
TrendMicro-HouseCall TROJ_GEN.R0CBB01GI13 20130723
VBA32 TScope.Trojan.MSIL 20130722
VIPRE Trojan.Win32.Generic!BT 20130723
Agnitum 20130722
Antiy-AVL 20130723
ByteHero 20130613
CAT-QuickHeal 20130723
ClamAV 20130723
Commtouch 20130723
F-Prot 20130723
Jiangmin 20130723
Kingsoft 20130723
MicroWorld-eScan 20130723
PCTools 20130723
Rising 20130722
SUPERAntiSpyware 20130723
TotalDefense 20130722
TrendMicro 20130723
ViRobot 20130723
nProtect 20130723
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-06-27 04:20:25
Link date 5:20 AM 6/27/2013
Entry Point 0x0003920E
Number of sections 3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileVersionNumber
23564.39289.56110.6693

UninitializedDataSize
0

LanguageCode
Unknown (E40A)

FileFlagsMask
0x003f

CharacterSet
Unknown (08A0)

InitializedDataSize
1536

MIMEType
application/octet-stream

TimeStamp
2013:06:27 05:20:25+01:00

FileType
Win32 EXE

PEType
PE32

FileDescription
Services and Controller app

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
226304

FileSubtype
0

ProductVersionNumber
23564.39289.56110.6693

EntryPoint
0x3920e

ObjectFileType
Executable application

File identification
MD5 108d6fb7081c73aabc955f69098341ab
SHA1 7a0f5d5762cc355f1ad85f7d04efb1d6eaed98af
SHA256 cfa9aebcbb5a15d68e2e5f56a22f50c5b045e94e33e0edd84f181e21bf796953
ssdeep
6144:2XERXJF6+8CdbEoWIRoqUMa3U1vYp2mK3Q:v5F6+8C1WJqUMa3U1Y

File size 223.0 KB ( 228352 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
Win16/32 Executable Delphi generic (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2013-07-17 21:38:44 UTC ( 1 year, 11 months ago )
Last submission 2013-07-23 06:57:06 UTC ( 1 year, 11 months ago )
File names vt-upload-xwbaT
vt-upload-DhpXt
vt-upload-oIsGK
vt-upload-F9SvU
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!