× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cffff8359e4a3c932e9c060e59aa310f0acc64815bdb6281c33b7a078fce0379
File name: RSd.exe
Detection ratio: 1 / 44
Analysis date: 2013-08-05 23:08:33 UTC ( 4 years, 1 month ago )
Antivirus Result Update
DrWeb Win32.HLLW.Autoruner1.52890 20130805
Yandex 20130805
AhnLab-V3 20130805
AntiVir 20130805
Antiy-AVL 20130805
Avast 20130805
AVG 20130805
BitDefender 20130805
ByteHero 20130804
CAT-QuickHeal 20130805
ClamAV 20130805
Commtouch 20130805
Comodo 20130805
Emsisoft 20130805
ESET-NOD32 20130805
F-Prot 20130805
F-Secure 20130805
Fortinet 20130805
GData 20130805
Ikarus 20130805
Jiangmin 20130805
K7AntiVirus 20130805
K7GW 20130805
Kaspersky 20130805
Kingsoft 20130723
Malwarebytes 20130805
McAfee 20130805
McAfee-GW-Edition 20130805
Microsoft 20130805
eScan 20130805
NANO-Antivirus 20130805
Norman 20130805
nProtect 20130805
Panda 20130805
PCTools 20130805
Rising 20130805
Sophos AV 20130805
SUPERAntiSpyware 20130805
Symantec 20130805
TheHacker 20130805
TotalDefense 20130805
TrendMicro 20130805
TrendMicro-HouseCall 20130805
VBA32 20130805
VIPRE 20130805
ViRobot 20130805
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
FileVersionInfo properties
Copyright
Copyright (c) 2007 - 2013

Publisher Your Company
Product Your product name
Version 2, 0, 10, 861
File version 2, 0, 10, 861
Description This file is the main program(Executive Created by Jar2Exe v2.0, jar2exe.com)
Comments (Executive Created by Jar2Exe v2.0, jar2exe.com)
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-05-25 11:42:23
Entry Point 0x00013AFB
Number of sections 4
PE sections
PE imports
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
GetObjectA
DeleteDC
SelectObject
BitBlt
CreateCompatibleDC
DeleteObject
GetStdHandle
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
GetLocalTime
FreeEnvironmentStringsA
CreatePipe
GetCurrentProcess
GetLocaleInfoA
SetFileAttributesA
SetErrorMode
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetCPInfo
GetStringTypeA
WriteFile
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetOEMCP
LocalFree
MoveFileA
ResumeThread
GetExitCodeProcess
GetEnvironmentVariableA
LoadResource
FindClose
TlsGetValue
FormatMessageA
SetLastError
GetSystemTime
InitializeCriticalSection
ExitProcess
FlushFileBuffers
GetModuleFileNameA
EnumSystemLocalesA
SetThreadPriority
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
CreateThread
SetEnvironmentVariableW
DeleteCriticalSection
SetUnhandledExceptionFilter
ExitThread
SetEnvironmentVariableA
TerminateProcess
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
SetEvent
IsBadWritePtr
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
FreeLibrary
GetStartupInfoA
GetFileSize
DeleteFileA
GetUserDefaultLCID
CompareStringW
FindFirstFileA
GetDiskFreeSpaceA
CompareStringA
CreateFileMappingA
FindNextFileA
IsValidLocale
DuplicateHandle
GetProcAddress
GetTimeZoneInformation
CreateEventA
GetFileType
SetVolumeLabelA
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
SystemTimeToFileTime
LCMapStringW
UnmapViewOfFile
lstrlenA
LCMapStringA
GetEnvironmentStringsW
FileTimeToLocalFileTime
GetEnvironmentStrings
LockResource
SetFileTime
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
MapViewOfFile
SetFilePointer
ReadFile
CloseHandle
GetACP
GetVersion
SizeofResource
CreateProcessA
WideCharToMultiByte
IsValidCodePage
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
SetConsoleCtrlHandler
IsBadCodePtr
FindResourceA
VirtualAlloc
GetMessageA
GetSystemMetrics
SetTimer
LoadCursorA
TranslateMessage
UpdateWindow
DispatchMessageA
EndPaint
BeginPaint
PostMessageA
GetClientRect
DefWindowProcA
KillTimer
CreateWindowExA
ShowWindow
PostQuitMessage
GetClassInfoA
RegisterClassA
LoadBitmapA
MessageBoxA
PE exports
Number of PE resources by type
RT_ICON 3
RT_STRING 1
RT_VERSION 1
RT_RCDATA 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 7
PE resources
File identification
MD5 8de099ef8edf383cc1f7df2b91e3b3ad
SHA1 dcb025ed965f2cfe689604891e6c3a8e9a770065
SHA256 cffff8359e4a3c932e9c060e59aa310f0acc64815bdb6281c33b7a078fce0379
ssdeep
24576:3IV91+F+UUCCTGHlxiryPufATZMZ05uTCiE3jdR5PsI/kaS8aYWq+:301e+1TilxP/TZY05NiE3/5PLoHYk

File size 1.3 MB ( 1349865 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe armadillo

VirusTotal metadata
First submission 2013-08-05 23:08:33 UTC ( 4 years, 1 month ago )
Last submission 2013-08-05 23:08:33 UTC ( 4 years, 1 month ago )
File names RSd.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!