× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d0b0281eafaf8248abd4949e4b44a2ba04cb86ea61e1b98fd8a2b298d018d4d7
File name: tinbin.exe
Detection ratio: 17 / 53
Analysis date: 2014-06-13 15:14:26 UTC ( 3 years, 10 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Symmi.43078 20140613
AhnLab-V3 Dropper/Win32.Necurs 20140613
AntiVir TR/Crypt.ZPACK.73410 20140613
Avast Win32:Dropper-gen [Drp] 20140613
AVG Win32/Cryptor 20140613
Baidu-International Trojan.Win32.Badur.aMB 20140613
BitDefender Gen:Variant.Symmi.43078 20140613
Emsisoft Gen:Variant.Symmi.43078 (B) 20140613
ESET-NOD32 a variant of Win32/Injector.BFST 20140613
F-Secure Gen:Variant.Symmi.43078 20140613
GData Gen:Variant.Symmi.43078 20140613
Kaspersky Trojan.Win32.Badur.igah 20140613
Malwarebytes Trojan.Agent 20140613
Microsoft VirTool:Win32/Injector.gen!DZ 20140613
eScan Gen:Variant.Symmi.43078 20140613
Symantec Suspicious.Cloud.5 20140613
Tencent Win32.Trojan.Badur.Wugu 20140613
AegisLab 20140613
Yandex 20140612
Antiy-AVL 20140611
Bkav 20140613
ByteHero 20140613
CAT-QuickHeal 20140613
ClamAV 20140613
CMC 20140613
Commtouch 20140613
Comodo 20140613
DrWeb 20140613
F-Prot 20140613
Fortinet 20140613
Ikarus 20140613
Jiangmin 20140613
K7AntiVirus 20140613
K7GW 20140613
Kingsoft 20140613
McAfee 20140613
McAfee-GW-Edition 20140613
NANO-Antivirus 20140613
Norman 20140613
nProtect 20140613
Panda 20140613
Qihoo-360 20140613
Rising 20140613
Sophos AV 20140613
SUPERAntiSpyware 20140613
TheHacker 20140612
TotalDefense 20140613
TrendMicro 20140613
TrendMicro-HouseCall 20140613
VBA32 20140612
VIPRE 20140613
ViRobot 20140613
Zillya 20140612
Zoner 20140613
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-06-12 16:15:50
Entry Point 0x00002A02
Number of sections 4
PE sections
PE imports
AdjustTokenPrivileges
RegEnumValueW
RegCloseKey
OpenProcessToken
RegSetValueExW
RegQueryValueExA
LookupPrivilegeValueA
RegOpenKeyExW
RegCreateKeyW
RegSetValueExA
RegEnumValueA
SetThreadToken
RegOpenKeyExA
RegCreateKeyA
RegQueryInfoKeyA
RegQueryValueExW
SetMetaRgn
CreatePen
TextOutA
LPtoDP
GetClipBox
GetPixel
PolyDraw
DeleteDC
CreateDIBPatternBrush
GetBitmapDimensionEx
SetWindowOrgEx
BitBlt
GetFontLanguageInfo
CreateBitmapIndirect
CreateDIBPatternBrushPt
GetObjectA
CreateBitmap
DeleteColorSpace
GetStockObject
ScaleWindowExtEx
GetEnhMetaFileBits
CreateCompatibleDC
StretchBlt
ArcTo
CloseFigure
SelectObject
GetEnhMetaFilePixelFormat
SetPolyFillMode
CreateSolidBrush
Polyline
DPtoLP
BeginPath
DeleteObject
CreateCompatibleBitmap
GetStdHandle
GetFileAttributesA
FindFirstFileW
HeapDestroy
EncodePointer
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetTempPathA
GetCPInfo
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
GetExitCodeProcess
ResumeThread
TlsGetValue
SetFileAttributesW
SetLastError
PeekNamedPipe
CopyFileW
RemoveDirectoryW
CopyFileA
ExitProcess
FlushFileBuffers
RemoveDirectoryA
HeapSetInformation
EnumSystemLocalesA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
SetFilePointer
SetUnhandledExceptionFilter
ReadFile
IsProcessorFeaturePresent
DecodePointer
TerminateProcess
GlobalAlloc
GetVersion
LeaveCriticalSection
WriteConsoleW
CloseHandle
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
CreateJobSet
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetFileSize
DeleteFileA
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetModuleFileNameW
FindFirstFileA
GetCurrentThreadId
FindNextFileA
IsValidLocale
GetUserDefaultLCID
CreateFileW
IsDebuggerPresent
GetFileType
TlsSetValue
HeapAlloc
InterlockedIncrement
GetLastError
LCMapStringW
GlobalFree
GetConsoleCP
GetEnvironmentStringsW
GetModuleFileNameA
VirtualFree
GetEnvironmentStrings
GetCurrentProcessId
WideCharToMultiByte
HeapSize
GetCommandLineA
TlsFree
GetModuleHandleA
SetSystemPowerState
FindNextFileW
GetACP
GetModuleHandleW
CreateProcessA
IsValidCodePage
HeapCreate
GetTempPathW
CreateProcessW
Sleep
VirtualAlloc
StrRChrIA
StrRChrA
Ord(29)
RedrawWindow
GetMessagePos
LoadBitmapW
BroadcastSystemMessageA
DestroyMenu
GetGuiResources
LoadBitmapA
SetWindowPos
IsWindow
ScreenToClient
SetMenuItemInfoA
SetActiveWindow
GetMenuItemID
GetAsyncKeyState
ReleaseDC
GetDlgCtrlID
SendMessageW
SendMessageA
GetClassInfoW
DefWindowProcW
DrawTextW
LoadIconA
GetWindowTextLengthA
LoadImageW
GetActiveWindow
SendMessageCallbackW
LoadImageA
GetWindowTextA
PtInRect
GetParent
UpdateWindow
PostQuitMessage
SetClassLongW
EnumWindows
GetRawInputDeviceList
ShowWindow
DrawFrameControl
GetMenuState
PeekMessageW
GetTabbedTextExtentA
EnableWindow
CharUpperW
ShowWindowAsync
ChildWindowFromPoint
IsWindowEnabled
GetDlgItemTextW
SetClipboardData
InsertMenuItemA
LoadStringA
RegisterClassW
GetWindowPlacement
LoadStringW
DlgDirSelectComboBoxExA
EnableMenuItem
RegisterClassA
TrackPopupMenuEx
GetWindowLongA
CreateWindowExA
DlgDirListA
FillRect
CopyRect
IsWindowUnicode
CreateWindowExW
TabbedTextOutW
GetWindowLongW
DestroyWindow
GetMonitorInfoW
EmptyClipboard
PostMessageA
BeginPaint
OffsetRect
DefMDIChildProcW
keybd_event
KillTimer
CharNextA
TrackMouseEvent
GetClipboardOwner
CharPrevW
DefWindowProcA
CheckMenuRadioItem
GetClassNameA
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetMenuDefaultItem
SetCapture
ReleaseCapture
SetWindowLongA
GetKeyNameTextW
CheckDlgButton
CreateDialogParamW
SetWindowTextA
CheckMenuItem
DrawIconEx
SetWindowTextW
SetTimer
GetDlgItem
FindWindowW
ClientToScreen
GetClassLongA
InsertMenuA
FindWindowExA
GetLayeredWindowAttributes
TrackPopupMenu
GetMenuItemInfoA
IsDlgButtonChecked
GetDesktopWindow
LoadCursorW
GetSystemMenu
FindWindowExW
DispatchMessageW
SetForegroundWindow
ExitWindowsEx
OpenClipboard
GetCursorPos
EndPaint
SetLayeredWindowAttributes
EndDialog
SendInput
FindWindowA
CreatePopupMenu
RemoveMenu
GetWindowThreadProcessId
HiliteMenuItem
MessageBoxW
AppendMenuA
MessageBoxIndirectA
IsRectEmpty
DialogBoxParamW
MessageBoxA
AppendMenuW
GetWindowDC
MessageBoxIndirectW
GetSysColor
SetDlgItemTextW
GetKeyState
wvsprintfW
SetWindowWord
IsWindowVisible
SystemParametersInfoW
GetDC
DeleteMenu
InvalidateRect
wsprintfA
SendMessageTimeoutA
CharNextW
CallWindowProcW
GetClassNameW
GetClientRect
CallWindowProcA
IsMenu
SendMessageTimeoutW
wsprintfW
CloseClipboard
SetCursor
InternetConnectW
FtpSetCurrentDirectoryA
FtpCommandW
FtpOpenFileA
FtpDeleteFileA
DeleteUrlCacheEntry
InternetGetLastResponseInfoW
Number of PE resources by type
Struct(13) 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
ENGLISH US 1
PE resources
ExifTool file metadata
LegalTrademarks
Mail origin

SubsystemVersion
5.0

Comments
Tightly herd fed percent production

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.57.27.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Tower bee combine gasoline mirror stranger

CharacterSet
Unicode

InitializedDataSize
50176

EntryPoint
0x2a02

OriginalFileName
Combination.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright Screen negative mouse

FileVersion
7.57.27.0

TimeStamp
2014:06:12 17:15:50+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Combination

ProductVersion
7.57.27.0

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Underline stairs

CodeSize
50688

ProductName
Combination

ProductVersionNumber
7.57.27.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 dab012115fa267d95c1145a1eb41d38d
SHA1 cb6a585087980f79c6f142eea46ba18784985cb3
SHA256 d0b0281eafaf8248abd4949e4b44a2ba04cb86ea61e1b98fd8a2b298d018d4d7
ssdeep
3072:kyoRPcvwfWNvjMfj+G3bZCEznuYYpCCrx:jvwfMMfnAMKCCF

authentihash 9a0a66dbc747b85bfda22f4a7ed1b92e012c3201ab645e886742455cc1ea5cfc
imphash cc4627b2f7e164871f8a28da54050315
File size 99.5 KB ( 101888 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2014-06-13 15:14:26 UTC ( 3 years, 10 months ago )
Last submission 2016-12-23 05:46:59 UTC ( 1 year, 4 months ago )
File names tinbin.exe
d0b0281eafaf8248abd4949e4b44a2ba04cb86ea61e1b98fd8a2b298d018d4d7_Neutrino_Bot.kaf
setpwr32.exe
dab012115fa267d95c1145a1eb41d38d
twunk_32.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Created processes
Code injections in the following processes
Opened mutexes
Runtime DLLs