× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d16deee9f7bb18320be5ed19847dfff8913f6d65ef7960083e6d7fa4d3eba2a3
File name: d16deee9f7bb18320be5ed19847dfff8913f6d65ef7960083e6d7fa4d3eba2a3
Detection ratio: 4 / 56
Analysis date: 2015-10-10 16:20:12 UTC ( 3 years, 4 months ago ) View latest
Antivirus Result Update
ESET-NOD32 Win32/Sopinar.C 20151010
Kaspersky Trojan.Win32.Inject.vjit 20151010
Panda Generic Suspicious 20151010
Sophos AV Mal/Generic-S 20151010
Ad-Aware 20151010
AegisLab 20151010
Yandex 20151009
AhnLab-V3 20151010
Alibaba 20151010
ALYac 20151010
Antiy-AVL 20151010
Arcabit 20151010
Avast 20151010
AVG 20151010
AVware 20151010
Baidu-International 20151010
BitDefender 20151010
Bkav 20151010
ByteHero 20151010
CAT-QuickHeal 20151010
ClamAV 20151009
CMC 20151009
Comodo 20151010
Cyren 20151010
DrWeb 20151010
Emsisoft 20151010
F-Prot 20151010
F-Secure 20151010
Fortinet 20151010
GData 20151010
Ikarus 20151010
Jiangmin 20151008
K7AntiVirus 20151010
K7GW 20151010
Kingsoft 20151010
Malwarebytes 20151010
McAfee 20151010
McAfee-GW-Edition 20151010
Microsoft 20151010
eScan 20151010
NANO-Antivirus 20151010
nProtect 20151008
Qihoo-360 20151010
Rising 20151009
SUPERAntiSpyware 20151010
Symantec 20151010
Tencent 20151010
TheHacker 20151010
TotalDefense 20151010
TrendMicro 20151010
TrendMicro-HouseCall 20151010
VBA32 20151009
VIPRE 20151010
ViRobot 20151010
Zillya 20151010
Zoner 20151010
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-10-09 21:25:48
Entry Point 0x00005454
Number of sections 3
PE sections
PE imports
SelectObject
MoveToEx
SetMapMode
RestoreDC
CreateBitmap
SetWindowOrgEx
CreatePalette
SaveDC
SetBkColor
GetStretchBltMode
CreateDIBitmap
GetObjectW
GetClipBox
ExtSelectClipRgn
SelectClipRgn
DeleteObject
StretchBlt
CreatePenIndirect
CreateSolidBrush
GetLastError
IsValidCodePage
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetModuleFileNameW
GetVersionExW
FreeLibrary
LCMapStringA
CompareStringW
ExitProcess
IsBadWritePtr
TlsAlloc
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
EnumSystemLocalesA
GetEnvironmentStrings
GetLocaleInfoA
GetCPInfo
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FatalAppExitA
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetStringTypeA
GetCurrentThread
LeaveCriticalSection
HeapDestroy
SetFilePointer
HeapAlloc
WideCharToMultiByte
TlsFree
GetModuleHandleA
InterlockedExchange
WriteFile
GetStartupInfoA
CompareStringA
IsValidLocale
GetACP
HeapReAlloc
GetStringTypeW
GetUserDefaultLCID
SetEnvironmentVariableA
GetOEMCP
TerminateProcess
GetTimeZoneInformation
InitializeCriticalSection
HeapCreate
VirtualFree
InterlockedDecrement
Sleep
GetFileType
TlsSetValue
GetCurrentThreadId
GetVersion
GetLocaleInfoW
VirtualAlloc
SetConsoleCtrlHandler
SetLastError
InterlockedIncrement
PathRemoveExtensionA
CoUninitialize
StringFromCLSID
CLSIDFromString
CLSIDFromProgID
CoInitializeSecurity
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2015:10:09 22:25:48+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
57344

LinkerVersion
7.1

EntryPoint
0x5454

InitializedDataSize
61440

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 842255719fae98dd12640bec15d32109
SHA1 e21be369e642f7cff38c44bebd82d023c67873c3
SHA256 d16deee9f7bb18320be5ed19847dfff8913f6d65ef7960083e6d7fa4d3eba2a3
ssdeep
3072:g6T4fofyC73tpQGygcDZP+9827bC4U9xAGouent:gpfdCtkgcY8g9pGant

authentihash 1a47a9e61c5549d7f4403d2170143d6044032a9ae1ec7feac1fc1464d51ece28
imphash ee72a1b97891e4bb41b99503344b1356
File size 120.0 KB ( 122880 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (35.8%)
Win64 Executable (generic) (31.7%)
Windows screen saver (15.0%)
Win32 Dynamic Link Library (generic) (7.5%)
Win32 Executable (generic) (5.1%)
Tags
peexe

VirusTotal metadata
First submission 2015-10-10 16:20:12 UTC ( 3 years, 4 months ago )
Last submission 2015-10-10 16:20:12 UTC ( 3 years, 4 months ago )
File names DXCap.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Created mutexes
Runtime DLLs