× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d3315b126a83c90a52fbf6e4fbdf1b3fefedcb0540d72dd31b774311f0b129c3
File name: WPF DataGrid CTRL
Detection ratio: 48 / 57
Analysis date: 2016-04-11 10:01:04 UTC ( 1 year, 1 month ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.64822 20160411
AegisLab Troj.W32.Generic!c 20160411
AhnLab-V3 Spyware/Win32.Zbot 20160410
ALYac Gen:Variant.Zusy.64822 20160411
Antiy-AVL Trojan[Spy]/Win32.Zbot 20160411
Arcabit Trojan.Zusy.DFD36 20160411
AVG PSW.Generic11.CMVG 20160411
Avira (no cloud) TR/Crypt.XPACK.Gen8 20160411
AVware Trojan.Win32.Generic!SB.0 20160411
Baidu-International Adware.Win32.Agent.Elnx 20160411
BitDefender Gen:Variant.Zusy.64822 20160411
Bkav W32.Clod876.Trojan.4b25 20160409
CAT-QuickHeal TrojanSpy.Zbot.Y 20160411
Comodo UnclassifiedMalware 20160411
Cyren W32/Trojan.XZSV-2723 20160411
DrWeb Trojan.PWS.Panda.2401 20160411
Emsisoft Gen:Variant.Zusy.64822 (B) 20160411
ESET-NOD32 Win32/Spy.Zbot.AAO 20160411
F-Secure Gen:Variant.Zusy.64822 20160411
Fortinet W32/Zbot.PKDP!tr 20160404
GData Gen:Variant.Zusy.64822 20160411
Ikarus Trojan.Win32.Kovter 20160411
Jiangmin TrojanSpy.Zbot.duvj 20160411
K7AntiVirus Riskware ( 0040eff71 ) 20160410
K7GW Riskware ( 0040eff71 ) 20160404
Kaspersky HEUR:Trojan.Win32.Generic 20160411
Kingsoft Win32.Troj.Zbot.PV.(kcloud) 20160411
Malwarebytes Ransom.Agent.RRE 20160411
McAfee GenericATG-FAPJ!76C1FE70CC48 20160411
McAfee-GW-Edition BehavesLike.Win32.Skintrim.dc 20160411
Microsoft PWS:Win32/Zbot 20160411
eScan Gen:Variant.Zusy.64822 20160411
NANO-Antivirus Trojan.Win32.Zbot.dgcsjy 20160410
nProtect Trojan-Spy/W32.ZBot.265728.AO 20160408
Panda Generic Malware 20160410
Qihoo-360 Win32/Trojan.Spy.6ef 20160411
Rising PE:Malware.Generic/QRS!1.9E2D [F] 20160411
Sophos Mal/Generic-S 20160411
SUPERAntiSpyware Trojan.Agent/Gen-Zusy 20160411
Symantec Trojan.Zbot 20160411
Tencent Win32.Trojan-spy.Zbot.Ajlp 20160411
TrendMicro TROJ_SPNR.3CJ713 20160411
TrendMicro-HouseCall TROJ_SPNR.3CJ713 20160411
VBA32 TrojanSpy.Zbot 20160410
VIPRE Trojan.Win32.Generic!SB.0 20160411
ViRobot Trojan.Win32.Z.Zbot.265728.C[h] 20160411
Yandex TrojanSpy.Zbot!fI2I7QStr1w 20160410
Zillya Trojan.Zbot.Win32.139396 20160409
Alibaba 20160411
Avast 20160411
Baidu 20160411
ClamAV 20160408
CMC 20160408
F-Prot 20160411
TheHacker 20160411
TotalDefense 20160411
Zoner 20160411
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2009-2013 - DefineSoft Lab.

Product WPF DataGrid Controller
Original name wpfdatagridctrl
Internal name WPF DataGrid CTRL
File version 3.5.1.2
Description WPF DataGrid Controller
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-09-18 10:05:02
Entry Point 0x0000350C
Number of sections 4
PE sections
PE imports
RegQueryValueExW
PrintDlgA
LineTo
SelectObject
CreateFontA
CreatePen
GetStockObject
TextOutA
CreateFontIndirectA
GetPixel
Arc
MoveToEx
SetBkColor
DeleteObject
Ellipse
Rectangle
CreateSolidBrush
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetModuleFileNameW
GlobalFree
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
LoadLibraryA
IsProcessorFeaturePresent
HeapSetInformation
GetCurrentProcess
GetStartupInfoW
GetFileType
GetConsoleMode
DecodePointer
GetCurrentProcessId
WideCharToMultiByte
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
LeaveCriticalSection
EncodePointer
GetProcessHeap
SetStdHandle
CompareStringW
RaiseException
GetCPInfo
LoadLibraryW
TlsFree
SetFilePointer
DeleteCriticalSection
ReadFile
SetUnhandledExceptionFilter
WriteFile
CloseHandle
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
SetEnvironmentVariableA
FreeLibrary
TerminateProcess
IsValidCodePage
HeapCreate
CreateFileW
TlsGetValue
Sleep
SetLastError
SetEndOfFile
TlsSetValue
CreateFileA
HeapAlloc
GetCurrentThreadId
InterlockedIncrement
ExitProcess
WriteConsoleW
MulDiv
RpcRevertToSelf
GetParent
LoadMenuA
OffsetRect
GetScrollPos
ShowWindow
EnumDisplayMonitors
GetSystemMetrics
SetWindowLongW
GetWindowRect
EndPaint
SetWindowPlacement
SetCapture
MoveWindow
MessageBoxA
DialogBoxParamA
GetWindow
SetScrollInfo
BeginPaint
IsWindowVisible
IsZoomed
SendMessageA
GetClientRect
CloseWindow
GetDlgItem
RegisterClassA
InvalidateRect
LoadIconW
GetWindowLongW
DestroyWindow
timeBeginPeriod
ClosePrinter
Number of PE resources by type
RT_MANIFEST 1
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
SWEDISH NEUTRAL 2
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.5.1.2

UninitializedDataSize
0

LanguageCode
Unknown (001D)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
29184

EntryPoint
0x350c

OriginalFileName
wpfdatagridctrl

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2009-2013 - DefineSoft Lab.

FileVersion
3.5.1.2

TimeStamp
2013:09:18 11:05:02+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
WPF DataGrid CTRL

ProductVersion
3.5.1.2

FileDescription
WPF DataGrid Controller

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
DefineSoft Lab.

CodeSize
235520

ProductName
WPF DataGrid Controller

ProductVersionNumber
3.5.1.2

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 76c1fe70cc482ff5ed46283c98ac7874
SHA1 9bb95bb9b142956a33d62358d64a921acce90e8c
SHA256 d3315b126a83c90a52fbf6e4fbdf1b3fefedcb0540d72dd31b774311f0b129c3
ssdeep
3072:DkRPx2PIqW9UAsI22pGkEJT6BdqnaIDZC1OTrvsGPmyIpOT4ov9kJz9sGv4+uU:Ds9dOA72NZJlnam7T7sGPmyIpmeJzSj

authentihash 7a62350bdd72e7881dff5b3094de419d0655a807fd261a56d0e3c308d78ba552
imphash c3d59c29df8586859e0533a0905693f1
File size 259.5 KB ( 265728 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2013-09-19 18:11:18 UTC ( 3 years, 8 months ago )
Last submission 2013-09-19 18:11:18 UTC ( 3 years, 8 months ago )
File names WPF DataGrid CTRL
9bb95bb9b142956a33d62358d64a921acce90e8c
wpfdatagridctrl
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.