× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d8a9ac612e145d78244985f7a1cac00d0a3d1b8a15d5afb7590dd3b310706626
File name: adobe12.exe
Detection ratio: 20 / 50
Analysis date: 2014-02-14 00:24:36 UTC ( 3 years, 4 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.132542 20140214
AntiVir TR/Crypt.ZPACK.Gen 20140213
BitDefender Gen:Variant.Kazy.132542 20140214
Bkav HW32.CDB.9419 20140213
CAT-QuickHeal FraudTool.Security 20140213
Comodo TrojWare.Win32.Kryptik.AOBO 20140214
Emsisoft Gen:Variant.Kazy.132542 (B) 20140213
ESET-NOD32 a variant of Win32/Kryptik.ANBW 20140213
F-Secure Gen:Variant.Kazy.132542 20140213
Fortinet W32/Kryptik.XUW!tr 20140213
GData Gen:Variant.Kazy.132542 20140213
Kaspersky HEUR:Trojan.Win32.Generic 20140213
Microsoft PWS:Win32/Zbot.gen!Y 20140213
eScan Gen:Variant.Kazy.132542 20140214
Panda Suspicious file 20140213
Qihoo-360 Malware.QVM20.Gen 20140214
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 20140213
Symantec W32.Waledac.C!gen3 20140213
VBA32 SScope.Malware-Cryptor.SB.01724 20140213
VIPRE Packer.Win32.Mystic.a (v) 20140214
Yandex 20140212
AhnLab-V3 20140213
Antiy-AVL 20140213
Avast 20140214
AVG 20140214
Baidu-International 20140213
ByteHero 20140214
ClamAV 20140213
CMC 20140213
Commtouch 20140213
DrWeb 20140214
F-Prot 20140211
Ikarus 20140213
Jiangmin 20140213
K7AntiVirus 20140213
K7GW 20140213
Kingsoft 20140214
Malwarebytes 20140213
McAfee 20140213
McAfee-GW-Edition 20140213
NANO-Antivirus 20140213
Norman 20140213
nProtect 20140213
Sophos 20140213
SUPERAntiSpyware 20140213
TheHacker 20140212
TotalDefense 20140213
TrendMicro 20140214
TrendMicro-HouseCall 20140214
ViRobot 20140213
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
uMg2D

Publisher PpOiEb455t
Product mkY2IbiJJPzR
Original name uP49DiIDdN1
Internal name kuoHkHoeIWkC7U
File version 116.107.521.36217
Description BzMsGbgLsBz6E
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-12-19 12:21:21
Entry Point 0x000066E8
Number of sections 3
PE sections
PE imports
CallNamedPipeW
GetStdHandle
DeleteFiber
LoadLibraryA
EnumerateLocalComputerNamesA
GetStartupInfoA
GetCPInfoExA
FoldStringW
OpenConsoleW
FlushInstructionCache
GetTimeFormatW
InterlockedExchangeAdd
GetSystemDefaultUILanguage
ExpandEnvironmentStringsW
IsSystemResumeAutomatic
GetModuleHandleA
GlobalFlags
WriteFile
FindVolumeClose
GetTempFileNameA
EnumSystemLanguageGroupsW
GetACP
SetPriorityClass
FindResourceA
LocalSize
InterlockedPushEntrySList
GlobalAlloc
GetLogicalDriveStringsW
GetProcessVersion
FindFirstVolumeMountPointA
VirtualAlloc
SetLastError
_ultoa
_jn
_adj_fprem
fprintf
_sleep
printf
?set_unexpected@@YAP6AXXZP6AXXZ@Z
_wspawnvpe
___setlc_active_func
isalnum
_chdir
_sys_errlist
_mbslen
exit
_wsystem
_mbsnbset
_putch
_ungetwch
__p__commode
_splitpath
free
fwprintf
setbuf
__pxcptinfoptrs
__RTtypeid
_lseeki64
ctime
_tolower
_findnext
_isnan
time
__set_app_type
_global_unwind2
WSHNotify
WSHGetSockaddrType
WSHOpenSocket2
WSHStringToAddress
WSHJoinLeaf
WSHAddressToString
WSHIoctl
WSHSetSocketInformation
WSHGetWSAProtocolInfo
WSHEnumProtocols
WSHGetWildcardSockaddr
WSHOpenSocket
WSHGetProviderGuid
WSHGetSocketInformation
WSHGetWinsockMapping
Number of PE resources by type
RT_STRING 3
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
DUTCH BELGIAN 1
TURKISH NEUTRAL 1
DUTCH 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
125952

ImageVersion
5.1

ProductName
mkY2IbiJJPzR

FileVersionNumber
0.40960.4230.36496

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

LinkerVersion
9.0

OriginalFilename
uP49DiIDdN1

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
116.107.521.36217

TimeStamp
2007:12:19 13:21:21+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
kuoHkHoeIWkC7U

FileAccessDate
2014:02:14 01:24:51+01:00

ProductVersion
252.140.44158.39227

FileDescription
BzMsGbgLsBz6E

OSVersion
5.1

FileCreateDate
2014:02:14 01:24:51+01:00

FileOS
Windows NT 32-bit

LegalCopyright
uMg2D

MachineType
Intel 386 or later, and compatibles

CompanyName
PpOiEb455t

CodeSize
50688

FileSubtype
0

ProductVersionNumber
0.40960.4230.36496

EntryPoint
0x66e8

ObjectFileType
Executable application

File identification
MD5 c2f6e809f08a724b1038e3d72d9f6ed8
SHA1 a7dd97e61a3dff0e0ef3e1271d2f6be20381e70f
SHA256 d8a9ac612e145d78244985f7a1cac00d0a3d1b8a15d5afb7590dd3b310706626
ssdeep
3072:faqsO/DYPVVEWvWkh22ojKv8FyOp54RrQ2HqM2jM9:ro2GojKv8FyBrYM2j8

imphash 9584bfa92ca0e70bc62f2149db0ab53f
File size 122.7 KB ( 125665 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.1%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2014-02-14 00:24:36 UTC ( 3 years, 4 months ago )
Last submission 2014-02-14 00:24:36 UTC ( 3 years, 4 months ago )
File names uP49DiIDdN1
kuoHkHoeIWkC7U
adobe12.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!