× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d9125bca0f771f43db6f50d5877c9f45d0e6bed83331fb71597bfbb98ee8d0c6
File name: WZP3mMPV.exe
Detection ratio: 9 / 46
Analysis date: 2013-08-26 21:28:30 UTC ( 5 years, 8 months ago ) View latest
Antivirus Result Update
Emsisoft Trojan.Win32.Zbot (A) 20130826
Fortinet W32/Kryptik.FA!tr 20130826
Kaspersky Trojan-Spy.Win32.Zbot.oxda 20130826
Malwarebytes Malware.Packer.PDX 20130826
Panda Suspicious file 20130826
Sophos AV Mal/Generic-S 20130826
SUPERAntiSpyware Heur.Agent/Gen-WhiteBox 20130826
Symantec Suspicious.Cloud.5 20130826
VIPRE Trojan.Win32.Generic!SB.0 20130826
Yandex 20130826
AhnLab-V3 20130826
AntiVir 20130826
Antiy-AVL 20130826
Avast 20130826
AVG 20130826
BitDefender 20130826
ByteHero 20130814
CAT-QuickHeal 20130826
ClamAV 20130826
Commtouch 20130826
Comodo 20130826
DrWeb 20130826
ESET-NOD32 20130826
F-Prot 20130826
F-Secure 20130826
GData 20130826
Ikarus 20130826
Jiangmin 20130826
K7AntiVirus 20130826
K7GW 20130826
Kingsoft 20130723
McAfee 20130826
McAfee-GW-Edition 20130826
Microsoft 20130826
eScan 20130826
NANO-Antivirus 20130826
Norman 20130826
nProtect 20130826
PCTools 20130826
Rising 20130826
TheHacker 20130826
TotalDefense 20130826
TrendMicro 20130826
TrendMicro-HouseCall 20130826
VBA32 20130826
ViRobot 20130826
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2003-10-20 19:05:52
Entry Point 0x00002867
Number of sections 6
PE sections
PE imports
EndPage
GetPixel
EndDoc
UnrealizeObject
DPtoLP
GetTextAlign
GetUserDefaultLCID
lstrcpyW
FindResourceW
GetLogicalDrives
GetProcessHeap
GetKBCodePage
GetFocus
GetDC
VkKeyScanW
LoadBitmapA
GetMenuItemID
PE exports
Number of PE resources by type
RT_MENU 10
RT_ICON 1
MUI 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 13
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2003:10:20 20:05:52+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
31232

LinkerVersion
70.7

FileTypeExtension
exe

InitializedDataSize
232960

SubsystemVersion
5.1

EntryPoint
0x2867

OSVersion
22.14

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 0352cc2cc269754078e643238ed8a17a
SHA1 45ecc6ab519fd6937ea737bf4045e0acb83a153f
SHA256 d9125bca0f771f43db6f50d5877c9f45d0e6bed83331fb71597bfbb98ee8d0c6
ssdeep
6144:btX1X9IKKJrpFH1HRxMV5bucMYVCWtFj2HryCqL:RlGjhm6cFpj2LTk

authentihash fcf437f16fb77273319efed91a1369d2f8a4e0582a99e4b93271ecd77c7adfd9
imphash d64bbdb4b2dcb332be3c3637dd13d4d1
File size 259.0 KB ( 265216 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe

VirusTotal metadata
First submission 2013-08-26 16:48:00 UTC ( 5 years, 8 months ago )
Last submission 2016-05-25 04:30:40 UTC ( 2 years, 12 months ago )
File names PjSE.exe
14472566
output.14472566.txt
WZP3mMPV.ex
output.14471800.txt
0352cc2cc269754078e643238ed8a17a.exe
34147eaf4f56326f3b88c87764b50af97782adc1
QdytJso0.exe
RsZm.exe
45ECC6AB519FD6937EA737BF4045E0ACB83A153F.exe
WZP3mMPV.exe
Z7Mz3G.exe
file-5886798_exe
test
PjSE.exe.01.vir
007884660
7CXzT.exe
RsZm.exe-ChSjc9
14471800
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!