× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: daa5aad4bf8b76554da98632b52b21aaa759469b0dbbf9095d0557c590c341c2
File name: a448b22707d353cd9ae891d9d6e2ee9ce80ed5a0
Detection ratio: 30 / 47
Analysis date: 2013-12-08 13:27:12 UTC ( 5 years, 3 months ago )
Antivirus Result Update
Ad-Aware Gen:Trojan.Heur.Hype.jyW@ayq@nrbc 20131208
AntiVir TR/Crypt.XPACK.Gen2 20131208
Avast Win32:Crypt-QFQ [Trj] 20131208
AVG Crypt2.BYJW 20131208
BitDefender Gen:Trojan.Heur.Hype.jyW@ayq@nrbc 20131208
Comodo TrojWare.Win32.Kryptik.BNML 20131208
DrWeb Trojan.LoadMoney.227 20131208
Emsisoft Gen:Trojan.Heur.Hype.jyW@ayq@nrbc (B) 20131208
ESET-NOD32 Win32/LoadMoney.AA 20131208
F-Secure Gen:Trojan.Heur.Hype.jyW@ayq@nrbc 20131208
Fortinet W32/LdMon.D!tr 20131208
GData Gen:Trojan.Heur.Hype.jyW@ayq@nrbc 20131208
Ikarus Trojan.Win32.Badur 20131208
Jiangmin Trojan/Badur.bou 20131208
K7AntiVirus Trojan ( 0040f6d61 ) 20131207
K7GW Trojan ( 0040f6d61 ) 20131207
Kaspersky not-a-virus:Downloader.Win32.LMN.glul 20131208
Malwarebytes PUP.Optional.LoadMoney 20131208
McAfee PUP-FFD!20884AF0B078 20131208
McAfee-GW-Edition PUP-FFD!20884AF0B078 20131208
eScan Gen:Trojan.Heur.Hype.jyW@ayq@nrbc 20131208
NANO-Antivirus Trojan.Win32.StartPage.cqkybg 20131208
Norman Kryptik.CCYN 20131208
Panda Trj/Genetic.gen 20131208
Rising PE:Malware.LMN!6.F70 20131206
Sophos AV Troj/LdMon-D 20131208
Symantec Suspicious.Cloud.5 20131208
TrendMicro-HouseCall TROJ_GEN.F47V1207 20131208
VBA32 Malware-Cryptor.Limpopo 20131206
VIPRE Trojan.Win32.Generic.pak!cobra 20131208
Yandex 20131207
AhnLab-V3 20131208
Antiy-AVL 20131208
Baidu-International 20131208
Bkav 20131207
ByteHero 20131127
CAT-QuickHeal 20131208
ClamAV 20131208
Commtouch 20131208
F-Prot 20131208
Kingsoft 20130829
Microsoft 20131208
nProtect 20131208
SUPERAntiSpyware 20131207
TheHacker 20131204
TotalDefense 20131206
TrendMicro 20131208
ViRobot 20131208
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00001018
Number of sections 6
PE sections
PE imports
BuildCommDCBA
LocalSize
GetCurrencyFormatA
GetVersionExW
IsBadReadPtr
SetLocaleInfoW
GetEnvironmentVariableW
SetThreadExecutionState
WritePrivateProfileStringW
CoInitializeWOW
WTSTerminateProcess
WTSCloseServer
WTSQueryUserConfigA
VerLanguageNameA
GetPrivateProfileSectionNamesA
EnumUILanguagesA
GetDriveTypeW
GlobalDeleteAtom
GetLargestConsoleWindowSize
QueryPerformanceCounter
LZInit
CreateMailslotA
LoadLibraryA
LockFile
GetVolumeInformationA
VirtualQueryEx
WriteFile
GetThreadTimes
QueryDosDeviceA
FormatMessageW
InitializeCriticalSection
LocalFileTimeToFileTime
GetDiskFreeSpaceExW
GetVersion
SleepEx
UtConvertDvtd32toDvtd16
CreateObjrefMoniker
OleDestroyMenuDescriptor
GetDesktopWindow
WTSRegisterSessionNotification
WTSEnumerateSessionsA
WTSVirtualChannelClose
WTSQueryUserConfigA
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_RCDATA 1
RT_GROUP_ICON 1
Number of PE resources by language
RUSSIAN 4
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
96768

LinkerVersion
2.25

EntryPoint
0x1018

InitializedDataSize
23552

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 20884af0b078028d1d251d3750291a77
SHA1 db24614ddf0b05ceb3df84a5f717dc30fc770448
SHA256 daa5aad4bf8b76554da98632b52b21aaa759469b0dbbf9095d0557c590c341c2
ssdeep
3072:gKspJED1t1TYvLEIoh73BVlffIL7+4NaskiidoFWMUjOp:RLse13BV63adoUOp

File size 148.5 KB ( 152064 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2013-12-07 17:48:26 UTC ( 5 years, 3 months ago )
Last submission 2013-12-08 13:27:12 UTC ( 5 years, 3 months ago )
File names a448b22707d353cd9ae891d9d6e2ee9ce80ed5a0
db24614ddf0b05ceb3df84a5f717dc30fc770448
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!