× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: db66d255c973a9251de79537918c89bff66d4b5c4f5c16d984d2b86aeda40e4a
File name: 1069000
Detection ratio: 17 / 43
Analysis date: 2011-12-06 12:07:02 UTC ( 6 years, 10 months ago )
Antivirus Result Update
AntiVir ADSPY/NaviPromo.J 20111206
Antiy-AVL Trojan/win32.agent.gen 20111206
Avast Win32:PUP-gen [PUP] 20111206
AVG RelevantKnowledge 20111205
BitDefender Adware.Relevant.BH 20111206
DrWeb Adware.WebDevAz.2 20111206
Emsisoft Trojan.Win32.Gabba!IK 20111206
eSafe Win32.Trojan 20111204
F-Secure Adware.Relevant.BH 20111206
GData Adware.Relevant.BH 20111206
Ikarus Trojan.Win32.Gabba 20111206
Kaspersky not-a-virus:WebToolbar.Win32.RK.cr 20111205
NOD32 a variant of Win32/Adware.MarketScore.A 20111204
Norman W32/Suspicious_Gen2.TPOZW.dropper 20111206
Symantec WS.Reputation.1 20111206
VIPRE Trojan.Win32.Generic!BT 20111205
VirusBuster Adware.MarketScore!zitxnvecDX8 20111206
AhnLab-V3 20111205
ByteHero 20111129
CAT-QuickHeal 20111206
ClamAV 20111206
Commtouch 20111206
Comodo 20111206
eTrust-Vet 20111206
F-Prot 20111129
Fortinet 20111206
Jiangmin 20111205
K7AntiVirus 20111205
McAfee 20111206
McAfee-GW-Edition 20111206
Microsoft 20111206
nProtect 20111206
Panda 20111206
PCTools 20111206
Prevx 20111206
Rising 20111206
Sophos AV 20111206
SUPERAntiSpyware 20111206
TheHacker 20111201
TrendMicro 20111205
TrendMicro-HouseCall 20111206
VBA32 20111205
ViRobot 20111206
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT NSIS, UTF-8
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-12-05 22:50:41
Entry Point 0x000030CB
Number of sections 5
PE sections
PE imports
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
1 more function(s) imported by ordinal)
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2009:12:05 23:50:41+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
23040

LinkerVersion
6.0

EntryPoint
0x30cb

InitializedDataSize
119808

SubsystemVersion
4.0

ImageVersion
6.0

OSVersion
4.0

UninitializedDataSize
1024

File identification
MD5 c077a2204764d8e16e90fa2d51c85eb9
SHA1 968f4b4656e8ee6d9ee2844d050049e629c05756
SHA256 db66d255c973a9251de79537918c89bff66d4b5c4f5c16d984d2b86aeda40e4a
ssdeep
49152:4Z3mDLRDKCglbTNgJRYCAqJFBLrnPKW57D:4ZWXRD+sRiMFhnPKW5

File size 1.6 MB ( 1709312 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
Tags
nsis

VirusTotal metadata
First submission 2011-10-07 00:09:17 UTC ( 7 years ago )
Last submission 2011-12-06 12:07:02 UTC ( 6 years, 10 months ago )
File names lighthousestormdt.exe
1069784
1071544
968f4b4656e8ee6d9ee2844d050049e629c05756
968f4b4656e8ee6d9ee2844d050049e629c05756.bin
beachls.exe
7D164AD100419C2B15381AA2804843009B8E9A70.exe
redplanetss.exe
dlarg.php
1069000
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!