× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: dc36d538b7a1ee404dfd6e104b9a1edd7046526e55b3f911beea2b422a0eb625
File name: 464f4c6477613aaaf1f8195b5e77cab0
Detection ratio: 32 / 52
Analysis date: 2014-05-16 16:14:44 UTC ( 3 years, 7 months ago )
Antivirus Result Update
Ad-Aware Trojan.Generic.8975894 20140516
AntiVir TR/Crypt.XPACK.Gen 20140516
Antiy-AVL Trojan/Win32.TSGeneric 20140516
Avast Win64:Malware-gen 20140516
AVG Win32/DH.FF820278{Mw} 20140516
Baidu-International Adware.Win64.iBryte.BS 20140516
BitDefender Trojan.Generic.8975894 20140516
Comodo UnclassifiedMalware 20140516
DrWeb Trojan.Rodricter.58 20140516
Emsisoft Trojan.Win64.Kryptik (A) 20140516
ESET-NOD32 a variant of Win64/Kryptik.BS 20140516
F-Secure Trojan.Generic.8975894 20140516
Fortinet W64/Simda.BD!tr 20140516
GData Trojan.Generic.8975894 20140516
Ikarus Trojan.SuspectCRC 20140516
K7AntiVirus Riskware ( 0040eff71 ) 20140516
K7GW Riskware ( 0040eff71 ) 20140516
Malwarebytes Trojan.Agent.NR 20140516
McAfee Generic.dx!464F4C647761 20140516
McAfee-GW-Edition Generic.dx!464F4C647761 20140516
eScan Trojan.Generic.8975894 20140516
NANO-Antivirus Trojan.Win64.Rodricter.bpfoyo 20140516
Norman Troj_Generic.KMUXZ 20140516
nProtect Trojan.Generic.8975894 20140516
Panda Trj/OCJ.E 20140516
Qihoo-360 Win32/Trojan.135 20140516
Rising PE:Trojan.Win32.Generic.147DEA04!343796228 20140507
Sophos AV Troj/Agent-ABJG 20140516
Symantec Trojan.Gen.2 20140516
Tencent Win32.Trojan.Crypt.baqh 20140516
TheHacker Trojan/Kryptik.bq 20140515
VIPRE Backdoor.Win64.Simda.bg (v) 20140516
AegisLab 20140516
Yandex 20140516
AhnLab-V3 20140516
Bkav 20140516
ByteHero 20140516
CAT-QuickHeal 20140516
ClamAV 20140516
CMC 20140516
Commtouch 20140516
F-Prot 20140516
Jiangmin 20140516
Kaspersky 20140516
Kingsoft 20140516
Microsoft 20140516
SUPERAntiSpyware 20140516
TotalDefense 20140516
TrendMicro 20140516
TrendMicro-HouseCall 20140516
VBA32 20140516
ViRobot 20140516
Zillya 20140516
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
PE header basic information
Target machine x64
Compilation timestamp 2010-02-26 07:43:11
Entry Point 0x00001068
Number of sections 5
PE sections
PE imports
Module32FirstW
ExitVDM
Module32NextW
OpenMutexW
GetCommandLineA
VirtualAlloc
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
AMD AMD64

TimeStamp
2010:02:26 08:43:11+01:00

FileType
Win64 EXE

PEType
PE32+

CodeSize
12288

LinkerVersion
5.0

FileAccessDate
2014:05:16 17:17:42+01:00

EntryPoint
0x1068

InitializedDataSize
397312

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

FileCreateDate
2014:05:16 17:17:42+01:00

UninitializedDataSize
0

File identification
MD5 464f4c6477613aaaf1f8195b5e77cab0
SHA1 59d83ad05c6fb4ef1d17636692fa8cd9c60fffc1
SHA256 dc36d538b7a1ee404dfd6e104b9a1edd7046526e55b3f911beea2b422a0eb625
ssdeep
3072:F9POz49Ls/lGdLmirORfqfPChQ88OYZKaFectI1OURm/DjCnU8i68i+Yjt4NPsl:uzSLWlG6yfPCt8nEOtKKCnx86J4Bsz

imphash c4ed218cb8696987d3da56394a39a89d
File size 173.5 KB ( 177664 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI)

TrID Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
Tags
64bits peexe

VirusTotal metadata
First submission 2013-04-19 15:10:28 UTC ( 4 years, 7 months ago )
Last submission 2014-05-16 16:14:44 UTC ( 3 years, 7 months ago )
File names oiBS.kwu
po.exe
1438bh51ova3si-0.exe
464f4c6477613aaaf1f8195b5e77cab0
unknown.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!