× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: dd19e544ce60070bd6f17d9e895809b31df3514cae50017d4c780c7eca4df06c
File name: TTDnZR9KSP2WK7.exe
Detection ratio: 12 / 67
Analysis date: 2018-04-06 05:23:30 UTC ( 10 months, 2 weeks ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180404
Bkav HW32.Packed.E2A0 20180406
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170201
Cybereason malicious.9a67d2 20180225
Cylance Unsafe 20180406
Endgame malicious (high confidence) 20180403
Sophos ML heuristic 20180121
McAfee-GW-Edition BehavesLike.Win32.Virut.nc 20180406
Microsoft Trojan:Win32/Cloxer.D!cl 20180405
Qihoo-360 HEUR/QVM20.1.503E.Malware.Gen 20180406
SentinelOne (Static ML) static engine - malicious 20180225
Symantec ML.Attribute.HighConfidence 20180405
Ad-Aware 20180406
AegisLab 20180406
AhnLab-V3 20180406
Alibaba 20180404
ALYac 20180406
Arcabit 20180406
Avast 20180406
Avast-Mobile 20180405
AVG 20180406
Avira (no cloud) 20180405
AVware 20180406
BitDefender 20180406
CAT-QuickHeal 20180405
ClamAV 20180406
CMC 20180405
Comodo 20180406
Cyren 20180406
DrWeb 20180406
eGambit 20180406
Emsisoft 20180406
ESET-NOD32 20180406
F-Prot 20180406
F-Secure 20180406
Fortinet 20180406
GData 20180406
Ikarus 20180405
Jiangmin 20180406
K7AntiVirus 20180404
K7GW 20180406
Kaspersky 20180406
Kingsoft 20180406
Malwarebytes 20180406
MAX 20180406
McAfee 20180406
eScan 20180406
NANO-Antivirus 20180406
nProtect 20180406
Palo Alto Networks (Known Signatures) 20180406
Panda 20180405
Rising 20180406
Sophos AV 20180406
SUPERAntiSpyware 20180406
Symantec Mobile Insight 20180406
Tencent 20180406
TheHacker 20180404
TotalDefense 20180406
TrendMicro 20180406
TrendMicro-HouseCall 20180406
Trustlook 20180406
VBA32 20180405
VIPRE 20180406
ViRobot 20180406
WhiteArmor 20180405
Yandex 20180405
Zillya 20180405
ZoneAlarm by Check Point 20180406
Zoner 20180406
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product Breadshot
Original name Breadshot.exe
Internal name Breadshot.exe
File version 1.2.10.6
Description Breadshot
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-04-06 14:12:35
Entry Point 0x0000539B
Number of sections 10
PE sections
PE imports
JetRollback
GetPixel
GetKerningPairsA
GetSystemDefaultLangID
SetConsoleWindowInfo
IsDBCSLeadByteEx
GetThreadTimes
GetCurrentThread
VerifyScripts
GetNumaProcessorNode
SHQueryValueExW
MapDialogRect
SetMessageQueue
RemoveClipboardFormatListener
SendMessageCallbackA
MonitorFromPoint
IsWindowVisible
GetFocus
GetComboBoxInfo
Number of PE resources by type
RT_BITMAP 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
11.11

ImageVersion
0.0

ProductName
Breadshot

FileVersionNumber
1.2.10.6

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
90112

FileTypeExtension
exe

OriginalFileName
Breadshot.exe

MIMEType
application/octet-stream

FileVersion
1.2.10.6

TimeStamp
2018:04:06 15:12:35+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Breadshot.exe

ProductVersion
1.2.10.6-RELEASE-c2414ca0146a1475ea00510effc01b40087c225c

FileDescription
Breadshot

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Breadshot

CodeSize
0

FileSubtype
0

ProductVersionNumber
1.2.10.6

EntryPoint
0x539b

ObjectFileType
Executable application

AssemblyVersion
1.2.10.6

File identification
MD5 684db47d7cf764b51d0c957f47999df1
SHA1 0849ca69a67d2d4095b910ec0115b96edb9e8e74
SHA256 dd19e544ce60070bd6f17d9e895809b31df3514cae50017d4c780c7eca4df06c
ssdeep
3072:iTVL2bxhaPRHKjOIDUFzBrYR7pROyHSy:ixqupHFIozEnHS

authentihash 8acd962645b9ce8da835a26c761624a17c44fab2a24b8b1d0ab968e5376ad6d6
imphash eae75db7b76263dd41a5a146aaeaf1f2
File size 98.5 KB ( 100864 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-04-06 05:23:30 UTC ( 10 months, 2 weeks ago )
Last submission 2018-05-04 18:15:01 UTC ( 9 months, 3 weeks ago )
File names TTDnZR9KSP2WK7.exe
Breadshot.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!