× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e19f82571c387673b103368b2b57bfa6a7d83a4afa25c924b5d0938ccad86c29
File name: a286f6e999f60d56ce6e7e798d0a5c6d
Detection ratio: 27 / 66
Analysis date: 2018-05-18 06:34:06 UTC ( 1 year ago ) View latest
Antivirus Result Update
AegisLab Uds.Dangerousobject.Multi!c 20180518
Antiy-AVL Trojan/Win32.TSGeneric 20180518
Avast Win32:Malware-gen 20180518
AVG Win32:Malware-gen 20180518
Avira (no cloud) TR/Crypt.Xpack.clnpv 20180518
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9998 20180518
Cylance Unsafe 20180518
DrWeb Trojan.Encoder.24384 20180518
Endgame malicious (high confidence) 20180507
ESET-NOD32 a variant of Win32/Kryptik.GGVD 20180518
Fortinet W32/Kryptik.GFHY!tr 20180518
GData Win32.Trojan.Agent.LMFW16 20180518
Ikarus Win32.Outbreak 20180517
Kaspersky UDS:DangerousObject.Multi.Generic 20180518
Malwarebytes Trojan.MalPack 20180518
MAX malware (ai score=96) 20180518
McAfee Packed-FCW!A286F6E999F6 20180518
McAfee-GW-Edition BehavesLike.Win32.Multiplug.dh 20180518
Palo Alto Networks (Known Signatures) generic.ml 20180518
Panda Trj/Genetic.gen 20180517
Sophos AV Mal/GandCrab-D 20180518
Symantec Packed.Generic.525 20180518
TrendMicro TROJ_GEN.R020C0OEH18 20180518
TrendMicro-HouseCall TROJ_GEN.R020C0OEH18 20180518
VBA32 BScope.TrojanRansom.GandCrypt 20180517
Webroot W32.Malware.Gen 20180518
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180518
Ad-Aware 20180518
AhnLab-V3 20180517
Alibaba 20180518
ALYac 20180518
Arcabit 20180518
Avast-Mobile 20180518
AVware 20180518
Babable 20180406
BitDefender 20180518
Bkav 20180517
CAT-QuickHeal 20180517
ClamAV 20180518
CMC 20180518
Comodo 20180518
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cyren 20180518
eGambit 20180518
Emsisoft 20180518
F-Prot 20180518
F-Secure 20180518
Sophos ML 20180503
Jiangmin 20180518
K7AntiVirus 20180518
K7GW 20180518
Kingsoft 20180518
Microsoft 20180518
eScan 20180518
NANO-Antivirus 20180518
nProtect 20180518
Qihoo-360 20180518
Rising 20180518
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180518
Symantec Mobile Insight 20180517
Tencent 20180518
TheHacker 20180516
TotalDefense 20180518
Trustlook 20180518
VIPRE 20180518
ViRobot 20180518
Yandex 20180517
Zillya 20180516
Zoner 20180517
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-05-17 09:37:18
Entry Point 0x0000513E
Number of sections 5
PE sections
PE imports
GetLastError
IsValidCodePage
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
GetStartupInfoA
lstrlenA
GetConsoleCP
GetOEMCP
LCMapStringA
IsDebuggerPresent
HeapAlloc
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
DeleteCriticalSection
LeaveCriticalSection
EnumSystemLocalesA
AddConsoleAliasA
GetEnvironmentStrings
GetConsoleMode
GetLocaleInfoA
GetCurrentProcessId
GetUserDefaultLCID
SetHandleCount
GetCurrentProcess
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineA
GetProcAddress
GetStringTypeA
GetFileType
ExitProcess
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
RaiseException
WideCharToMultiByte
TlsFree
SetFilePointer
GetConsoleOutputCP
InterlockedExchange
SetUnhandledExceptionFilter
WriteFile
PulseEvent
CloseHandle
GetSystemTimeAsFileTime
IsValidLocale
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
TerminateProcess
GetThreadPriority
QueryPerformanceCounter
WriteConsoleA
GetLocaleInfoW
InitializeCriticalSection
HeapCreate
GlobalAlloc
VirtualFree
GetEnvironmentStringsW
InterlockedDecrement
Sleep
SetLastError
GetTickCount
TlsSetValue
CreateFileA
GetCurrentThreadId
PrepareTape
FindFirstVolumeMountPointA
VirtualAlloc
WriteConsoleW
InterlockedIncrement
GetWindowTextLengthA
GetMenuInfo
DeleteMenu
GetWindow
CreateCursor
DrawCaption
Number of PE resources by type
RT_STRING 34
RT_ICON 6
RT_BITMAP 2
KVG 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 44
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:05:17 11:37:18+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
86016

LinkerVersion
9.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x513e

InitializedDataSize
7913984

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 a286f6e999f60d56ce6e7e798d0a5c6d
SHA1 9f75d272645b1dbcb6fb63f60ab7873982f13c08
SHA256 e19f82571c387673b103368b2b57bfa6a7d83a4afa25c924b5d0938ccad86c29
ssdeep
3072:kCcqzgQWBT+YUoPz5DJFk0hhjRKG1kCmTcEf0r7Aj:kCcqISkpt5wG1kCmTcEf0/6

authentihash e3667bb181cc0a1fc2b6b1551963e3fe13447f70cbef22a380cb6b4a7cbef2da
imphash 9ba9c077de2398387bd4d6fc463cd540
File size 249.0 KB ( 254976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-05-17 15:27:47 UTC ( 1 year ago )
Last submission 2018-10-01 11:08:29 UTC ( 7 months, 3 weeks ago )
File names 1094ad003de5d51e1450b89fe62a3f56512ed074
aHT0uuO9iQ.exe
aicsdaws.exe
aHT0uuO9iQ.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Opened mutexes
Runtime DLLs