× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e31d5100785fb3b08b422835e1ebcbd3d6eea8c7221c0fb1092e679efc4641ae
File name: SQLi Dumper.exe
Detection ratio: 12 / 57
Analysis date: 2015-02-26 08:32:52 UTC ( 2 years, 7 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Generic.12465765 20150226
ALYac Trojan.Generic.12465765 20150226
BitDefender Trojan.Generic.12465765 20150226
Emsisoft Trojan.Generic.12465765 (B) 20150226
F-Secure Trojan.Generic.12465765 20150226
GData Trojan.Generic.12465765 20150226
Ikarus Trojan.SuspectCRC 20150226
eScan Trojan.Generic.12465765 20150226
NANO-Antivirus Trojan.Win32.Genius.dcgwrr 20150226
nProtect Trojan.Generic.12465765 20150225
Symantec WS.Reputation.1 20150226
TrendMicro-HouseCall TROJ_GEN.R0C1H09AI15 20150226
AegisLab 20150226
Yandex 20150225
AhnLab-V3 20150225
Alibaba 20150225
Antiy-AVL 20150226
Avast 20150226
AVG 20150226
Avira (no cloud) 20150226
AVware 20150226
Baidu-International 20150226
Bkav 20150225
ByteHero 20150226
CAT-QuickHeal 20150226
ClamAV 20150226
CMC 20150226
Comodo 20150226
Cyren 20150226
DrWeb 20150226
ESET-NOD32 20150226
F-Prot 20150226
Fortinet 20150226
Jiangmin 20150225
K7AntiVirus 20150226
K7GW 20150226
Kaspersky 20150226
Kingsoft 20150226
Malwarebytes 20150226
McAfee 20150226
McAfee-GW-Edition 20150226
Microsoft 20150226
Norman 20150225
Panda 20150225
Qihoo-360 20150226
Rising 20150225
Sophos AV 20150226
SUPERAntiSpyware 20150226
Tencent 20150226
TheHacker 20150225
TotalDefense 20150226
TrendMicro 20150226
VBA32 20150225
VIPRE 20150226
ViRobot 20150226
Zillya 20150226
Zoner 20150223
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
fLaSh

Product SQLi Dumper
Original name SQLi Dumper.exe
Internal name SQLi Dumper.exe
File version 7.0.0.0
Description SQLi Dumper
Comments I take NO responsibility for what you do with this tool. Use at your OWN risk!!
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-08-11 20:19:29
Entry Point 0x0023A9AE
Number of sections 3
.NET details
Module Version ID ffdd07d3-5737-4188-baca-de2d004c7ccf
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 9
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 12
PE resources
ExifTool file metadata
LegalTrademarks
c4rl0s@jabber.ru

SubsystemVersion
4.0

Comments
I take NO responsibility for what you do with this tool. Use at your OWN risk!!

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
SQLi Dumper

CharacterSet
Unicode

InitializedDataSize
97280

EntryPoint
0x23a9ae

OriginalFileName
SQLi Dumper.exe

MIMEType
application/octet-stream

LegalCopyright
fLaSh

FileVersion
7.0.0.0

TimeStamp
2014:08:11 21:19:29+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
SQLi Dumper.exe

ProductVersion
7.0.0.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
c4rl0s@jabber.ru

CodeSize
2329088

ProductName
SQLi Dumper

ProductVersionNumber
7.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
7.0.0.0

Execution parents
PE resource-wise parents
Compressed bundles
File identification
MD5 e5413340485f2bfd6c4d82ea978ef026
SHA1 416922b3bdae8e7c5cc67fdcfdf0d37d4d5ee8e2
SHA256 e31d5100785fb3b08b422835e1ebcbd3d6eea8c7221c0fb1092e679efc4641ae
ssdeep
49152:kUIIb6fMID2u41715Kqao5ZPdH3WOX/Rok4uJnm+xhsbsk4uJnm:6+6fMIiL1J5KCjPdH3RX/RD4uJnm+zee

authentihash 971fa15411d23c7f35f3dd3ea828ad541a890712e9a483994b11d0c06ac602be
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 2.3 MB ( 2426880 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly via-tor

VirusTotal metadata
First submission 2014-08-03 13:08:31 UTC ( 3 years, 2 months ago )
Last submission 2017-10-20 12:20:25 UTC ( 1 day, 20 hours ago )
File names sqli dumper sqli dumper.exe
BQADBAADLgIAAjrHQFOFqTFzlPZA5QI4796091349753536064.tmp
SQLi Dumper.exe
SQLi Dumper SQLi Dumper.exe
file-7329915_exe
SQLi Dumper - Goodkat.exe
start.exe
298903606.exe
Unconfirmed 514269.crdownload
416922B3BDAE8E7C5CC67FDCFDF0D37D4D5EE8E2
SQLi Dumper SQLi Dumper [zHacker.NeT].exe
hamemsdsd.exe
SQLi Dumper SQLi Dumper.exe
SQLi Dumper.exe
SQLi Dumper_ArthadLUVSyewPLEBS.exe
filename
A1
SQLi Dumper Kek Edition.exe
ZRT.exe
SQLi Dumper.exe
e31d5100785fb3b08b422835e1ebcbd3d6eea8c7221c0fb1092e679efc4641ae.bin
SQLi Dumper 7.0.exe
SQLi Dumper.exe
SQLIDU~1.EXE
SQLi Dumper.exe
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R08OH09FJ16.

Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
screen-capture

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!