× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e3b33e1b09dddbe717f7d291e054a67db39e2f833ee5f57dab4db2f77c3d41cb
File name: Flash
Detection ratio: 61 / 65
Analysis date: 2017-09-17 06:56:31 UTC ( 1 year, 8 months ago )
Antivirus Result Update
Ad-Aware Win32.Jeefo.B 20170917
AegisLab W32.Hidrag.a!c 20170917
AhnLab-V3 Win32/Hidrag 20170916
ALYac Win32.Jeefo.B 20170917
Antiy-AVL Virus/Win32.Hidrag.a 20170917
Arcabit Win32.Jeefo.B 20170917
Avast Win32:Gardih 20170917
AVG Win32:Gardih 20170917
Avira (no cloud) W32/Jeefo.A 20170916
AVware Virus.Win32.Jeefo.a (v) 20170917
Baidu Win32.Virus.Hidrag.a 20170915
BitDefender Win32.Jeefo.B 20170917
CAT-QuickHeal W32.Jeefo.A 20170916
ClamAV Win.Trojan.Jeefo-3 20170917
CMC Virus.Win32.Hidrag!O 20170916
Comodo Win32.Jeefo.A 20170917
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170804
Cylance Unsafe 20170917
Cyren W32/Jeefo.OYRV-0749 20170917
DrWeb Win32.HLLP.Jeefo.36352 20170917
Emsisoft Win32.Jeefo.B (B) 20170917
Endgame malicious (high confidence) 20170821
ESET-NOD32 Win32/Jeefo.A 20170917
F-Prot W32/Jeefo.A 20170917
F-Secure Win32.Jeefo.B 20170917
Fortinet W32/Jeefo.A 20170917
GData Win32.Virus.Hidrag.A 20170917
Ikarus Virus.Win32.Hidrag 20170916
Sophos ML heuristic 20170914
Jiangmin Win32/Jeefo 20170917
K7AntiVirus Virus ( 00001b701 ) 20170917
K7GW Virus ( 00001b701 ) 20170917
Kaspersky Virus.Win32.Hidrag.a 20170917
Kingsoft Win32.HiDrag.a.363008 20170917
MAX malware (ai score=87) 20170917
McAfee W32/Jeefo.e 20170917
McAfee-GW-Edition BehavesLike.Win32.Jeefo.hc 20170917
Microsoft Virus:Win32/Jeefo.A 20170917
eScan Win32.Jeefo.B 20170917
NANO-Antivirus Virus.Win32.Hidrag.clfcen 20170917
nProtect Virus/W32.Hidrag 20170917
Palo Alto Networks (Known Signatures) generic.ml 20170917
Panda Generic Malware 20170916
Qihoo-360 Virus.Win32.Jeefo.A 20170917
Rising Trojan.DL.Adload!1.66A0 (cloud:w3iQWwl4oF) 20170917
SentinelOne (Static ML) static engine - malicious 20170806
Sophos AV W32/Jeefo-A 20170917
Symantec W32.Jeefo 20170916
Tencent Virus.Win32.Jeefo.b 20170917
TheHacker W32/Jeefo.gen 20170916
TotalDefense Win32/Jeefo.A 20170917
TrendMicro PE_JEEFO.E 20170917
TrendMicro-HouseCall PE_JEEFO.E 20170917
VBA32 Virus.Jeefo 20170915
VIPRE Virus.Win32.Jeefo.a (v) 20170917
ViRobot Win32.Hidrag 20170916
Webroot W32.Virus.Jeefo.Gen 20170917
Yandex Win32.Hidrag 20170908
Zillya Virus.Jeefo.Win32.1 20170916
ZoneAlarm by Check Point Virus.Win32.Hidrag.a 20170917
Zoner Win32.Jeefo.A 20170917
Alibaba 20170911
Avast-Mobile 20170829
Malwarebytes 20170917
SUPERAntiSpyware 20170917
Symantec Mobile Insight 20170917
Trustlook 20170917
WhiteArmor 20170829
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1996-2000 Macromedia, Inc.

Product Flash 5.0
Original name SwFlsh32.exe
Internal name Flash
File version 5,0,30,0
Description Flash Player 5.0 r30
Packers identified
PEiD W32.Jeefo (PE File Infector)
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2001-08-24 15:00:00
Entry Point 0x000011F0
Number of sections 5
PE sections
Overlays
MD5 9b4988ea18aa7aef38d3d9621e7f5a09
File type data
Offset 76288
Size 513578
Entropy 7.35
PE imports
CloseServiceHandle
RegCloseKey
StartServiceCtrlDispatcherA
OpenServiceA
SetServiceStatus
CreateServiceA
RegSetValueExA
StartServiceA
RegCreateKeyExA
DeleteService
OpenSCManagerA
RegisterServiceCtrlHandlerA
GetLastError
ReadFile
GetFileAttributesA
CreateMutexA
WaitForSingleObject
GetDriveTypeA
CopyFileA
ExitProcess
TlsAlloc
GetVersionExA
FlushFileBuffers
LoadLibraryA
GetModuleFileNameA
GetStartupInfoA
GetCurrentDirectoryA
SetFileTime
GetWindowsDirectoryA
GetCommandLineA
GetProcAddress
GetFileTime
SetFilePointer
GetTempPathA
SetEndOfFile
GetModuleHandleA
FindFirstFileA
SetUnhandledExceptionFilter
WriteFile
CloseHandle
FindNextFileA
SetFileAttributesA
CreateProcessA
FindClose
TlsGetValue
Sleep
ReleaseMutex
TlsSetValue
CreateFileA
InterlockedIncrement
rand
malloc
__p__environ
memset
strcat
atexit
abort
_setmode
_assert
_fmode
_cexit
_fileno
srand
free
__getmainargs
memcpy
signal
strcpy
time
fprintf
__set_app_type
strcmp
_fpreset
_iob
Number of PE resources by type
RT_MENU 24
RT_DIALOG 16
RT_STRING 16
RT_ICON 12
RT_CURSOR 5
RT_GROUP_CURSOR 3
RT_GROUP_ICON 2
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 31
SWEDISH 7
PORTUGUESE 7
GERMAN 7
FRENCH 7
JAPANESE DEFAULT 7
SPANISH MODERN 7
ITALIAN 7
PE resources
ExifTool file metadata
CodeSize
33280

FileDescription
Flash Player 5.0 r30

InitializedDataSize
4608

ImageVersion
1.0

ProductName
Flash 5.0

FileVersionNumber
5.0.30.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
2.55

FileTypeExtension
exe

OriginalFileName
SwFlsh32.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
5,0,30,0

TimeStamp
2001:08:24 16:00:00+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Flash

SubsystemVersion
4.0

ProductVersion
5,0,30,0

UninitializedDataSize
1024

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 1996-2000 Macromedia, Inc.

MachineType
Intel 386 or later, and compatibles

CompanyName
Macromedia, Inc.

LegalTrademarks
Flash

FileSubtype
0

ProductVersionNumber
5.0.30.0

EntryPoint
0x11f0

ObjectFileType
Dynamic link library

File identification
MD5 e146dead79db32da5baaea4d098b3021
SHA1 d2ae814d3c88694b21f195232c1e30d544f6378f
SHA256 e3b33e1b09dddbe717f7d291e054a67db39e2f833ee5f57dab4db2f77c3d41cb
ssdeep
6144:7yH7xOc6H5c6HcT66vlmKhggtWKdC9UGy+DTPL1vMi3AYXZq/azNQXVMGhRHxAu9:7aqFlXTPhvHA7azeJdAi0T9hAMrale9A

authentihash cddc08167cf9988d7fe42205b57483e26d826307b92f5f9ae9ae3cd50f204d44
imphash d7401947d3623a2199a2114d62923cd5
File size 576.0 KB ( 589866 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID MinGW32 C/C++ Executable (73.3%)
Win32 Executable MS Visual C++ (generic) (9.3%)
Win64 Executable (generic) (8.2%)
Windows screen saver (3.9%)
Win32 Dynamic Link Library (generic) (1.9%)
Tags
peexe overlay

VirusTotal metadata
First submission 2012-01-19 13:25:14 UTC ( 7 years, 4 months ago )
Last submission 2012-01-19 23:36:47 UTC ( 7 years, 4 months ago )
File names G9dBJJZ.pps
Steeplechase%20Challenge.exe
aa
qhZFTzkHl.pdf
1179880
Flash
Steeplechase Challenge.exe
SwFlsh32.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!