× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e6e697e71babadc126373ac7ee60f55ab0b2cc57ce55ff32a5c53d6b1f6b51a2
File name: ddf13bc2f6170bc6b5e466035a7d89809cf88ab7
Detection ratio: 21 / 55
Analysis date: 2016-08-09 14:15:42 UTC ( 2 years, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Strictor.111829 20160809
AhnLab-V3 Trojan/Win32.Bublik.N2074404990 20160809
Arcabit Trojan.Strictor.D1B4D5 20160809
AVG Pakes2_c.CNRT 20160809
Avira (no cloud) TR/Crypt.Xpack.xqdj 20160809
BitDefender Gen:Variant.Strictor.111829 20160809
Cyren W32/Trojan.ZNVV-8567 20160809
DrWeb Trojan.PWS.Papras.2166 20160809
Emsisoft Gen:Variant.Strictor.111829 (B) 20160809
ESET-NOD32 a variant of Generik.NKVHKWT 20160809
F-Secure Gen:Variant.Strictor.111829 20160809
GData Gen:Variant.Strictor.111829 20160809
K7GW Trojan ( 004f5c431 ) 20160809
Kaspersky Trojan.Win32.Bublik.epnu 20160809
McAfee Artemis!8EE24F9715B6 20160809
McAfee-GW-Edition BehavesLike.Win32.PUPAmonetize.dc 20160809
Microsoft Backdoor:Win32/Vawtrak.E 20160809
eScan Gen:Variant.Strictor.111829 20160809
Panda Trj/GdSda.A 20160809
Qihoo-360 Win32/Trojan.Multi.daf 20160809
Symantec Suspicious.Cloud.5 20160809
AegisLab 20160809
Alibaba 20160809
ALYac 20160809
Antiy-AVL 20160809
Avast 20160809
AVware 20160809
Baidu 20160809
Bkav 20160809
CAT-QuickHeal 20160809
ClamAV 20160809
CMC 20160804
Comodo 20160809
F-Prot 20160809
Fortinet 20160809
Ikarus 20160809
Jiangmin 20160809
K7AntiVirus 20160809
Kingsoft 20160809
Malwarebytes 20160809
NANO-Antivirus 20160809
nProtect 20160809
Sophos AV 20160809
SUPERAntiSpyware 20160809
Tencent 20160809
TheHacker 20160806
TotalDefense 20160808
TrendMicro 20160809
TrendMicro-HouseCall 20160809
VBA32 20160808
VIPRE 20160809
ViRobot 20160809
Yandex 20160808
Zillya 20160809
Zoner 20160809
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright

Product AugustJo
Original name AugustJo.exe
Internal name AugustJo
File version 6.3.3.2
Description Inportant Cmoocs Forgotten Workflowcommitbatchservice
Comments Inportant Cmoocs Forgotten Workflowcommitbatchservice
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-08-08 11:23:24
Entry Point 0x0000591B
Number of sections 5
PE sections
PE imports
LookupAccountNameA
GetOpenFileNameA
ChooseFontA
GetDeviceCaps
CreateDCA
GetObjectA
SetMapMode
DeleteDC
SelectObject
CreateFontIndirectA
DeleteObject
BitBlt
CreateDIBSection
CreateCompatibleDC
GetPixel
CreateCompatibleBitmap
SetTextColor
ExtEscape
gluOrtho2D
ImmCreateContext
ImmDestroyContext
ImmAssociateContext
GetStdHandle
GetConsoleOutputCP
WaitForSingleObject
SetConsoleCursorPosition
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
SetStdHandle
FindResourceExA
WideCharToMultiByte
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
FreeLibrary
LoadResource
TlsGetValue
OutputDebugStringA
SetLastError
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
SetFilePointer
CreateThread
SetNamedPipeHandleState
SetUnhandledExceptionFilter
MulDiv
ExitThread
TerminateProcess
WriteConsoleA
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
FillConsoleOutputCharacterA
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
WaitForMultipleObjects
GetConsoleScreenBufferInfo
FillConsoleOutputAttribute
GetProcessHeap
WaitNamedPipeA
lstrcpyA
GetProcAddress
CreateEventA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
lstrlenA
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
CreateNamedPipeA
lstrlenW
GetEnvironmentStrings
GetCurrentProcessId
LockResource
GetCPInfo
HeapSize
GetCommandLineA
RaiseException
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetModuleHandleW
SizeofResource
IsValidCodePage
HeapCreate
VirtualFree
Sleep
VirtualAlloc
DsListServersForDomainInSiteA
glLoadIdentity
glMatrixMode
glViewport
EnumPageFilesA
SetFocus
EmptyClipboard
GetParent
GetCursorInfo
GetWindowTextA
EndDialog
BeginPaint
MoveWindow
PostQuitMessage
DefWindowProcA
ShowWindow
FindWindowA
GetSystemMetrics
ReleaseCapture
GetWindowRect
EndPaint
LoadStringA
SetCapture
DrawIcon
CreatePopupMenu
GetMessageExtraInfo
SetWindowLongA
GetWindowLongA
mouse_event
DialogBoxParamA
UpdateWindow
TrackPopupMenuEx
GetDC
InsertMenuItemA
GetCursorPos
DrawTextA
GetIconInfo
CheckMenuItem
GetMenu
GetSubMenu
SetClipboardData
PtInRect
SendMessageA
CloseClipboard
GetClientRect
CreateWindowExA
SetCursorPos
DrawMenuBar
SetCursor
CreateIconIndirect
ScreenToClient
SetRect
CallNextHookEx
wsprintfA
CreateMenu
LoadCursorA
LoadIconA
InvalidateRect
ShowCursor
OpenClipboard
LoadImageA
ReleaseDC
InsertMenuItemW
SetForegroundWindow
GetDlgItem
RegisterClassExA
DestroyWindow
PdhGetRawCounterValue
Number of PE resources by type
RT_DIALOG 6
RT_ICON 5
RT_STRING 4
RT_BITMAP 2
RT_MANIFEST 1
RT_MENU 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 21
PE resources
ExifTool file metadata
LegalTrademarks
Copyright

SubsystemVersion
5.0

Comments
Inportant Cmoocs Forgotten Workflowcommitbatchservice

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.3.3.2

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Inportant Cmoocs Forgotten Workflowcommitbatchservice

CharacterSet
Unicode

InitializedDataSize
202240

PrivateBuild
6.3.3.2

EntryPoint
0x591b

OriginalFileName
AugustJo.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright

FileVersion
6.3.3.2

TimeStamp
2016:08:08 12:23:24+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
AugustJo

ProductVersion
6.3.3.2

UninitializedDataSize
0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
VidCoder

CodeSize
89088

ProductName
AugustJo

ProductVersionNumber
6.3.3.2

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 8ee24f9715b6cc5711557d59a1f10581
SHA1 105a847f724dd1d6303c3f28a152a4b336b007ee
SHA256 e6e697e71babadc126373ac7ee60f55ab0b2cc57ce55ff32a5c53d6b1f6b51a2
ssdeep
6144:pSn3CQS76FeYYNFelGjPrawHQpJWhnFOzjGeB1OKVf:pSn3C56FqNHDr+XWhnkjGeB1LVf

authentihash d2caa7e70c223828818e974068cacd7d034dd0078ed4bc1dba5d657258b8f322
imphash ca9319e0dd932c8a143eba3a7936cd31
File size 285.5 KB ( 292352 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-08-08 11:48:19 UTC ( 2 years, 6 months ago )
Last submission 2016-08-22 17:24:53 UTC ( 2 years, 6 months ago )
File names AugustJo.exe
ddf13bc2f6170bc6b5e466035a7d89809cf88ab7
AugustJo
file.jpg
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Searched windows
Runtime DLLs
UDP communications