× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e891094bb8a3b68edeb36d56d70312956a24504a78f2a84c61816ccda953cd9c
File name: STR.exe
Detection ratio: 21 / 47
Analysis date: 2013-11-15 14:17:29 UTC ( 5 months ago ) View latest
Antivirus Result Update
AVG Zbot.DNG 20131115
AhnLab-V3 Trojan/Win32.Agent 20131114
AntiVir TR/Dldr.Upatre.A.41 20131115
Avast Win32:Malware-gen 20131115
BitDefender Trojan.GenericKD.1401132 20131115
DrWeb Trojan.DownLoad3.28161 20131115
ESET-NOD32 Win32/TrojanDownloader.Small.AAB 20131115
Emsisoft Trojan.GenericKD.1401132 (B) 20131115
Fortinet W32/Agent.CD9C!tr 20131115
GData Trojan.GenericKD.1401132 20131115
Ikarus Trojan.Bublik 20131115
Kaspersky Trojan.Win32.Bublik.bkri 20131115
Malwarebytes Trojan.Dropper 20131115
McAfee PWSZbot-FKZ!3AAA04B0762D 20131115
McAfee-GW-Edition Heuristic.LooksLike.Win32.Suspicious.J!81 20131114
MicroWorld-eScan Trojan.GenericKD.1401132 20131115
Microsoft TrojanDownloader:Win32/Upatre.A 20131115
Sophos Troj/Agent-AEST 20131115
Symantec Trojan.Zbot 20131115
TrendMicro TROJ_UPATRE.SMS 20131115
TrendMicro-HouseCall TROJ_GEN.F0D1H00KE13 20131115
Agnitum 20131114
Antiy-AVL 20131115
Baidu-International 20131115
Bkav 20131115
ByteHero 20131114
CAT-QuickHeal 20131115
ClamAV 20131115
Commtouch 20131115
Comodo 20131115
F-Prot 20131115
F-Secure 20131115
Jiangmin 20131115
K7AntiVirus 20131114
K7GW 20131114
Kingsoft 20130829
NANO-Antivirus 20131115
Norman 20131115
Panda 20131115
Rising 20131115
SUPERAntiSpyware 20131115
TheHacker 20131115
TotalDefense 20131114
VBA32 20131115
VIPRE 20131115
ViRobot 20131115
nProtect 20131115
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-03-10 08:20:56
Link date 9:20 AM 3/10/2005
Entry Point 0x000014CE
Number of sections 4
PE sections
PE imports
GetLengthSid
GetUserNameA
CopySid
RegQueryValueExA
RegOpenKeyA
ExcludeClipRect
UpdateColors
GetTextExtentExPointA
CreateBitmap
GetTextExtentPoint32A
CreateFontA
GetStockObject
TextOutA
CreateFontIndirectA
GetTextMetricsA
CreateSolidBrush
Rectangle
IntersectClipRect
SetBkColor
CreateCompatibleDC
DeleteObject
RealizePalette
SetTextColor
ImmGetContext
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmSetCompositionFontA
acmDriverID
acmStreamOpen
GetModuleHandleA
HeapCreate
FreeLibrary
HeapAlloc
ExitProcess
GetProcAddress
GetMessageA
GetDoubleClickTime
LoadIconA
UpdateWindow
GetQueueStatus
PostQuitMessage
DefWindowProcA
RegisterClassA
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 2
ENGLISH US 2
ExifTool file metadata
LegalTrademarks
Legal

SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

ProductName
Go

FileVersionNumber
5.2.1.2

LanguageCode
Neutral 2

FileFlagsMask
0x0000

CharacterSet
Unknown (0025)

InitializedDataSize
17408

OriginalFilename
gog.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
5.2.1.2

TimeStamp
2005:03:10 09:20:56+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
go.exe

FileDescrsiption
go .exe

FileAccessDate
2014:04:03 14:27:23+01:00

ProductVersion
5.2.1.3

UninitializedDataSize
0

OSVersion
5.1

FileCreateDate
2014:04:03 14:27:23+01:00

FileOS
Windows NT 32-bit

LegalCopyright
Copyright (C) 2010

MachineType
Intel 386 or later, and compatibles

CompanyName
MS Corp

CodeSize
1536

FileSubtype
0

ProductVersionNumber
5.2.1.3

EntryPoint
0x14ce

ObjectFileType
Executable application

File identification
MD5 3aaa04b0762d8336379b8adedad5846b
SHA1 3d948535545bc1e1c0b61e775e4346f5bc9b465b
SHA256 e891094bb8a3b68edeb36d56d70312956a24504a78f2a84c61816ccda953cd9c
ssdeep
384:U8XK50ULtdTOXa0ULxzB4FDEws40HA1s5v3Ok58KmhCRuadT3S4n3PHjv9LREeN:U8mdTOXCzg05vshCRTTtjF9

imphash 39b2903b7498188e4955572bbeb0f3fe
File size 19.5 KB ( 19968 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (72.2%)
Win32 Executable (generic) (11.7%)
Win16/32 Executable Delphi generic (5.4%)
Generic Win/DOS Executable (5.2%)
DOS Executable Generic (5.2%)
Tags
peexe

VirusTotal metadata
First submission 2013-11-14 22:30:24 UTC ( 5 months ago )
Last submission 2013-12-04 09:40:45 UTC ( 4 months, 2 weeks ago )
File names STR_261.exe.renamed
STR_261.exe
c-72bc1-678-1384468204
3aaa04b0762d8336379b8adedad5846b.bin
STR-261.exe
STR.exe
file-6210780_exe
e891094bb8a3b68edeb36d56d70312956a24504a78f2a84c61816ccda953cd9c
3aaa04b0762d8336379b8adedad5846b.exe
3aaa04b0762d8336379b8adedad5846b
617a1dc7a8d52dc5e4273f8b55d3c25b327e1c37
STR_261.ex_
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!