× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e895123dfed32e5855c2d91f3f9d6410633b84020bead54086f47ce687a5e70a
File name: Label_368_09112013_JDSL.exe
Detection ratio: 2 / 47
Analysis date: 2013-09-11 19:11:03 UTC ( 5 years, 8 months ago ) View latest
Antivirus Result Update
Commtouch W32/Trojan.RHNX-2359 20130911
DrWeb Trojan.DownLoader10.15264 20130911
Yandex 20130911
AhnLab-V3 20130911
AntiVir 20130911
Antiy-AVL 20130911
Avast 20130911
AVG 20130911
Baidu-International 20130911
BitDefender 20130911
ByteHero 20130903
CAT-QuickHeal 20130911
ClamAV 20130911
Comodo 20130911
Emsisoft 20130911
ESET-NOD32 20130911
F-Prot 20130911
F-Secure 20130911
Fortinet 20130911
GData 20130911
Ikarus 20130911
Jiangmin 20130903
K7AntiVirus 20130911
K7GW 20130911
Kaspersky 20130911
Kingsoft 20130829
Malwarebytes 20130911
McAfee 20130911
McAfee-GW-Edition 20130911
Microsoft 20130911
eScan 20130911
NANO-Antivirus 20130911
Norman 20130911
nProtect 20130911
Panda 20130911
PCTools 20130911
Rising 20130911
Sophos AV 20130911
SUPERAntiSpyware 20130911
Symantec 20130911
TheHacker 20130911
TotalDefense 20130911
TrendMicro 20130911
TrendMicro-HouseCall 20130911
VBA32 20130911
VIPRE 20130911
ViRobot 20130911
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-09-11 14:03:48
Entry Point 0x00003868
Number of sections 4
PE sections
PE imports
CreatePen
CreateFontIndirectA
CreateSolidBrush
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
GetLastError
lstrcpyA
ExitProcess
CreateFileA
GetCommandLineA
GetProcAddress
LoadLibraryA
GetMessageA
CreateWindowExA
LoadCursorA
LoadIconA
UpdateWindow
DispatchMessageA
EndPaint
TranslateMessage
SendMessageA
MessageBoxA
BeginPaint
PostQuitMessage
DefWindowProcA
ShowWindow
DestroyWindow
LoadBitmapA
RegisterClassExA
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2013:09:11 15:03:48+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
10752

LinkerVersion
8.0

EntryPoint
0x3868

InitializedDataSize
13824

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 953a7edf57f4202b9bde4c98387255ce
SHA1 b45cc56763f6023d3dc1cb8aa48d633ca4f58702
SHA256 e895123dfed32e5855c2d91f3f9d6410633b84020bead54086f47ce687a5e70a
ssdeep
768:DS7nh4aQC9xkV1tdgI2MyzNORQtOflIwoHNV2XBFV72B4lA7ZsUI+:DS7nK8eztdgI2MyzNORQtOflIwoHNV2c

authentihash 4ed3a05e26e89991a43efd0421c35098e5279d1193e36b2840be9a26a6b93a1e
imphash a48608d52a90895f1cad5fdbf4fdce5d
File size 25.0 KB ( 25600 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe

VirusTotal metadata
First submission 2013-09-11 15:36:27 UTC ( 5 years, 8 months ago )
Last submission 2015-06-12 11:17:33 UTC ( 3 years, 11 months ago )
File names 953a7edf57f4202b9bde4c98387255ce.PE_
2.exe.exe
006677579
file-5952129_exe
953a7edf57f4202b9bde4c98387255ce
c-e3d4a-158-1378913703
953a7edf57f4202b9bde4c98387255ce.malware
Label_09112013_JDSL.exe
Label_368_09112013_JDSL.exe
Label_368_09112013_JDSL.exe
comendo-158
Label_368_09112013_JDSL.exe.malware
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!