× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: eb74f48ad128d469e9865cefeec2abb0c150d77bee7c0b30fb0e188f878dea97
File name: great1.exe
Detection ratio: 8 / 69
Analysis date: 2018-10-29 04:47:18 UTC ( 7 months ago ) View latest
Antivirus Result Update
AVware Trojan.Win32.Generic.pak!cobra 20180925
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cylance Unsafe 20181029
Endgame malicious (high confidence) 20180730
Qihoo-360 HEUR/QVM03.0.D781.Malware.Gen 20181029
SentinelOne (Static ML) static engine - malicious 20181011
Tencent Win32.Trojan.Inject.Auto 20181029
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20181029
Ad-Aware 20181029
AegisLab 20181029
AhnLab-V3 20181029
Alibaba 20180921
ALYac 20181029
Antiy-AVL 20181028
Arcabit 20181029
Avast 20181029
Avast-Mobile 20181028
AVG 20181029
Avira (no cloud) 20181028
Babable 20180918
Baidu 20181029
BitDefender 20181029
Bkav 20181025
CAT-QuickHeal 20181028
ClamAV 20181028
CMC 20181028
Cybereason 20180225
Cyren 20181029
DrWeb 20181029
eGambit 20181029
Emsisoft 20181029
ESET-NOD32 20181029
F-Prot 20181029
F-Secure 20181028
Fortinet 20181029
GData 20181029
Ikarus 20181028
Sophos ML 20180717
Jiangmin 20181029
K7AntiVirus 20181029
K7GW 20181025
Kaspersky 20181029
Kingsoft 20181029
Malwarebytes 20181029
MAX 20181029
McAfee 20181029
McAfee-GW-Edition 20181029
Microsoft 20181029
eScan 20181029
NANO-Antivirus 20181029
Palo Alto Networks (Known Signatures) 20181029
Panda 20181028
Rising 20181029
Sophos AV 20181029
SUPERAntiSpyware 20181023
Symantec 20181028
Symantec Mobile Insight 20181026
TACHYON 20181029
TheHacker 20181025
TotalDefense 20181028
TrendMicro 20181029
TrendMicro-HouseCall 20181029
Trustlook 20181029
VBA32 20181026
VIPRE 20181028
ViRobot 20181028
Webroot 20181029
Yandex 20181026
Zillya 20181028
Zoner 20181029
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
disestablishment

Product spawner
Original name Addend5.exe
Internal name Addend5
File version 3.01.0001
Description centripetal
Comments Poesiforladtes3
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-28 17:52:07
Entry Point 0x000028E8
Number of sections 3
PE sections
PE imports
_adj_fdiv_m32
__vbaChkstk
EVENT_SINK_Release
__vbaEnd
__vbaStrCmp
_allmul
_adj_fdivr_m64
_adj_fprem
Ord(697)
Ord(617)
Ord(709)
_adj_fpatan
EVENT_SINK_AddRef
__vbaStrToUnicode
_adj_fdiv_m32i
__vbaExceptHandler
__vbaSetSystemError
DllFunctionCall
__vbaFPException
__vbaStrVarMove
_adj_fdivr_m16i
_adj_fdiv_r
Ord(100)
__vbaFreeVar
_adj_fdiv_m64
__vbaFreeObj
_CIsin
_CIsqrt
__vbaHresultCheckObj
_CIlog
Ord(606)
_CIcos
EVENT_SINK_QueryInterface
_adj_fptan
_CItan
__vbaI4Var
_CIatan
__vbaNew2
__vbaOnError
_adj_fdivr_m32i
__vbaAryDestruct
_CIexp
__vbaStrMove
__vbaStrToAnsi
_adj_fprem1
_adj_fdivr_m32
__vbaFreeStrList
__vbaFreeStr
_adj_fdiv_m16i
Number of PE resources by type
RT_STRING 9
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 10
NEUTRAL 2
PE resources
ExifTool file metadata
CodeSize
724992

SubsystemVersion
4.0

Comments
Poesiforladtes3

LinkerVersion
6.0

ImageVersion
3.1

FileSubtype
0

FileVersionNumber
3.1.0.1

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
centripetal

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
69632

EntryPoint
0x28e8

OriginalFileName
Addend5.exe

MIMEType
application/octet-stream

LegalCopyright
disestablishment

FileVersion
3.01.0001

TimeStamp
2018:10:28 18:52:07+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Addend5

ProductVersion
3.01.0001

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
logItECH

LegalTrademarks
Plebeianize8

ProductName
spawner

ProductVersionNumber
3.1.0.1

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 ad824161293b43d7a8b38aeec691e133
SHA1 e0fb703e2054440b5cca739df62083a4b9d5e60d
SHA256 eb74f48ad128d469e9865cefeec2abb0c150d77bee7c0b30fb0e188f878dea97
ssdeep
6144:XQJS3Kq81rvonC0QAQIu86osSBJhM8wW1Dy53h3OyLeAavvXavhHs8o3E2IesyTc:XQ03IsvSNoB3M81Wh+DA+Xs2IQTZ4

authentihash 34e8bcb38c38982e130456b50b7461043684af8e50b73a271ca503419ca83f8a
imphash 90803eb31ab805f35dfb94adf8dd665f
File size 768.0 KB ( 786432 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (82.7%)
Win32 Dynamic Link Library (generic) (6.6%)
Win32 Executable (generic) (4.5%)
OS/2 Executable (generic) (2.0%)
Generic Win/DOS Executable (2.0%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-29 04:47:18 UTC ( 7 months ago )
Last submission 2018-10-29 04:47:18 UTC ( 7 months ago )
File names Addend5.exe
Addend5
great1.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!