× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: eb815c13d522007550f758ceb17fc2ada84ae327dc258ac96cd5f030e9e16945
File name: eb815c13d522007550f758ceb17fc2ada84ae327dc258ac96cd5f030e9e16945
Detection ratio: 6 / 57
Analysis date: 2016-06-01 22:48:41 UTC ( 2 years, 8 months ago ) View latest
Antivirus Result Update
Avast Win32:Malware-gen 20160601
Avira (no cloud) TR/Crypt.ZPACK.nsal 20160601
ESET-NOD32 Win32/TrojanDownloader.Agent.CFH 20160601
Fortinet W32/Agent.CFH!tr.dldr 20160601
Qihoo-360 HEUR/QVM09.0.0000.Malware.Gen 20160601
Sophos AV Mal/Generic-S 20160601
Ad-Aware 20160601
AegisLab 20160601
AhnLab-V3 20160601
Alibaba 20160601
ALYac 20160601
Antiy-AVL 20160601
Arcabit 20160601
AVG 20160601
AVware 20160601
Baidu 20160601
Baidu-International 20160601
BitDefender 20160601
Bkav 20160601
CAT-QuickHeal 20160601
ClamAV 20160601
CMC 20160530
Comodo 20160601
Cyren 20160601
DrWeb 20160601
Emsisoft 20160601
F-Prot 20160601
F-Secure 20160601
GData 20160601
Ikarus 20160601
Jiangmin 20160601
K7AntiVirus 20160601
K7GW 20160601
Kaspersky 20160601
Kingsoft 20160601
Malwarebytes 20160601
McAfee 20160601
McAfee-GW-Edition 20160601
Microsoft 20160601
eScan 20160601
NANO-Antivirus 20160601
nProtect 20160601
Panda 20160601
Rising 20160601
SUPERAntiSpyware 20160601
Symantec 20160601
Tencent 20160601
TheHacker 20160601
TotalDefense 20160601
TrendMicro 20160601
TrendMicro-HouseCall 20160601
VBA32 20160601
VIPRE 20160601
ViRobot 20160601
Yandex 20160601
Zillya 20160601
Zoner 20160601
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 2007-2016 Hrg Nenad

Original name DesktopOK.exe
File version 4, 2, 6, 0
Description DesktopOK
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-05-31 14:57:16
Entry Point 0x0000308B
Number of sections 4
PE sections
PE imports
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
CreateFileMappingA
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
FindNextFileA
HeapDestroy
GetFileAttributesW
GetCompressedFileSizeW
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
GetVolumeInformationW
SetErrorMode
GetLogicalDrives
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
GetCPInfo
GetStringTypeA
GetDiskFreeSpaceW
WriteFile
GetSystemTimeAsFileTime
GetCompressedFileSizeA
HeapReAlloc
GetStringTypeW
SetFileAttributesA
GetOEMCP
LocalFree
MoveFileA
ResumeThread
GetLogicalDriveStringsA
GetExitCodeProcess
InitializeCriticalSection
LoadResource
GetLogicalDriveStringsW
FindClose
TlsGetValue
SetFileAttributesW
SetLastError
GetSystemTime
DeviceIoControl
InterlockedDecrement
CopyFileW
FindResourceW
RemoveDirectoryW
IsDebuggerPresent
HeapAlloc
GetVersionExA
RemoveDirectoryA
GetVolumeInformationA
LoadLibraryExA
GetPrivateProfileStringA
SetThreadPriority
CreateDirectoryExW
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
GetModuleHandleA
CreateSemaphoreA
CreateThread
MoveFileExW
GetExitCodeThread
SetUnhandledExceptionFilter
CreateMutexW
MulDiv
ExitThread
SetEnvironmentVariableA
TerminateProcess
CreateDirectoryExA
WriteConsoleA
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetDateFormatA
GetWindowsDirectoryW
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetDateFormatW
FreeResource
CreateDirectoryW
DeleteFileW
GlobalLock
GetProcessHeap
GetTempFileNameW
GetComputerNameW
CompareStringW
WaitNamedPipeW
GetModuleFileNameW
FindNextFileW
WaitNamedPipeA
GetDiskFreeSpaceA
CompareStringA
GetTempFileNameA
GetComputerNameA
FindFirstFileW
GlobalMemoryStatus
DuplicateHandle
GetProcAddress
GetTimeZoneInformation
CreateFileW
CopyFileA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
LCMapStringW
GetShortPathNameW
HeapCreate
GetSystemInfo
GlobalFree
GetConsoleCP
OpenSemaphoreA
LCMapStringA
GetEnvironmentStringsW
GetModuleFileNameA
GetShortPathNameA
CreateProcessW
GetEnvironmentStrings
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
CreateSemaphoreW
GetCurrentThread
RaiseException
ReleaseSemaphore
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
FindFirstFileA
CloseHandle
GetACP
GetVersion
SetThreadExecutionState
FindResourceA
SizeofResource
CreateProcessA
IsValidCodePage
UnmapViewOfFile
GetTempPathW
VirtualFree
Sleep
OpenSemaphoreW
VirtualAlloc
GetTimeFormatA
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
9.0

ImageVersion
0.0

FileVersionNumber
4.2.6.0

UninitializedDataSize
0

LanguageCode
German

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
135680

EntryPoint
0x308b

OriginalFileName
DesktopOK.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2007-2016 Hrg Nenad

FileVersion
4, 2, 6, 0

TimeStamp
2016:05:31 15:57:16+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
4, 2, 6, 0

FileDescription
DesktopOK

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Nenad Hrg SoftwareOK

CodeSize
34816

FileSubtype
0

ProductVersionNumber
4.2.6.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 0575030ccf9b9ffa126c36126945de50
SHA1 2ef04c499c98ee37d0f758891d866285750741c3
SHA256 eb815c13d522007550f758ceb17fc2ada84ae327dc258ac96cd5f030e9e16945
ssdeep
3072:xgL50d0KBUECrWlTMRnqLFfJ2GerteMx3srwLPNMMSu59vWobJ7D:xgLy0n7nCfa8MxXL1MMtNWG

authentihash 74d5e86edfbb3f53db33e3173281bb23e153dc55bd11d664667c8b5a9aa3cf42
imphash 8eddc7feb58d8fc18e1b0e7d8e05fbed
File size 167.5 KB ( 171520 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-06-01 22:48:41 UTC ( 2 years, 8 months ago )
Last submission 2016-06-01 22:48:41 UTC ( 2 years, 8 months ago )
File names DesktopOK.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications