× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ebd8af51357cc9ef86a6eb6a5b23a1d1fffbfc118b24b7b937120f1bf9ee8189
File name: drugvokrug-dlyakompa-znaemsoft-ru.exe
Detection ratio: 25 / 54
Analysis date: 2014-11-12 08:38:09 UTC ( 3 years, 6 months ago )
Antivirus Result Update
Ad-Aware Gen:Heur.Krypt.12 20141112
AhnLab-V3 PUP/Win32.LoadMoney 20141111
Avast Win32:LoadMoney-JU [PUP] 20141112
AVG Win32/Cryptor 20141112
Avira (no cloud) APPL/Downloader.Gen7 20141112
AVware Trojan.Win32.Generic.pak!cobra 20141112
BitDefender Gen:Heur.Krypt.12 20141112
Bkav HW32.Packed.9E52 20141112
DrWeb Trojan.LoadMoney.364 20141112
Emsisoft Gen:Heur.Krypt.12 (B) 20141112
ESET-NOD32 a variant of Win32/Adware.LoadMoney.AAB 20141112
F-Secure Gen:Heur.Krypt.12 20141112
GData Gen:Heur.Krypt.12 20141112
K7AntiVirus Trojan ( 7000000f1 ) 20141111
K7GW Trojan ( 7000000f1 ) 20141112
Malwarebytes PUP.Optional.LoadMoney 20141112
McAfee Packed-CQ 20141112
McAfee-GW-Edition BehavesLike.Win32.Downloader.gh 20141112
eScan Gen:Heur.Krypt.12 20141112
NANO-Antivirus Trojan.Win32.LoadMoney.dikzai 20141112
Norman Kryptik.CDIC 20141112
Panda Trj/Genetic.gen 20141110
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 20141111
VBA32 Malware-Cryptor.Limpopo 20141111
VIPRE Trojan.Win32.Generic.pak!cobra 20141112
AegisLab 20141112
Yandex 20141111
Antiy-AVL 20141112
Baidu-International 20141107
ByteHero 20141112
CAT-QuickHeal 20141112
ClamAV 20141112
CMC 20141110
Comodo 20141112
Cyren 20141112
F-Prot 20141111
Fortinet 20141112
Ikarus 20141112
Jiangmin 20141111
Kaspersky 20141112
Kingsoft 20141112
Microsoft 20141112
nProtect 20141111
Qihoo-360 20141112
Sophos AV 20141112
SUPERAntiSpyware 20141112
Symantec 20141112
Tencent 20141112
TheHacker 20141111
TotalDefense 20141111
TrendMicro-HouseCall 20141112
ViRobot 20141112
Zillya 20141111
Zoner 20141110
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
998 Ma8-20no0rk Ruichssiv

Publisher Slsysernaint
Product ternals Desin wbugvieSy
Original name fdjuu5we.exe
Internal name rnaStels Deut Viebug sinOuertpw
File version 4.76
Description AllowMultipleInstances
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x000016C8
Number of sections 6
PE sections
PE imports
RegOpenCurrentUser
AccessCheckByTypeResultListAndAuditAlarmA
BackupEventLogA
RegCreateKeyExA
CreateProcessAsUserW
GetTrusteeTypeA
LsaSetInformationPolicy
CreateServiceW
EncryptFileA
CryptSetProviderExA
GetMultipleTrusteeOperationA
GetLocalManagedApplications
IsTextUnicode
RegisterServiceCtrlHandlerA
SetTraceCallback
LsaLookupNames2
NotifyChangeEventLog
SetSecurityInfoExW
LsaICLookupNames
AllocateAndInitializeSid
ConvertSecurityDescriptorToAccessNamedW
CreatePrivateObjectSecurityEx
InitiateSystemShutdownExA
SetNamedSecurityInfoW
CreateToolbarEx
ImageList_Duplicate
CreateStatusWindow
InitMUILanguage
PropertySheet
ImageList_GetBkColor
CreatePropertySheetPage
ImageList_BeginDrag
CreatePropertySheetPageA
ImageList_SetFlags
WantArrows
dwLBSubclass
FindTextA
PrintDlgW
GetOpenFileNameW
ChooseColorW
ChooseFontW
PageSetupDlgA
GetOpenFileNameA
ChooseColorA
ReplaceTextW
CommDlgExtendedError
PrintDlgExA
LoadAlterBitmap
PageSetupDlgW
ChooseFontA
STROBJ_bEnum
EngUnicodeToMultiByteN
TranslateCharsetInfo
SetROP2
DeviceCapabilitiesExA
GetWindowOrgEx
GdiPlayScript
CreatePen
GetWinMetaFileBits
GetPolyFillMode
EndDoc
StartPage
WidenPath
EngDeleteSemaphore
SetTextAlign
SetBitmapDimensionEx
GdiTransparentBlt
CopyEnhMetaFileA
FixBrushOrgEx
GetPrivateProfileStructA
FileTimeToSystemTime
GetOverlappedResult
GlobalMemoryStatusEx
SystemTimeToTzSpecificLocalTime
SetSystemTime
OpenFileMappingW
LocalAlloc
GetConsoleCursorInfo
VerifyVersionInfoA
lstrcatW
QueryMemoryResourceNotification
IsDBCSLeadByteEx
FindResourceExA
FindNextVolumeMountPointA
SetComputerNameW
FindResourceExW
FindNextVolumeMountPointW
ReleaseActCtx
GetFullPathNameA
QueryDosDeviceA
GetProfileIntW
ReadConsoleInputExW
InitializeCriticalSection
LoadResource
GetStringTypeExA
ReadConsoleInputA
ReadFile
Beep
ReplaceFile
GetSystemDefaultLCID
SetProcessWorkingSetSize
DelayLoadFailureHook
EnumSystemLocalesW
InterlockedExchangeAdd
SetCalendarInfoW
GetProcessPriorityBoost
MulDiv
ExitThread
SetPriorityClass
SetUnhandledExceptionFilter
LocalFileTimeToFileTime
DosPathToSessionPathA
GetVolumeNameForVolumeMountPointW
HeapFree
SetHandleCount
TerminateThread
FillConsoleOutputCharacterA
SetTapeParameters
SetEvent
SetFileApisToANSI
GetStartupInfoW
SetVolumeMountPointW
GetFileSizeEx
FindFirstFileA
ResetEvent
IsValidLanguageGroup
EnumDateFormatsExW
GetPrivateProfileSectionW
GetConsoleWindow
LeaveCriticalSection
AttachConsole
DosDateTimeToFileTime
FindFirstChangeNotificationA
GetUserGeoID
PrivMoveFileIdentityW
WritePrivateProfileStringA
ProcessIdToSessionId
GetCommandLineW
GetCPInfoExA
GetConsoleInputExeNameA
InterlockedCompareExchange
OpenMutexA
TlsFree
GetGeoInfoA
DeleteVolumeMountPointW
PeekConsoleInputW
ReadConsoleOutputCharacterW
FatalAppExitW
FindNextFileW
GetLongPathNameW
FreeResource
SetThreadUILanguage
SizeofResource
IsValidCodePage
SetComputerNameExA
RtlMoveMemory
IsBadReadPtr
StgPropertyLengthAsVariant
HBITMAP_UserMarshal
OleDestroyMenuDescriptor
CoUnloadingWOW
CLSIDFromProgIDEx
IsValidPtrOut
CoCreateObjectInContext
CoUnmarshalHresult
CreateItemMoniker
CoRegisterSurrogate
UtGetDvtd32Info
GetHGlobalFromILockBytes
HMETAFILE_UserFree
CoGetPSClsid
HBRUSH_UserFree
HPALETTE_UserMarshal
CoInitializeWOW
ProgIDFromCLSID
IsEqualGUID
HDC_UserFree
HMETAFILE_UserUnmarshal
HMETAFILE_UserSize
HBITMAP_UserUnmarshal
OleMetafilePictFromIconAndLabel
IIDFromString
HACCEL_UserFree
OleQueryLinkFromData
CreateDataAdviseHolder
CoRevokeClassObject
HDC_UserSize
CoInitializeSecurity
CoGetCurrentLogicalThreadId
CoReleaseServerProcess
CoBuildVersion
WriteFmtUserTypeStg
VarCyFromR4
SysAllocStringLen
VarWeekdayName
VarCyFix
VarUI2FromDate
VarBstrCmp
SysAllocString
VarUI4FromI4
VarUI4FromUI8
VarR8FromBool
VarI4FromDate
VarR8FromI2
QueryPathOfRegTypeLib
StrStrIA
SHEnumValueW
PathCompactPathExA
PathRelativePathToA
SHCopyKeyW
StrCatW
PathAddExtensionW
PathIsNetworkPathA
StrCatBuffA
SHOpenRegStream2A
RedrawWindow
ShowStartGlass
GetInputState
LoadBitmapW
MessageBoxTimeoutW
EnumDesktopsW
MessageBoxTimeoutA
GrayStringW
ScrollWindowEx
GetMessageTime
SetMenuItemInfoW
DispatchMessageW
GetAsyncKeyState
MapDialogRect
GetClassInfoW
LoadAcceleratorsA
GetMouseMovePointsEx
LoadImageW
GetTopWindow
GetUpdateRgn
RegisterClipboardFormatW
PostThreadMessageW
LockWindowUpdate
GetWindowTextA
InvalidateRgn
CopyImage
GetMessageA
GetParent
GetCursorInfo
SetClassLongW
CheckRadioButton
MenuItemFromPoint
ShowWindow
DrawFrameControl
CharToOemBuffA
CreateIcon
CharUpperW
ShowWindowAsync
TranslateMessage
GetProgmanWindow
CharUpperA
GetDlgItemInt
GetTabbedTextExtentW
SetClipboardData
DrawMenuBar
IsIconic
OpenDesktopA
SetWindowContextHelpId
GetSysColorBrush
ReleaseDC
GetWindowRgnBox
CharNextW
DrawMenuBarTemp
GetMonitorInfoW
SetCaretPos
SetLastErrorEx
CopyIcon
GetKeyboardLayoutNameW
GetComboBoxInfo
CharPrevW
ToAsciiEx
SetDebugErrorLevel
ToUnicodeEx
CharLowerA
DrawCaption
RemovePropA
DrawIconEx
CreateDialogParamA
IsCharUpperA
InsertMenuA
DialogBoxIndirectParamW
GetMenuItemCount
ChangeMenuA
CreateIconFromResourceEx
GetMenuStringW
GetCursorPos
DrawTextA
IntersectRect
HideCaret
FindWindowW
FindWindowA
MessageBeep
PrivateExtractIconsA
RemoveMenu
ShowScrollBar
RegisterClipboardFormatA
SetUserObjectInformationA
DestroyCursor
LoadCursorFromFileW
MessageBoxIndirectW
GetSysColor
SetDlgItemTextW
MenuWindowProcW
SetSysColors
SetClassWord
IsWindowVisible
SubtractRect
SetCursorPos
DeleteMenu
GetClassNameW
TranslateAcceleratorA
DefDlgProcA
ModifyMenuW
IsMenu
VerLanguageNameA
VerFindFileW
VerInstallFileA
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerLanguageNameW
VerQueryValueA
EndPagePrinter
AddPortExW
DeleteFormW
EnumPrinterKeyW
OpenPrinterA
AdvancedDocumentPropertiesW
AddFormW
SetPrinterA
DevicePropertySheets
EnumPrintProcessorDatatypesW
DeletePrinterConnectionW
GetPrinterDataExA
gethostname
WSALookupServiceNextA
ntohl
inet_addr
send
ntohs
WSCEnableNSProvider
WSAResetEvent
WSASetBlockingHook
WSAGetLastError
WSAStringToAddressW
WTSCloseServer
WTSEnumerateSessionsW
WTSVirtualChannelWrite
WTSVirtualChannelRead
WTSVirtualChannelPurgeOutput
WTSQuerySessionInformationW
WTSQueryUserConfigA
WTSSetUserConfigW
WTSEnumerateProcessesA
WTSOpenServerW
WTSVirtualChannelQuery
WTSEnumerateServersA
DestroyPrivateObjectSecurity
DeleteService
TrusteeAccessToObjectW
LsaLookupSids
TrusteeAccessToObjectA
GetSecurityInfo
CredMarshalCredentialA
SaferRecordEventLogEntry
DecryptFileW
LsaICLookupSids
GetExplicitEntriesFromAclA
LookupAccountNameA
GetTrusteeTypeW
CreateWellKnownSid
MD4Final
WmiFreeBuffer
MakeAbsoluteSD
SetServiceStatus
LsaEnumerateTrustedDomainsEx
UpdateTraceA
LsaRemoveAccountRights
SetEntriesInAuditListW
GetAuditedPermissionsFromAclA
LookupAccountNameW
PrivilegedServiceAuditAlarmW
RegOpenKeyW
ConvertSecurityDescriptorToAccessA
BuildSecurityDescriptorA
CryptReleaseContext
AreAllAccessesGranted
EqualDomainSid
CryptAcquireContextW
TraceEventInstance
RegLoadKeyW
StopTraceA
RegCreateKeyW
EnumServicesStatusExA
GetManagedApplicationCategories
LsaLookupNames2
StartServiceW
RegisterServiceCtrlHandlerExA
WmiSetSingleItemA
GetServiceDisplayNameA
ConvertSecurityDescriptorToAccessNamedW
LsaLookupPrivilegeDisplayName
SetSecurityDescriptorGroup
CredFree
DrawInsert
ImageList_SetBkColor
ImageList_GetImageInfo
FlatSB_SetScrollInfo
ImageList_SetDragCursorImage
ImageList_Read
CreateStatusWindow
ImageList_GetDragImage
DrawStatusText
ImageList_DrawIndirect
ImageList_DragMove
ImageList_Write
ImageList_AddMasked
PropertySheet
GetMUILanguage
FlatSB_SetScrollPos
ImageList_ReplaceIcon
FlatSB_SetScrollProp
ImageList_LoadImageA
FlatSB_GetScrollPos
ImageList_Remove
FlatSB_EnableScrollBar
PrintDlgA
ReplaceTextA
dwLBSubclass
FindTextA
GetFileTitleW
GetOpenFileNameW
ChooseColorW
ChooseFontW
WantArrows
PrintDlgW
PageSetupDlgA
GetOpenFileNameA
ChooseColorA
FindTextW
ReplaceTextW
CommDlgExtendedError
PrintDlgExA
LoadAlterBitmap
PageSetupDlgW
GetSaveFileNameA
dwOKSubclass
SetDIBits
CreateFontIndirectW
GdiPlayPageEMF
FloodFill
SelectBrushLocal
GetCharABCWidthsFloatA
GetMetaRgn
XLATEOBJ_piVector
PolyDraw
OffsetViewportOrgEx
EngStretchBlt
SetMetaFileBitsEx
STROBJ_vEnumStart
GetObjectW
GetCharWidthA
GetTextExtentPointW
GdiReleaseDC
FONTOBJ_cGetGlyphs
FrameRgn
FixBrushOrgEx
GetStockObject
PolyPatBlt
GdiResetDCEMF
SetArcDirection
GetGraphicsMode
GetCharWidth32A
ExtSelectClipRgn
GdiConvertBitmap
EngComputeGlyphSet
SetROP2
CreateColorSpaceA
DeleteObject
CopyMetaFileW
GdiGetSpoolFileHandle
SetBrushAttributes
GetKerningPairsA
ClearBrushAttributes
GdiCreateLocalEnhMetaFile
GdiTransparentBlt
LineDDA
EnumUILanguagesA
CreateJobObjectA
DeactivateActCtx
CreateJobObjectW
GetVolumePathNameA
GetConsoleHardwareState
GetFileAttributesW
GetTapeParameters
CreatePipe
GetCurrentProcess
IsBadWritePtr
OpenFileMappingW
SetTimeZoneInformation
MapViewOfFileEx
GetSystemDefaultLCID
lstrcat
LZCreateFileW
GetLogicalDrives
GetConsoleFontSize
GetConsoleSelectionInfo
GetThreadPriorityBoost
GetTempPathA
GetStringTypeA
WriteConsoleOutputA
GetDiskFreeSpaceW
lstrcpy
GlobalMemoryStatusEx
SetComputerNameA
GetStringTypeW
GetFullPathNameA
SetEvent
TransmitCommChar
ConnectNamedPipe
GetEnvironmentVariableA
OutputDebugStringW
GetConsoleCursorInfo
GetLogicalDriveStringsW
AllocConsole
EnumSystemGeoID
QueryDosDeviceW
DeleteTimerQueue
GetFullPathNameW
ReadConsoleInputExA
GetExpandedNameA
GetUserDefaultUILanguage
BeginUpdateResourceW
GetNamedPipeInfo
FindNextVolumeA
ReplaceFile
HeapAlloc
ReadConsoleInputW
GlobalUnfix
HeapSetInformation
SetProcessWorkingSetSize
Heap32First
CancelDeviceWakeupRequest
GetProfileSectionW
WritePrivateProfileSectionW
EnumSystemLocalesW
SetFileShortNameA
MultiByteToWideChar
MoveFileW
LeaveCriticalSection
ReleaseActCtx
SetCalendarInfoA
GetExitCodeThread
SetCalendarInfoW
GetProcessPriorityBoost
MulDiv
MoveFileExA
GlobalMemoryStatus
DosPathToSessionPathW
AllocateUserPhysicalPages
VirtualQuery
DosPathToSessionPathA
SetEndOfFile
OpenJobObjectA
GetVolumeNameForVolumeMountPointW
LocalCompact
SetHandleCount
GetConsoleKeyboardLayoutNameW
FillConsoleOutputCharacterA
EndUpdateResourceW
GetVersionExW
GetOEMCP
DisableThreadLibraryCalls
lstrcmpiW
WriteConsoleInputW
GlobalSize
GetStartupInfoA
LCMapStringW
SetCommMask
RegisterWowExec
SetVolumeMountPointW
DeleteFileW
GetUserDefaultLCID
GetConsoleAliasesA
EnumResourceNamesW
SetCriticalSectionSpinCount
GetFileSizeEx
GlobalReAlloc
BackupWrite
lstrcpyA
GetComputerNameA
FindFirstFileW
TerminateProcess
GlobalAlloc
SetVolumeLabelW
WriteProfileSectionA
LocalSize
SetFileApisToOEM
WriteProfileSectionW
GetFileType
GetPrivateProfileSectionA
CreateFileA
LocalUnlock
SetProcessShutdownParameters
GetLastError
LocalReAlloc
GlobalDeleteAtom
HeapCreate
LoadLibraryA
LCMapStringA
GetProcessTimes
GetThreadLocale
FindResourceExA
IsDBCSLeadByte
LockFile
BuildCommDCBAndTimeoutsA
VirtualFreeEx
ProcessIdToSessionId
GetCommandLineW
BuildCommDCBAndTimeoutsW
QueryActCtxW
GetCurrentActCtx
EnumCalendarInfoExW
CancelIo
lstrcpynW
GetSystemDefaultLangID
Heap32ListNext
ReadConsoleW
ReleaseSemaphore
MapViewOfFile
GetConsoleCursorMode
ReadFile
CreateSocketHandle
CloseHandle
DeleteVolumeMountPointA
SetThreadExecutionState
IsBadStringPtrW
GetFileAttributesExW
GetDefaultCommConfigA
SetCommConfig
SetComputerNameExA
RtlMoveMemory
LocalHandle
FindResourceA
OleUninitialize
StgOpenStorageOnHandle
CoGetMarshalSizeMax
OpenOrCreateStream
OleCreateLinkToFile
ReadClassStg
StgSetTimes
CoPopServiceDomain
IsAccelerator
OleCreateStaticFromData
OleConvertOLESTREAMToIStorageEx
HPALETTE_UserSize
OleDoAutoConvert
ReadFmtUserTypeStg
CLSIDFromString
CreateOleAdviseHolder
CoDeactivateObject
CoLockObjectExternal
StgOpenStorageEx
HBITMAP_UserSize
StgOpenStorage
CoGetCancelObject
OleCreateFromFileEx
CoGetStandardMarshal
CoReleaseMarshalData
OleMetafilePictFromIconAndLabel
CoGetInterceptor
CoGetObjectContext
HACCEL_UserFree
OleCreateEmbeddingHelper
DcomChannelSetHResult
CoFileTimeToDosDateTime
OleIsCurrentClipboard
CoReleaseServerProcess
CoGetInstanceFromIStorage
CoCancelCall
GetHookInterface
CoMarshalInterface
VarFormatPercent
VarUI2FromUI8
VarI2FromStr
VarDateFromStr
VarBstrFromI4
VarUI4FromI4
VarBoolFromI1
CreateTypeLib2
VarCyCmp
VarBoolFromUI4
VarR4FromUI4
VarUI8FromStr
VarI1FromUI2
VarI4FromI2
LoadTypeLibEx
SafeArrayGetElemsize
VarCyInt
VarR8FromI2
VarI1FromBool
VarR4FromUI8
PathIsNetworkPathW
StrDupW
StrIsIntlEqualA
PathUndecorateW
StrFormatByteSizeA
PathRemoveExtensionA
SHOpenRegStreamW
SHRegSetUSValueW
StrRetToStrA
StrToInt64ExA
AssocQueryStringByKeyW
SHSetValueA
StrToIntExA
PathCompactPathA
IntlStrEqWorkerW
SHDeleteEmptyKeyA
StrStrIA
AssocQueryStringW
PathIsUNCServerA
SHRegSetPathW
PathRemoveBackslashW
MapWindowPoints
SetDlgItemTextA
EnumDesktopsA
SetWindowRgn
GetMenuInfo
UnregisterHotKey
GetInputState
DrawStateA
BroadcastSystemMessageA
GetGuiResources
MessageBoxTimeoutA
GetWindowContextHelpId
LoadBitmapA
SetWindowPos
GrayStringW
SetTimer
EndPaint
ScrollWindowEx
OpenWindowStationW
OemToCharBuffW
SetCaretBlinkTime
ChildWindowFromPoint
SetMenuItemInfoW
SetActiveWindow
CharLowerBuffW
GetDlgCtrlID
DefFrameProcW
DlgDirSelectExA
UnregisterClassW
ToAscii
CharPrevExA
LoadAcceleratorsA
LoadMenuIndirectA
CopyAcceleratorTableA
DrawFrame
GetActiveWindow
RegisterHotKey
GetWindowTextW
EnumPropsExW
ChangeDisplaySettingsExW
GetWindowTextLengthW
GetMenuBarInfo
LoadAcceleratorsW
GetWindowTextA
EnumPropsExA
RegisterClassExA
GetMenuContextHelpId
DrawEdge
GetKeyNameTextA
GetUserObjectInformationW
GetComboBoxInfo
UpdateWindow
GetPropW
EqualRect
TranslateAcceleratorW
GetNextDlgGroupItem
ValidateRgn
EnableWindow
CharUpperW
ShowWindowAsync
GetDlgItemTextA
PeekMessageA
SetProgmanWindow
TranslateMessage
IsWindowEnabled
FindWindowExW
DestroyCaret
ActivateKeyboardLayout
SendMessageCallbackA
GetTabbedTextExtentW
EditWndProc
GetMenuItemRect
GetMenuStringW
OpenDesktopW
IsCharLowerA
AllowForegroundActivation
IsZoomed
WindowFromDC
IsIconic
BroadcastSystemMessageExA
OpenDesktopA
TabbedTextOutA
GetWindowLongA
EnumPropsA
GetDCEx
EnumThreadWindows
MonitorFromPoint
CopyRect
DlgDirListW
EnumDesktopWindows
RealChildWindowFromPoint
PostThreadMessageA
TabbedTextOutW
CreateMenu
GetUpdateRect
GetWindowInfo
CharToOemA
IsDialogMessageA
SetFocus
OpenInputDesktop
SwitchDesktop
SystemParametersInfoW
OffsetRect
SetLastErrorEx
KillTimer
GetMonitorInfoA
GetClipboardOwner
SendNotifyMessageW
DefWindowProcA
ToUnicodeEx
SendDlgItemMessageA
InflateRect
RegisterClassA
IsDialogMessage
SetCapture
SendDlgItemMessageW
CheckMenuItem
DrawFocusRect
GetLastActivePopup
SetWindowTextW
GetRawInputDeviceInfoA
GetDlgItem
FindWindowW
GetMenuStringA
DrawCaptionTempA
TileChildWindows
ValidateRect
SetDoubleClickTime
SetForegroundWindow
DrawCaptionTempW
DialogBoxIndirectParamA
OpenClipboard
CreateDialogIndirectParamW
ReleaseDC
GetScrollRange
EndDialog
HideCaret
SendInput
CreateDialogIndirectParamA
BeginPaint
GetShellWindow
FindWindowA
PrivateExtractIconsA
GetWindowThreadProcessId
MessageBoxW
SetMenu
GetWindowDC
SetRectEmpty
SetUserObjectInformationA
AppendMenuW
CascadeChildWindows
AdjustWindowRectEx
LoadKeyboardLayoutA
CreateIcon
PostMessageA
GetKeyState
wvsprintfW
GetWindowModuleFileNameA
DestroyIcon
GetAltTabInfoA
OemKeyScan
TileWindows
GetWindowModuleFileNameW
SetCursorPos
IsCharAlphaNumericW
ScrollChildren
UnionRect
FrameRect
SetRect
GetAltTabInfoW
wsprintfA
GetClassNameW
DlgDirSelectExW
ModifyMenuW
IsCharUpperW
wsprintfW
CloseClipboard
ModifyMenuA
DefDlgProcW
SetCursor
VerLanguageNameA
GetFileVersionInfoA
VerFindFileW
VerInstallFileA
VerQueryValueW
GetFileVersionInfoSizeW
VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeA
VerLanguageNameW
VerQueryValueA
EndPagePrinter
EnumPrintersA
StartDocDlgW
GetPrinterDataExW
ConfigurePortA
DeleteFormW
SetPrinterA
WaitForPrinterChange
AddPrinterConnectionW
FreePrinterNotifyInfo
GetDefaultPrinterW
PerfCollect
GetJobW
DeletePrinterIC
AddPrintProvidorA
SplDriverUnloadComplete
CreatePrinterIC
SetPrinterDataA
DEVICECAPABILITIES
OpenPrinterW
WSADuplicateSocketA
WSASocketA
htonl
WSASendDisconnect
WSARecv
WSCInstallNameSpace
htons
select
WSACancelAsyncRequest
gethostname
WSALookupServiceEnd
WSAAsyncGetHostByAddr
WSANtohl
WSARemoveServiceClass
WSASetLastError
WSCWriteNameSpaceOrder
WSALookupServiceNextW
setsockopt
WSACancelBlockingCall
bind
WSAEnumNameSpaceProvidersW
WSAAsyncGetProtoByNumber
getservbyname
WTSQueryUserConfigW
WTSSetSessionInformationA
WTSUnRegisterSessionNotification
WTSQuerySessionInformationA
WTSVirtualChannelPurgeInput
WTSTerminateProcess
WTSVirtualChannelWrite
WTSVirtualChannelClose
WTSRegisterSessionNotification
WTSEnumerateProcessesW
WTSShutdownSystem
WTSQuerySessionInformationW
WTSEnumerateServersA
WTSEnumerateSessionsW
WTSSetUserConfigW
WTSOpenServerA
WTSOpenServerW
WTSVirtualChannelOpen
WTSDisconnectSession
WTSEnumerateServersW
Number of PE resources by type
RT_ICON 3
RT_GROUP_ICON 1
RT_VERSION 1
RT_RCDATA 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 6
RUSSIAN 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
58880

ImageVersion
0.0

ProductName
ternals Desin wbugvieSy

FileVersionNumber
4.76.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
2.25

OriginalFilename
fdjuu5we.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.76

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
rnaStels Deut Viebug sinOuertpw

FileAccessDate
2014:11:12 09:43:11+01:00

ProductVersion
4.76

FileDescription
AllowMultipleInstances

OSVersion
4.0

FileCreateDate
2014:11:12 09:43:11+01:00

FileOS
Windows NT 32-bit

LegalCopyright
998 Ma8-20no0rk Ruichssiv

MachineType
Intel 386 or later, and compatibles

CompanyName
Slsysernaint

CodeSize
426496

FileSubtype
0

ProductVersionNumber
4.76.0.0

EntryPoint
0x16c8

ObjectFileType
Executable application

File identification
MD5 eb90140f919ffcd880f546086e9e5b97
SHA1 7143e845093c75d28f9d9a33ca684b83bc0b0068
SHA256 ebd8af51357cc9ef86a6eb6a5b23a1d1fffbfc118b24b7b937120f1bf9ee8189
ssdeep
6144:PgV4sZOh7GS4cSREVU6djf2+8RIgZN6A0zJx3+RVUukMb/6TCniSnaN5E:P04CS4hRsU6djAZOX+tkM/8

authentihash 6181b6dbeb87f73de18ac460f54b6c57f5d496ab0978941caca9cffdc27b805d
imphash b47e5a8f41cf9255005d3d5e9f2f4ff8
File size 475.0 KB ( 486400 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Windows Screen Saver (43.2%)
Win32 Dynamic Link Library (generic) (21.7%)
Win32 Executable (generic) (14.8%)
Win16/32 Executable Delphi generic (6.8%)
Generic Win/DOS Executable (6.6%)
Tags
peexe

VirusTotal metadata
First submission 2014-11-12 08:38:09 UTC ( 3 years, 6 months ago )
Last submission 2014-11-12 08:38:09 UTC ( 3 years, 6 months ago )
File names drugvokrug-dlyakompa-znaemsoft-ru.exe
rnaStels Deut Viebug sinOuertpw
fdjuu5we.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
HTTP requests
DNS requests
TCP connections