× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ec82f7060ac0bcece0dfd74c2a118fd77a88e9504e670a55fc3ed029f81fedcd
File name: header.jpg
Detection ratio: 5 / 65
Analysis date: 2018-04-24 13:33:28 UTC ( 9 months, 4 weeks ago ) View latest
Antivirus Result Update
AVware Trojan.Win32.Zbot.ata (v) 20180424
CrowdStrike Falcon (ML) malicious_confidence_60% (D) 20180418
Cylance Unsafe 20180424
Endgame malicious (high confidence) 20180403
VIPRE Trojan.Win32.Zbot.ata (v) 20180424
Ad-Aware 20180424
AegisLab 20180424
AhnLab-V3 20180424
Alibaba 20180424
ALYac 20180424
Antiy-AVL 20180418
Arcabit 20180424
Avast 20180424
Avast-Mobile 20180423
AVG 20180424
Avira (no cloud) 20180424
Babable 20180406
Baidu 20180424
BitDefender 20180424
Bkav 20180424
CAT-QuickHeal 20180424
ClamAV 20180424
CMC 20180423
Comodo 20180424
Cybereason None
Cyren 20180424
DrWeb 20180424
eGambit 20180424
Emsisoft 20180424
ESET-NOD32 20180424
F-Prot 20180424
F-Secure 20180424
Fortinet 20180424
GData 20180424
Ikarus 20180424
Sophos ML 20180121
Jiangmin 20180424
K7AntiVirus 20180424
K7GW 20180424
Kaspersky 20180424
Kingsoft 20180424
Malwarebytes 20180424
MAX 20180424
McAfee 20180424
McAfee-GW-Edition 20180423
Microsoft 20180424
eScan 20180424
NANO-Antivirus 20180424
nProtect 20180424
Palo Alto Networks (Known Signatures) 20180424
Panda 20180424
Qihoo-360 20180424
Rising 20180424
SentinelOne (Static ML) 20180225
Sophos AV 20180424
SUPERAntiSpyware 20180424
Symantec 20180424
Symantec Mobile Insight 20180419
Tencent 20180424
TheHacker 20180423
TrendMicro-HouseCall 20180424
Trustlook 20180424
VBA32 20180424
ViRobot 20180424
Webroot 20180424
Yandex 20180424
Zillya 20180423
ZoneAlarm by Check Point 20180424
Zoner 20180424
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product Milk Division
Original name Milk Division.exe
File version 5, 4, 2303, 9943
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-04-24 10:53:11
Entry Point 0x0003CD6D
Number of sections 5
PE sections
PE imports
SetMapMode
TextOutW
SaveDC
GetClipBox
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
DeleteObject
SetTextColor
ExtTextOutW
CreateBitmap
RectVisible
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
PtVisible
ScaleViewportExtEx
SelectObject
SetWindowExtEx
Escape
SetBkColor
SetViewportExtEx
ImmSetCompositionFontW
ImmNotifyIME
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmGetContext
GetStdHandle
GetConsoleOutputCP
WaitForSingleObject
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
SetStdHandle
WideCharToMultiByte
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
FormatMessageW
InitializeCriticalSection
LoadResource
GlobalHandle
TlsGetValue
SetLastError
GlobalFindAtomW
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
GlobalAddAtomW
SetUnhandledExceptionFilter
TerminateProcess
CreateSemaphoreW
WriteConsoleA
GlobalAlloc
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
GlobalDeleteAtom
GetStartupInfoW
GlobalLock
GlobalReAlloc
lstrcmpA
lstrcmpW
GetProcAddress
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
LocalReAlloc
LCMapStringW
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
lstrlenW
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCommandLineW
GetCPInfo
HeapSize
RaiseException
TlsFree
SetFilePointer
GlobalFlags
CloseHandle
GetACP
GetModuleHandleW
IsValidCodePage
HeapCreate
FindResourceW
VirtualFree
Sleep
VirtualAlloc
CreateStdAccessibleObject
LresultFromObject
VariantChangeType
VariantInit
VariantClear
MapWindowPoints
RegisterWindowMessageW
GetMessagePos
GetClassInfoExW
ReleaseDC
DrawTextExW
GetPropW
LoadBitmapW
GetFocus
DefWindowProcW
CopyRect
GetCapture
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
GetForegroundWindow
SetPropW
GetParent
GetWindowThreadProcessId
ValidateRect
GetSystemMetrics
SetWindowLongW
IsWindow
SendMessageW
GrayStringW
GetWindowRect
EnableWindow
SetMenu
GetDC
CallNextHookEx
SetWindowPos
AdjustWindowRectEx
GetSysColorBrush
GetMessageTime
GetWindow
PostMessageW
GetSysColor
DispatchMessageW
GetLastActivePopup
GetMenuItemID
GetKeyState
SystemParametersInfoA
GetDlgCtrlID
CheckMenuItem
GetMenu
GetTopWindow
GetClassLongW
GetMenuCheckMarkDimensions
RegisterClassW
WinHelpW
GetWindowPlacement
IsWindowEnabled
SetWindowTextW
GetDlgItem
RemovePropW
DrawTextW
MessageBoxW
IsIconic
ClientToScreen
PeekMessageW
GetSubMenu
CallWindowProcW
GetClassNameW
GetMenuItemCount
ModifyMenuW
GetClientRect
GetWindowTextW
EnableMenuItem
GetMenuState
SetWindowsHookExW
LoadCursorW
LoadIconW
GetClassInfoW
CreateWindowExW
TabbedTextOutW
GetWindowLongW
SetForegroundWindow
PtInRect
UnhookWindowsHookEx
DestroyWindow
ClosePrinter
DocumentPropertiesW
OpenPrinterW
OleUninitialize
CoUninitialize
CoInitialize
OleInitialize
OleSetContainedObject
CoCreateInstance
Number of PE resources by type
RT_ICON 11
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 14
PE resources
Debug information
ExifTool file metadata
CodeSize
315392

UninitializedDataSize
0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.4.2303.9943

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
946176

EntryPoint
0x3cd6d

OriginalFileName
Milk Division.exe

MIMEType
application/octet-stream

FileVersion
5, 4, 2303, 9943

TimeStamp
2009:04:24 11:53:11+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
5, 4, 2303, 9943

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Experimenthurry Boat

LegalTrademarks
Milk Division

ProductName
Milk Division

ProductVersionNumber
5.4.2303.9943

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 605d0e6c547b45c3e9537ecc07868459
SHA1 626a6b07a038c4694aff9437ffc19aa09b151386
SHA256 ec82f7060ac0bcece0dfd74c2a118fd77a88e9504e670a55fc3ed029f81fedcd
ssdeep
12288:xjyjDiUodqcZY43HTBEpvQJSXCCCb47tXTXA8npcsuWqqjBjRdPp8AXfZbUJa56E:6in3upCb45bpcPWBFlpIoj6J2dvD3

authentihash b649629fa40b8e4b304e2dd9a2814795da7c44d3f106af0cef258ba0d68f67aa
imphash 3cdb98962be60072e3e9dcad807b6546
File size 1.1 MB ( 1187328 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (64.5%)
Win32 Dynamic Link Library (generic) (13.6%)
Win32 Executable (generic) (9.3%)
OS/2 Executable (generic) (4.1%)
Generic Win/DOS Executable (4.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-04-24 13:33:28 UTC ( 9 months, 4 weeks ago )
Last submission 2018-08-08 08:46:46 UTC ( 6 months, 2 weeks ago )
File names Milk Division.exe
header.jpg
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs