× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ed37874367fd12299e9c7e03491ecb585b5651dfad12883c93e7e5cef9f1959d
File name: 15.tmp
Detection ratio: 5 / 53
Analysis date: 2015-05-05 01:49:25 UTC ( 3 years, 10 months ago ) View latest
Antivirus Result Update
AVG Luhe.Fiha.A 20150505
ESET-NOD32 Win32/Spy.Zbot.ACB 20150505
Kaspersky UDS:DangerousObject.Multi.Generic 20150505
TrendMicro TROJ_FORUCON.BMC 20150505
TrendMicro-HouseCall TROJ_FORUCON.BMC 20150505
Ad-Aware 20150505
AegisLab 20150505
Yandex 20150504
AhnLab-V3 20150504
Alibaba 20150505
ALYac 20150505
Avast 20150505
AVware 20150505
Baidu-International 20150504
BitDefender 20150505
Bkav 20150504
ByteHero 20150505
CAT-QuickHeal 20150504
ClamAV 20150505
Comodo 20150505
Cyren 20150505
DrWeb 20150505
Emsisoft 20150505
F-Prot 20150505
F-Secure 20150504
Fortinet 20150505
GData 20150505
Ikarus 20150505
Jiangmin 20150504
K7AntiVirus 20150504
K7GW 20150504
Kingsoft 20150505
McAfee 20150505
McAfee-GW-Edition 20150505
Microsoft 20150504
eScan 20150505
NANO-Antivirus 20150505
Norman 20150504
nProtect 20150504
Panda 20150504
Qihoo-360 20150505
Rising 20150504
Sophos AV 20150505
SUPERAntiSpyware 20150504
Symantec 20150505
Tencent 20150505
TheHacker 20150504
TotalDefense 20150430
VBA32 20150504
VIPRE 20150505
ViRobot 20150504
Zillya 20150504
Zoner 20150504
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Soft4Boost Ltd.

Publisher Soft4Boost Ltd.
Product Soft4Boost Image Converter
Original name S4BImageConverter
File version 3.2.5.301
Description Soft4Boost Image Converter
Comments www.soft4boost.com
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-05-04 10:26:20
Entry Point 0x00005019
Number of sections 6
PE sections
PE imports
IsValidAcl
GetTokenInformation
IsValidSid
FreeSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
AllocateAndInitializeSid
InitializeSecurityDescriptor
InitializeAcl
LookupAccountSidA
GetNumberOfEventLogRecords
GetLengthSid
GetAclInformation
IsValidSecurityDescriptor
AuthzFreeResourceManager
AuthzInitializeResourceManager
InitCommonControlsEx
GetOpenFileNameA
ChooseColorA
CertFreeCertificateContext
CertCreateCertificateContext
CreateICA
CreatePen
CreateFontIndirectA
GetTextMetricsA
CombineRgn
UpdateColors
GetBitmapBits
GetDeviceCaps
ExcludeClipRect
LineTo
DeleteDC
BitBlt
CreateBitmapIndirect
RealizePalette
GetObjectA
MoveToEx
GetStockObject
SelectPalette
CreateCompatibleDC
StretchBlt
CreateRectRgn
SelectObject
DeleteObject
CreateCompatibleBitmap
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetSystemTimeAsFileTime
EnterCriticalSection
LCMapStringW
SetHandleCount
lstrlenA
LoadLibraryW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
EncodePointer
CreateFileW
TlsAlloc
GlobalUnlock
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
LoadLibraryA
GetStdHandle
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
GetConsoleMode
DecodePointer
GetCurrentProcessId
CreateDirectoryA
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetProcessHeap
SetStdHandle
RaiseException
WideCharToMultiByte
GetModuleFileNameW
TlsFree
SetFilePointer
HeapSetInformation
ReadFile
SetUnhandledExceptionFilter
WriteFile
CloseHandle
IsProcessorFeaturePresent
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
HeapAlloc
TerminateProcess
IsValidCodePage
HeapCreate
SetLastError
WaitForSingleObject
GlobalAlloc
GlobalLock
TlsGetValue
Sleep
GetFileType
EnumDateFormatsA
TlsSetValue
CreateFileA
GetTickCount
GetCurrentThreadId
LeaveCriticalSection
ExitProcess
GetFileSize
WriteConsoleW
InterlockedIncrement
OleSavePictureFile
OleCreatePictureIndirect
OleLoadPicture
RpcServerRegisterIfEx
NdrContextHandleSize
RpcServerUseProtseqEpA
RpcServerListen
SHGetSpecialFolderLocation
SHGetMalloc
SHGetSpecialFolderPathA
SHGetFolderPathA
QueryContextAttributesA
GetUserNameExA
EmptyClipboard
UpdateWindow
SetPropA
BeginPaint
OffsetRect
DrawIcon
KillTimer
PostQuitMessage
DefWindowProcA
GetPropA
SetWindowPos
IsWindow
GetWindowRect
EndPaint
SetMenu
SetRectEmpty
MessageBoxA
GetWindowDC
CopyImage
DialogBoxParamA
GetWindow
SetClipboardData
GetDC
InsertMenuItemA
CreateDialogParamW
ReleaseDC
RemovePropA
SetWindowTextA
LoadStringA
RegisterClassW
DrawIconEx
SendMessageA
IsWindowEnabled
GetClientRect
SetTimer
IsIconic
ClientToScreen
InvalidateRect
wsprintfA
CreateWindowExA
LoadIconA
DrawTextA
IsDlgButtonChecked
GetFocus
GetMenuItemID
MsgWaitForMultipleObjects
CloseClipboard
DestroyWindow
ExitWindowsEx
PostThreadMessageA
OpenClipboard
DrawThemeBackground
CredUIParseUserNameA
EnumerateLoadedModules
GdipDisposeImage
GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdiplusStartup
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoCreateInstance
CoSuspendClassObjects
GetHGlobalFromStream
Number of PE resources by type
RT_DIALOG 7
RT_GROUP_CURSOR 6
RT_CURSOR 6
RT_ICON 4
RT_BITMAP 2
RT_MANIFEST 1
MUI 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 28
RUSSIAN 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
www.soft4boost.com

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.2.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
272384

EntryPoint
0x5019

OriginalFileName
S4BImageConverter

MIMEType
application/octet-stream

LegalCopyright
Soft4Boost Ltd.

FileVersion
3.2.5.301

TimeStamp
2015:05:04 11:26:20+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.1

ProductVersion
3.2

FileDescription
Soft4Boost Image Converter

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Soft4Boost Ltd.

CodeSize
65024

ProductName
Soft4Boost Image Converter

ProductVersionNumber
3.2.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 7eefb958f27d8cb7abaa8829202fba59
SHA1 13daab6b0b718fb8d3b1e4db23fcbb7a51e175e1
SHA256 ed37874367fd12299e9c7e03491ecb585b5651dfad12883c93e7e5cef9f1959d
ssdeep
6144:2m/nV1Kc9bZSV8uGnfcdBUyEfsEMsk7E6mxueU2ILVWHRfuuAplSP33zshWre:BnVN9bZSVknfcdBUrsEhJ6mNU2ILVe94

authentihash c5159c69fb8f13e6ae99678960e9ddb963cc214111d006d5d10e0f4a86d5e0cd
imphash 79101fb33e85bcaabab66a90c54b98b2
File size 330.5 KB ( 338432 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2015-05-05 01:49:25 UTC ( 3 years, 10 months ago )
Last submission 2015-05-05 01:49:25 UTC ( 3 years, 10 months ago )
File names S4BImageConverter
15.tmp
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
UDP communications