× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ed48518593132716dc072e68c982d7d54b2cff46eb4bb477e6ed60aa9890fb7d
File name: d14d2bfba223fd148df4532ba11a0e25.virus
Detection ratio: 37 / 55
Analysis date: 2016-11-03 09:00:39 UTC ( 2 years, 3 months ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.3654065 20161103
AegisLab Troj.Crypt.Zpack!c 20161103
AhnLab-V3 Trojan/Win32.Yakes.N2142069590 20161103
ALYac Trojan.GenericKD.3654065 20161103
Antiy-AVL Trojan/Win32.Yakes 20161103
Arcabit Trojan.Generic.D37C1B1 20161103
Avast Win32:Malware-gen 20161103
AVG Crypt6.IJS 20161103
Avira (no cloud) TR/Crypt.ZPACK.ncsag 20161102
AVware Trojan.Win32.Generic!BT 20161103
BitDefender Trojan.GenericKD.3654065 20161103
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20161024
DrWeb Trojan.Siggen6.58358 20161103
Emsisoft Trojan.GenericKD.3654065 (B) 20161103
ESET-NOD32 a variant of Win32/Kryptik.FIRE 20161103
F-Secure Trojan.GenericKD.3654065 20161103
Fortinet W32/Yakes.FIRE!tr 20161103
GData Trojan.GenericKD.3654065 20161103
Ikarus Trojan.Win32.Crypt 20161102
Sophos ML backdoor.win32.kasidet.c 20161018
K7AntiVirus Trojan ( 004fbe251 ) 20161103
K7GW Trojan ( 004fbe251 ) 20161103
Kaspersky Trojan.Win32.Yakes.rklx 20161103
Malwarebytes Trojan.Yakes 20161103
McAfee RDN/Generic.grp 20161103
McAfee-GW-Edition BehavesLike.Win32.IBryte.dm 20161103
Microsoft TrojanDownloader:Win32/Talalpek.A 20161103
eScan Trojan.GenericKD.3654065 20161103
NANO-Antivirus Trojan.Win32.ZPACK.ehzkmv 20161103
nProtect Trojan/W32.Agent.301568.HB 20161101
Qihoo-360 Win32/Trojan.5b3 20161103
Sophos AV Mal/Generic-S 20161103
Symantec Trojan.Gen 20161103
Tencent Win32.Trojan.Kryptik.Woft 20161103
TrendMicro-HouseCall TROJ_GEN.R047C0VJV16 20161103
VIPRE Trojan.Win32.Generic!BT 20161103
Yandex Trojan.Yakes!uc+2R/79HuA 20161102
Alibaba 20161103
Baidu 20161103
Bkav 20161102
CAT-QuickHeal 20161103
ClamAV 20161103
CMC 20161103
Comodo 20161103
Cyren 20161103
F-Prot 20161103
Jiangmin 20161103
Kingsoft 20161103
Panda 20161102
Rising 20161103
SUPERAntiSpyware 20161103
TheHacker 20161101
TrendMicro 20161103
VBA32 20161102
ViRobot 20161103
Zillya 20161102
Zoner 20161103
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2005-2013 COMODO. All rights reserved

Product COMODO Internet Security
Original name bsm_chrome.exe
Internal name bsm_chrome.exe
File version 26.0.1410.43
Description COMODO Internet Security
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-10-27 13:02:57
Entry Point 0x000042F9
Number of sections 4
PE sections
PE imports
DeviceIoControl
InitializeCriticalSectionAndSpinCount
HeapFree
IsProcessorFeaturePresent
EnterCriticalSection
LCMapStringW
SetHandleCount
LoadLibraryW
GetLastError
GetConsoleCP
GetModuleHandleW
FreeLibrary
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetFileAttributesW
GetStdHandle
GetModuleFileNameA
CopyFileW
HeapSetInformation
GetCurrentProcess
LoadLibraryExA
GetConsoleMode
DecodePointer
GetCurrentProcessId
GetCommandLineW
WriteConsoleW
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetCPInfo
QueryDosDeviceW
GetProcAddress
EncodePointer
GetStartupInfoW
ExitProcess
SetFilePointer
WideCharToMultiByte
GetModuleFileNameW
TlsFree
GetModuleHandleA
DeleteCriticalSection
SetUnhandledExceptionFilter
WriteFile
CloseHandle
GetSystemTimeAsFileTime
GetCommandLineA
GetACP
HeapReAlloc
GetStringTypeW
GetVersion
GetOEMCP
LocalFree
TerminateProcess
RtlUnwind
IsValidCodePage
HeapCreate
CreateFileW
TlsGetValue
Sleep
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
GetCurrentThreadId
InterlockedIncrement
SetLastError
LeaveCriticalSection
GetCursorPos
GetMonitorInfoW
SetTimer
MonitorFromPoint
LoadStringW
KillTimer
SetForegroundWindow
SetWindowPos
DestroyWindow
Number of PE resources by type
RT_ICON 23
RT_GROUP_ICON 8
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 28
NEUTRAL 5
PE resources
ExifTool file metadata
CodeSize
39936

SubsystemVersion
5.0

OfficialBuild
0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
26.0.1410.43

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

FileDescription
COMODO Internet Security

CharacterSet
Unicode

InitializedDataSize
358912

EntryPoint
0x42f9

OriginalFileName
bsm_chrome.exe

MIMEType
application/octet-stream

LegalCopyright
2005-2013 COMODO. All rights reserved

CompanyShortName
COMODO

FileVersion
26.0.1410.43

TimeStamp
2016:10:27 14:02:57+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
bsm_chrome.exe

ProductVersion
26.0.1410.43

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
COMODO Security Solutions

ProductShortName
COMODO Internet Security

ProductName
COMODO Internet Security

ProductVersionNumber
26.0.1410.43

LastChange
189671

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 d14d2bfba223fd148df4532ba11a0e25
SHA1 103e1d7b572992ad0ca13e249951ffaf7ec0b3be
SHA256 ed48518593132716dc072e68c982d7d54b2cff46eb4bb477e6ed60aa9890fb7d
ssdeep
6144:VL6ciN5FJFVQeQg9odNxxUf2ZmjTIbRiIld63cjnk/GGGGGSGGGGSGGGGG:VL6ciTFpQezoxUf2CIlv03cLk

authentihash 61148f5b48cd9cc1bfa096185cee02e5139b05ea7e7f5aa81ec932e5b68304a6
imphash b468103838bd86a351e73665a174cb82
File size 294.5 KB ( 301568 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-10-30 21:00:12 UTC ( 2 years, 3 months ago )
Last submission 2016-10-30 21:00:12 UTC ( 2 years, 3 months ago )
File names d14d2bfba223fd148df4532ba11a0e25.virus
bsm_chrome.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications