× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ed58905fddaa34f6cb19c80fc911435194aa96a76998e295fccd31370995901b
File name: 8l6mk.exe
Detection ratio: 4 / 55
Analysis date: 2015-08-03 14:33:22 UTC ( 2 years, 4 months ago ) View latest
Antivirus Result Update
Avast Win32:Malware-gen 20150803
Kaspersky UDS:DangerousObject.Multi.Generic 20150803
Qihoo-360 HEUR/QVM20.1.Malware.Gen 20150803
TrendMicro BKDR_DRIDEX.SYL 20150803
Ad-Aware 20150803
AegisLab 20150803
Yandex 20150802
AhnLab-V3 20150803
Alibaba 20150803
ALYac 20150803
Antiy-AVL 20150803
Arcabit 20150803
AVG 20150803
Avira (no cloud) 20150803
AVware 20150803
Baidu-International 20150803
BitDefender 20150803
Bkav 20150803
ByteHero 20150803
CAT-QuickHeal 20150803
ClamAV 20150803
Comodo 20150803
Cyren 20150803
DrWeb 20150803
Emsisoft 20150803
ESET-NOD32 20150803
F-Prot 20150803
F-Secure 20150803
Fortinet 20150803
GData 20150803
Ikarus 20150803
Jiangmin 20150731
K7AntiVirus 20150803
K7GW 20150730
Kingsoft 20150803
Malwarebytes 20150803
McAfee 20150803
McAfee-GW-Edition 20150803
Microsoft 20150803
eScan 20150803
NANO-Antivirus 20150803
nProtect 20150803
Panda 20150803
Rising 20150731
Sophos AV 20150803
SUPERAntiSpyware 20150803
Symantec 20150803
Tencent 20150803
TheHacker 20150803
TrendMicro-HouseCall 20150803
VBA32 20150802
VIPRE 20150803
ViRobot 20150803
Zillya 20150803
Zoner 20150803
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Sipro Lab Telecom Inc. 1998-99

Product ACELP.net Audio Codec
Original name sl_anet.acm
Internal name sl_anet.acm
File version 3.02
Description Audio codec for MS ACM
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-08-03 10:16:29
Entry Point 0x00001046
Number of sections 6
PE sections
PE imports
ClusterRegOpenKey
CreateToolhelp32Snapshot
GetConsoleSelectionInfo
LocalFree
RaiseException
CreateThread
GetProcessShutdownParameters
LocalAlloc
DebugSetProcessKillOnExit
WaitForSingleObject
SetEvent
CreateEventA
GetCommProperties
Sleep
GetTempFileNameW
GetComputerNameExW
CreateMailslotA
GetGeoInfoW
PostMessageW
_chkstk
atan
iscntrl
isprint
wcsncat
ZwClose
CoCreateInstance
PdhGetCounterInfoA
CoInternetCompareUrl
Number of PE resources by type
RT_STRING 2
RT_VERSION 1
Number of PE resources by language
ENGLISH US 3
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
8

FileVersionNumber
3.2.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x30003f

CharacterSet
Windows, Latin1

InitializedDataSize
89088

EntryPoint
0x1046

OriginalFileName
sl_anet.acm

MIMEType
application/octet-stream

LegalCopyright
Copyright Sipro Lab Telecom Inc. 1998-99

FileVersion
3.02

TimeStamp
2015:08:03 11:16:29+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
sl_anet.acm

ProductVersion
3.02

FileDescription
Audio codec for MS ACM

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Sipro Lab Telecom Inc.

CodeSize
43008

ProductName
ACELP.net Audio Codec

ProductVersionNumber
3.2.0.0

FileTypeExtension
exe

ObjectFileType
Driver

Compressed bundles
PCAP parents
File identification
MD5 939ee3b203b79f6422ef4a96fde11393
SHA1 3e559a9e3115f0bbee2cbbdfa043a1ede098e054
SHA256 ed58905fddaa34f6cb19c80fc911435194aa96a76998e295fccd31370995901b
ssdeep
1536:Evg7gu5lEjU8+gE6C7a/LlFxDk6XRnLo+ZK0tFaJ9pMb0/iRVFrBa:vgwujUDweSLlFfBn0WK0tFaJl6bFr0

authentihash 9d5886f00c74232d0f305e7d05030fe58a91e1d4ad1b45ee86fe9f4a6610f21d
imphash 3a00f436332227f6147dca955a90f20f
File size 111.0 KB ( 113664 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit system file

TrID Generic Win/DOS Executable (50.0%)
DOS Executable Generic (49.9%)
Tags
peexe

VirusTotal metadata
First submission 2015-08-03 10:37:40 UTC ( 2 years, 4 months ago )
Last submission 2015-11-09 17:41:11 UTC ( 2 years, 1 month ago )
File names 8l6mk.exe
939ee3b203b79f6422ef4a96fde11393.exe
suputf8.exe
8l6mk (1).exe
sl_anet.acm
a9e4d78aac1e125c7caad354c91bfb2beccbfdf1
ttt8l6mk[1].exe
SUPUTF8.EXE
8l6mk[1].exe
8l6mk (2).exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections