× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ed70a4f3a05605bcbe4b516f7fe9f6d3538124278c2314dca9edc82ddc0d7402
File name: output.112797268.txt
Detection ratio: 48 / 69
Analysis date: 2018-10-03 05:57:33 UTC ( 4 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.31118515 20181003
AegisLab Filerepmalware.Gen!c 20181003
AhnLab-V3 Trojan/Win32.Bladabindi.R192321 20181002
ALYac Trojan.GenericKD.31118515 20181003
Antiy-AVL Trojan/Win32.Yakes 20181003
Arcabit Trojan.Generic.D1DAD4B3 20181003
Avast Win32:Malware-gen 20181003
AVG Win32:Malware-gen 20181003
Avira (no cloud) HEUR/AGEN.1027110 20181003
AVware Trojan.Win32.Generic!BT 20180925
BitDefender Trojan.GenericKD.31118515 20181003
CAT-QuickHeal Trojan.Yakes 20181001
CrowdStrike Falcon (ML) malicious_confidence_80% (D) 20180723
Cybereason malicious.1596ab 20180225
Cylance Unsafe 20181003
Cyren W32/Trojan.XTIF-1589 20181003
DrWeb Trojan.DownLoader26.11210 20181003
Emsisoft Trojan.GenericKD.31118515 (B) 20181003
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Injector.DVIN 20181003
F-Prot W32/Trojan3.ALKA 20181003
F-Secure Trojan.GenericKD.31118515 20181003
GData Trojan.GenericKD.31118515 20181003
Ikarus Trojan.Win32.Krypt 20181002
Sophos ML heuristic 20180717
Jiangmin Trojan.Yakes.ywp 20181003
K7AntiVirus Trojan ( 00524fdc1 ) 20181003
K7GW Trojan ( 00524fdc1 ) 20181001
Kaspersky Trojan.Win32.Yakes.vnwu 20181003
McAfee Artemis!A55AD8D1596A 20181003
McAfee-GW-Edition BehavesLike.Win32.VTFlooder.jc 20181003
Microsoft Trojan:Win32/Skeeyah.A!bit 20181003
eScan Trojan.GenericKD.31118515 20181003
NANO-Antivirus Trojan.Win32.Yakes.exrgus 20181003
Palo Alto Networks (Known Signatures) generic.ml 20181003
Panda Trj/CI.A 20181002
Qihoo-360 Trojan.Generic 20181003
Sophos AV Mal/Generic-S 20181003
Symantec Packed.Generic.526 20181003
Tencent Win32.Trojan.Yakes.Llha 20181003
TrendMicro TSPY_BANKER.THBOFI 20181003
TrendMicro-HouseCall TSPY_BANKER.THBOFI 20181003
VBA32 Trojan.Yakes 20181002
VIPRE Trojan.Win32.Generic!BT 20181002
Webroot W32.Spyware.Noon 20181003
Yandex Trojan.Yakes!Qe0Ok1ehPLo 20180927
Zillya Trojan.Yakes.Win32.67697 20181002
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180925
Alibaba 20180921
Avast-Mobile 20181002
Babable 20180918
Baidu 20180930
Bkav 20181002
ClamAV 20181003
CMC 20181003
Comodo 20181003
eGambit 20181003
Fortinet 20181003
Kingsoft 20181003
Malwarebytes 20181003
MAX 20181003
Rising 20181003
SentinelOne (Static ML) 20180926
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20181001
TACHYON 20181003
TheHacker 20181001
TotalDefense 20181003
Trustlook 20181003
ViRobot 20181002
Zoner 20181002
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Packers identified
F-PROT Neolite
PEiD NeoLite v2.0
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x0019F020
Number of sections 10
PE sections
Overlays
MD5 844ef6c1b361ab5e9044c0374d1931c1
File type data
Offset 497152
Size 165545
Entropy 7.89
PE imports
SHGetFolderPathA
RegFlushKey
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
ImageList_Write
ImageList_Read
ImageList_BeginDrag
ImageList_Destroy
_TrackMouseEvent
ImageList_SetBkColor
ImageList_GetImageCount
ImageList_Draw
ImageList_GetIconSize
ImageList_Remove
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DrawEx
ImageList_GetBkColor
ImageList_Add
ImageList_SetIconSize
ImageList_Create
ImageList_DragEnter
ImageList_EndDrag
GetBrushOrgEx
PolyPolyline
DeleteEnhMetaFile
SetMapMode
GetWindowOrgEx
PatBlt
GetClipBox
GetRgnBox
SaveDC
GetCurrentPositionEx
CreateFontIndirectA
GetTextMetricsA
MaskBlt
CreateBrushIndirect
SetStretchBltMode
GetEnhMetaFilePaletteEntries
GetPixel
GetDCOrgEx
Rectangle
BitBlt
GetObjectA
ExcludeClipRect
LineTo
DeleteDC
RestoreDC
SetBkMode
GetSystemPaletteEntries
SetPixel
EndDoc
CreateSolidBrush
StartPage
DeleteObject
IntersectClipRect
CreateHalftonePalette
GetBkMode
CreateDIBSection
CopyEnhMetaFileA
RealizePalette
SetTextColor
GetDeviceCaps
MoveToEx
SetEnhMetaFileBits
GetDCBrushColor
SetAbortProc
CreateDCA
CreateBitmap
CreateICA
RectVisible
CreatePalette
GetStockObject
CreateDIBitmap
SetViewportOrgEx
SelectPalette
ExtTextOutA
UnrealizeObject
GetDIBits
GetGraphicsMode
GetDIBColorTable
GetEnhMetaFileBits
SetBrushOrgEx
SelectClipRgn
PlayEnhMetaFile
StretchBlt
GetBitmapBits
CreateCompatibleDC
SetROP2
EndPage
SelectObject
StartDocA
GetWinMetaFileBits
SetDIBColorTable
CreateCompatibleBitmap
SetWindowExtEx
GetEnhMetaFileHeader
GetPaletteEntries
SetWindowOrgEx
Polyline
ExtCreatePen
SetBkColor
SetWinMetaFileBits
SetViewportExtEx
GetTextExtentPoint32A
CreatePenIndirect
SetThreadLocale
GetLastError
CopyFileA
GetStdHandle
EnterCriticalSection
GlobalDeleteAtom
ReadFile
lstrlenA
GetFileAttributesA
GlobalFree
WaitForSingleObject
FreeLibrary
MulDiv
GlobalFindAtomA
ExitProcess
GetThreadLocale
GetVersionExA
InterlockedExchange
GlobalUnlock
GetModuleFileNameA
GlobalAlloc
RtlUnwind
LoadLibraryA
GetLocalTime
DeleteCriticalSection
GetStartupInfoA
GetDateFormatA
LoadLibraryExA
SizeofResource
GetLocaleInfoA
LocalAlloc
LockResource
SetErrorMode
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetCPInfo
GetCommandLineA
GetProcAddress
SetFilePointer
RaiseException
CloseHandle
WideCharToMultiByte
GetModuleHandleA
FindFirstFileA
GlobalAddAtomA
WriteFile
EnumCalendarInfoA
GetProfileStringA
CompareStringA
ResetEvent
lstrcpynA
GetACP
GetDiskFreeSpaceA
CreateThread
GlobalLock
FreeResource
GetFullPathNameA
SetEvent
FindResourceA
GetVersion
InitializeCriticalSection
LoadResource
lstrcpyA
VirtualQuery
VirtualFree
CreateEventA
FindClose
InterlockedDecrement
Sleep
FormatMessageA
SetEndOfFile
TlsSetValue
CreateFileA
GetTickCount
GetCurrentThreadId
LeaveCriticalSection
VirtualAlloc
GetCurrentProcessId
InterlockedIncrement
VariantChangeType
SafeArrayGetLBound
SafeArrayPtrOfIndex
SysAllocStringLen
VariantClear
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
SysFreeString
VariantInit
RedrawWindow
GetMessagePos
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
ScrollWindowEx
SetMenuItemInfoA
CharUpperBuffA
WindowFromPoint
DrawIcon
GetMessageTime
SetActiveWindow
GetMenuItemID
GetCursorPos
ReleaseDC
GetClassInfoA
SendMessageW
UnregisterClassA
SendMessageA
GetClientRect
CharLowerBuffA
SetScrollPos
CallNextHookEx
GetKeyboardState
ClientToScreen
GetTopWindow
EnumClipboardFormats
ScrollWindow
GetWindowTextA
GetKeyState
PtInRect
DrawEdge
GetParent
UpdateWindow
SetPropA
EqualRect
EnumWindows
DefMDIChildProcA
CreateCaret
ShowWindow
SetClassLongA
GetPropA
GetMenuState
PeekMessageW
TranslateMDISysAccel
EnableWindow
SetWindowPlacement
PeekMessageA
IsCharAlphaA
TranslateMessage
IsWindowEnabled
GetWindow
DestroyCaret
ActivateKeyboardLayout
InsertMenuItemA
CreatePopupMenu
SystemParametersInfoA
GetIconInfo
LoadStringA
SetParent
SetClipboardData
CharLowerA
IsZoomed
GetWindowPlacement
GetKeyboardLayoutList
DrawMenuBar
IsIconic
RegisterClassA
GetMenuItemCount
GetWindowLongA
SetTimer
OemToCharA
GetActiveWindow
ShowOwnedPopups
FillRect
EnumThreadWindows
CharNextA
GetSysColorBrush
IsWindowUnicode
GetWindowLongW
GetUpdateRect
DestroyWindow
IsChild
IsDialogMessageA
SetFocus
MapVirtualKeyA
GetKeyboardLayoutNameA
SetCapture
BeginPaint
OffsetRect
SetCaretPos
GetScrollPos
KillTimer
RegisterWindowMessageA
DefWindowProcA
DrawFocusRect
MapWindowPoints
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
PostMessageA
ReleaseCapture
EnumChildWindows
GetScrollRange
SetWindowLongA
SetKeyboardState
RemovePropA
SetWindowTextA
CheckMenuItem
GetSubMenu
GetLastActivePopup
DrawIconEx
CreateWindowExA
ScreenToClient
GetClassLongA
InsertMenuA
LoadCursorA
LoadIconA
TrackPopupMenu
SetWindowsHookExA
GetMenuStringA
ValidateRect
IsDialogMessageW
GetSystemMenu
GetDC
SetForegroundWindow
OpenClipboard
EmptyClipboard
DrawTextA
IntersectRect
GetScrollInfo
GetKeyboardLayout
GetCapture
WaitMessage
FindWindowA
MessageBeep
GetCaretPos
RemoveMenu
GetWindowThreadProcessId
ShowScrollBar
GetMenu
DestroyIcon
DrawFrameControl
UnhookWindowsHookEx
RegisterClipboardFormatA
CallWindowProcA
MessageBoxA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
LoadKeyboardLayoutA
GetSysColor
SetScrollInfo
GetMenuItemInfoA
IsCharAlphaNumericA
GetDoubleClickTime
EnableMenuItem
GetKeyNameTextA
IsWindowVisible
GetDesktopWindow
GetClipboardData
CharToOemA
GetDCEx
UnionRect
DispatchMessageW
FrameRect
SetRect
DeleteMenu
InvalidateRect
DefFrameProcA
CreateIcon
IsRectEmpty
GetCursor
GetFocus
CreateMenu
CloseClipboard
GetKeyboardType
SetMenu
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
EnumPrintersA
OpenPrinterA
DocumentPropertiesA
ClosePrinter
Number of PE resources by type
RT_ICON 30
RT_STRING 15
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_DIALOG 2
RT_RCDATA 2
RT_GROUP_ICON 2
Number of PE resources by language
NEUTRAL 43
ENGLISH US 14
RUSSIAN 8
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
25088

LinkerVersion
2.25

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

EntryPoint
0x19f020

InitializedDataSize
1148416

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
516096

File identification
MD5 a55ad8d1596ab028c49ee9830f9fed66
SHA1 43fa175e0d58201d807eae1cfb898e46b324aac8
SHA256 ed70a4f3a05605bcbe4b516f7fe9f6d3538124278c2314dca9edc82ddc0d7402
ssdeep
12288:SPt3mVJHPo8NLW9vg9gVrsVbk7nnUBuwT:CBmV28xPgVrsVinsuwT

authentihash c3d4329684104ded42b6174c16f4546f7ecc33e73c059e1306b396d225a94788
imphash d515a6bf5acb15b8d3eb0893a9d5e375
File size 647.2 KB ( 662697 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (35.7%)
Win16/32 Executable Delphi generic (16.4%)
OS/2 Executable (generic) (16.0%)
Generic Win/DOS Executable (15.8%)
DOS Executable Generic (15.8%)
Tags
corrupt neolite peexe overlay

VirusTotal metadata
First submission 2018-01-25 10:37:02 UTC ( 1 year ago )
Last submission 2019-02-14 14:25:37 UTC ( 6 days, 7 hours ago )
File names 43fa175e0d58201d807eae1cfb898e46b324aac8
myfile.exe
ed70a4f3a05605bcbe4b516f7fe9f6d3538124278c2314dca9edc82ddc0d7402.bin
VirusShare_a55ad8d1596ab028c49ee9830f9fed66
output.112797267.txt
output.112797268.txt
swift0003.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!