× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f1f4dcbcc284e7d600633f0dae066518d41d6e63e9f682be99ef735449d9ae62
File name: vt-upload-FIo3C
Detection ratio: 25 / 50
Analysis date: 2014-02-28 07:34:55 UTC ( 3 years ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.343404 20140228
AhnLab-V3 Backdoor/Win32.Androm 20140228
AntiVir TR/Crypt.Xpack.58516 20140228
Antiy-AVL Trojan[Spy]/Win32.Zbot 20140228
Avast Win32:Downloader-VAG [Trj] 20140228
AVG PSW.Generic12.ADWH 20140228
Baidu-International Trojan.Win32.Zbot.AlY 20140228
BitDefender Gen:Variant.Kazy.343404 20140228
DrWeb Trojan.PWS.Panda.2982 20140228
Emsisoft Gen:Variant.Kazy.343404 (B) 20140228
ESET-NOD32 a variant of Win32/Injector.AYQG 20140228
F-Secure Gen:Variant.Kazy.343404 20140228
GData Gen:Variant.Kazy.343404 20140228
Kaspersky Trojan-Spy.Win32.Zbot.rqcl 20140228
Kingsoft Win32.Troj.Zbot.rq.(kcloud) 20140228
Malwarebytes Trojan.Inject.ED 20140228
McAfee Artemis!1D9A13308BF8 20140228
McAfee-GW-Edition Artemis!1D9A13308BF8 20140228
eScan Gen:Variant.Kazy.343404 20140228
Panda Trj/Zbot.M 20140227
Qihoo-360 HEUR/Malware.QVM20.Gen 20140228
Sophos Mal/Generic-S 20140228
Symantec WS.Reputation.1 20140228
TrendMicro-HouseCall TROJ_GEN.R00JH07BR14 20140228
VIPRE Trojan.Win32.Generic!BT 20140228
Yandex 20140228
Bkav 20140227
ByteHero 20140228
CAT-QuickHeal 20140228
ClamAV 20140227
CMC 20140220
Commtouch 20140228
Comodo 20140228
F-Prot 20140228
Fortinet 20140228
Ikarus 20140228
Jiangmin 20140228
K7AntiVirus 20140227
K7GW 20140227
Microsoft 20140228
NANO-Antivirus 20140228
Norman 20140228
nProtect 20140227
Rising 20140227
SUPERAntiSpyware 20140228
TheHacker 20140226
TotalDefense 20140227
TrendMicro 20140228
VBA32 20140227
ViRobot 20140228
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-02-25 13:59:16
Entry Point 0x00001041
Number of sections 4
PE sections
PE imports
GetCPInfo
MapViewOfFile
GetEnvironmentVariableA
GetModuleFileNameW
GetVersionExW
ClearCommBreak
HeapSize
GetSystemTimeAsFileTime
CreateFileMappingA
VirtualQuery
VirtualAlloc
Ord(3820)
Ord(2438)
Ord(4621)
Ord(537)
Ord(5298)
Ord(354)
Ord(2980)
Ord(6371)
Ord(1971)
Ord(693)
Ord(665)
Ord(4073)
Ord(6048)
Ord(2362)
Ord(5257)
Ord(4435)
Ord(755)
Ord(5436)
Ord(5727)
Ord(940)
Ord(3744)
Ord(4616)
Ord(3917)
Ord(6370)
Ord(815)
Ord(3257)
Ord(2546)
Ord(641)
Ord(4155)
Ord(389)
Ord(1165)
Ord(2388)
Ord(6379)
Ord(567)
Ord(3076)
Ord(6390)
Ord(3210)
Ord(5285)
Ord(6330)
Ord(356)
Ord(4667)
Ord(825)
Ord(5710)
Ord(5237)
Ord(5276)
Ord(4401)
Ord(540)
Ord(2858)
Ord(5706)
Ord(4692)
Ord(1767)
Ord(2371)
Ord(4480)
Ord(4229)
Ord(2294)
Ord(823)
Ord(2047)
Ord(2504)
Ord(3142)
Ord(800)
Ord(5157)
Ord(470)
Ord(6051)
Ord(5261)
Ord(3074)
Ord(2613)
Ord(3592)
Ord(1197)
Ord(4269)
Ord(535)
Ord(2977)
Ord(2116)
Ord(4418)
Ord(4831)
Ord(369)
Ord(858)
Ord(4992)
Ord(4459)
Ord(2377)
Ord(3825)
Ord(4419)
Ord(4074)
Ord(2640)
Ord(1089)
Ord(5446)
Ord(5180)
Ord(3365)
Ord(3254)
Ord(2506)
Ord(3341)
Ord(2574)
Ord(5273)
Ord(2971)
Ord(4347)
Ord(324)
Ord(5296)
Ord(1768)
Ord(4704)
Ord(2385)
Ord(3793)
Ord(3826)
Ord(5193)
Ord(4847)
Ord(1720)
Ord(4075)
Ord(4396)
Ord(3313)
Ord(668)
Ord(1131)
Ord(3635)
Ord(3733)
Ord(5303)
Ord(2717)
Ord(861)
Ord(561)
Ord(1143)
Ord(3658)
Ord(6372)
Ord(3131)
Ord(5059)
Ord(4370)
Ord(5286)
Ord(860)
__CxxFrameHandler
??1type_info@@UAE@XZ
memset
strcat
wcscmp
fopen
memcpy
AppendMenuW
GetWindowTextLengthA
IsIconic
LoadCursorA
SendMessageW
TrackPopupMenu
GetWindowRect
EnableWindow
SetDlgItemTextA
DrawIcon
GetSystemMetrics
GetClientRect
GetSystemMenu
InsertMenuW
GetWindowLongW
IsWindow
LoadIconW
EnableMenuItem
SetActiveWindow
SetWindowLongW
Number of PE resources by type
RT_DIALOG 3
RT_STRING 1
RT_HTML 1
Number of PE resources by language
CHINESE SIMPLIFIED 5
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2014:02:25 14:59:16+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
8192

LinkerVersion
6.0

FileAccessDate
2014:02:28 09:08:22+01:00

EntryPoint
0x1041

InitializedDataSize
49152

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

FileCreateDate
2014:02:28 09:08:22+01:00

UninitializedDataSize
0

File identification
MD5 1d9a13308bf862ba36a73d1ae84464fb
SHA1 89a989321c62f836a8081bf38438dd1a365de97c
SHA256 f1f4dcbcc284e7d600633f0dae066518d41d6e63e9f682be99ef735449d9ae62
ssdeep
6144:dfoBZU24UropYaN64NlpuYL+fy6EOf5FefYJoYgljJnGdzKf16cy:SIYa04NlpuYLcybUFeANglAlK9Jy

imphash 23184c4f36e1b3dfcc75bd7a448060b5
File size 304.9 KB ( 312168 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2014-02-28 07:34:55 UTC ( 3 years ago )
Last submission 2014-02-28 07:34:55 UTC ( 3 years ago )
File names vt-upload-FIo3C
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!