× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f24273a466d8543357959feca85441fd3c621ee170439a3a6aebcf1d9830df07
File name: 6VRjCFx.exe
Detection ratio: 5 / 42
Analysis date: 2012-08-25 06:46:48 UTC ( 6 years, 6 months ago ) View latest
Antivirus Result Update
BitDefender Trojan.Generic.KD.707357 20120825
F-Secure Trojan.Generic.KD.707357 20120825
Fortinet W32/Cridex.DS!tr 20120825
GData Trojan.Generic.KD.707357 20120825
Kaspersky Trojan-Spy.Win32.Zbot.eqwz 20120825
AhnLab-V3 20120824
AntiVir 20120824
Antiy-AVL 20120824
Avast 20120824
AVG 20120825
ByteHero 20120824
CAT-QuickHeal 20120825
ClamAV 20120825
Commtouch 20120824
Comodo 20120825
DrWeb 20120825
Emsisoft 20120825
eSafe 20120823
ESET-NOD32 20120824
F-Prot 20120824
Ikarus 20120825
Jiangmin 20120825
K7AntiVirus 20120824
McAfee 20120825
McAfee-GW-Edition 20120825
Microsoft 20120825
Norman 20120824
nProtect 20120824
Panda 20120824
PCTools 20120825
Rising 20120824
Sophos AV 20120825
SUPERAntiSpyware 20120825
Symantec 20120825
TheHacker 20120824
TotalDefense 20120824
TrendMicro 20120825
TrendMicro-HouseCall 20120825
VBA32 20120824
VIPRE 20120825
ViRobot 20120825
VirusBuster 20120824
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-08-24 19:20:41
Entry Point 0x00001240
Number of sections 6
PE sections
Overlays
MD5 a76503e11bbd9e12b04f7b94173102b5
File type data
Offset 361472
Size 512
Entropy 7.63
PE imports
GetCommandLineA
GetModuleHandleA
ExitProcess
GetStartupInfoA
SetUnhandledExceptionFilter
_cexit
__p__fmode
cos
__p__environ
signal
malloc
_onexit
atexit
_setmode
__getmainargs
_iob
strcmp
__set_app_type
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
512

LinkerVersion
2.56

ImageVersion
1.0

FileVersionNumber
1.3.2.229

LanguageCode
Unknown (045E)

FileFlagsMask
0x0000

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit, No debug

CharacterSet
Windows, Latin1

InitializedDataSize
327168

EntryPoint
0x1240

MIMEType
application/octet-stream

TimeStamp
2012:08:24 20:20:41+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Unknown (0)

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
33280

FileSubtype
0

ProductVersionNumber
1.3.2.229

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 4e198dcc2a1a74b5c23ea16095a0a68d
SHA1 cae319a34dc0659ec948e662399ecd44c3e40396
SHA256 f24273a466d8543357959feca85441fd3c621ee170439a3a6aebcf1d9830df07
ssdeep
6144:e36wMPKotBguFq/4N0OQ6iQHWSRpjvpyoWlRlDqDjl4AFyO7Q479VulTweZ5NC:SEPBg5/4W6ifSRPFWlRl2t4AyiQaA8eY

authentihash 7dce2c0a5fa6409cce2dbfd94eb548c39cec20fdb48565ab28fe607234c1dcab
imphash 91f82168f1c0d622c00cb0cde3b2465a
File size 353.5 KB ( 361984 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (43.5%)
Microsoft Visual C++ compiled executable (generic) (26.0%)
Win32 Dynamic Link Library (generic) (10.3%)
Win32 Executable (generic) (7.1%)
Win16/32 Executable Delphi generic (3.2%)
Tags
peexe overlay

VirusTotal metadata
First submission 2012-08-25 06:46:48 UTC ( 6 years, 6 months ago )
Last submission 2019-02-07 15:33:12 UTC ( 1 month, 1 week ago )
File names 6VRjCFx.exe
file-4415070_ex
1345990693.6VRjCFx.ex
f24273a466d8543357959feca85441fd3c621ee170439a3a6aebcf1d9830df07.bin
4e198dcc2a1a74b5c23ea16095a0a68d
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!