× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f2d33e730feba021b2f68ff5c224672fc984c4fb5cde718db6a5fd1fa6084d55
File name: 1329479062.exe
Detection ratio: 3 / 43
Analysis date: 2012-02-17 11:47:06 UTC ( 6 years, 11 months ago ) View latest
Antivirus Result Update
AVG Suspicion: unknown virus 20120216
DrWeb Trojan.DownLoader5.20669 20120217
Jiangmin Trojan/JmGeneric.arl 20120216
AhnLab-V3 20120216
AntiVir 20120217
Antiy-AVL 20120213
Avast 20120217
BitDefender 20120217
ByteHero 20120216
CAT-QuickHeal 20120217
ClamAV 20120217
Commtouch 20120217
Comodo 20120217
Emsisoft 20120217
eSafe 20120216
eTrust-Vet 20120217
F-Prot 20120216
F-Secure 20120217
Fortinet 20120217
GData 20120217
Ikarus 20120217
K7AntiVirus 20120216
Kaspersky 20120217
McAfee 20120217
McAfee-GW-Edition 20120216
Microsoft 20120217
NOD32 20120217
Norman 20120216
nProtect 20120217
Panda 20120216
PCTools 20120217
Prevx 20120217
Rising 20120217
Sophos AV 20120217
SUPERAntiSpyware 20120206
Symantec 20120217
TheHacker 20120217
TrendMicro 20120217
TrendMicro-HouseCall 20120217
VBA32 20120217
VIPRE 20120217
ViRobot 20120217
VirusBuster 20120216
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-06-15 15:50:34
Entry Point 0x000098D2
Number of sections 4
PE sections
Overlays
MD5 671968ecc96953e17c695879bbb01fed
File type data
Offset 163840
Size 109864
Entropy 7.58
PE imports
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegQueryValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyA
SetMapMode
SaveDC
TextOutA
GetClipBox
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
DeleteObject
SetTextColor
CreateBitmap
RectVisible
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
ExtTextOutA
PtVisible
ScaleViewportExtEx
SelectObject
SetWindowExtEx
Escape
SetBkColor
SetViewportExtEx
GetStdHandle
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
LocalAlloc
lstrcatA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
lstrcmpiA
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
EnumResourceLanguagesA
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
InitializeCriticalSection
LoadResource
GlobalHandle
InterlockedDecrement
FormatMessageA
OutputDebugStringA
SetLastError
GlobalFindAtomA
HeapAlloc
GetVersionExA
GetModuleFileNameA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetModuleHandleA
GlobalAddAtomA
SetUnhandledExceptionFilter
ConvertDefaultLocale
TerminateProcess
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GlobalDeleteAtom
GlobalLock
GlobalReAlloc
lstrcmpA
lstrcpyA
lstrcmpW
GetProcAddress
GetLongPathNameW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LocalReAlloc
LCMapStringW
GetSystemInfo
lstrlenA
GlobalFree
LCMapStringA
GlobalGetAtomNameA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
VirtualQuery
lstrlenW
GetEnvironmentStrings
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
WideCharToMultiByte
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
lstrcpynA
GetACP
GetVersion
SizeofResource
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
VirtualAlloc
VariantChangeType
VariantInit
VariantClear
SHGetFolderPathA
PathFindFileNameA
PathFindExtensionA
GetForegroundWindow
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
GetMessagePos
LoadBitmapA
SetWindowPos
DispatchMessageA
GrayStringA
GetMessageTime
GetDC
GetCursorPos
ReleaseDC
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
CallNextHookEx
GetActiveWindow
GetTopWindow
GetWindowTextA
PtInRect
GetMessageA
GetParent
SetPropA
GetClassInfoExA
ShowWindow
GetPropA
ValidateRect
EnableWindow
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
GetWindowPlacement
EnableMenuItem
RegisterClassA
TabbedTextOutA
GetWindowLongA
CreateWindowExA
CopyRect
GetSysColorBrush
DestroyWindow
MapWindowPoints
RegisterWindowMessageA
DefWindowProcA
GetSystemMetrics
IsIconic
GetWindowRect
PostMessageA
SetWindowLongA
RemovePropA
SetWindowTextA
CheckMenuItem
GetSubMenu
GetLastActivePopup
GetDlgItem
GetMenuCheckMarkDimensions
ClientToScreen
GetClassLongA
LoadCursorA
LoadIconA
SetWindowsHookExA
GetMenuItemCount
GetMenuState
GetMenuItemID
SetForegroundWindow
DrawTextA
GetCapture
DrawTextExA
UnhookWindowsHookEx
MessageBoxA
AdjustWindowRectEx
GetSysColor
GetKeyState
SystemParametersInfoA
IsWindowVisible
WinHelpA
wsprintfA
CallWindowProcA
GetClassNameA
GetFocus
ModifyMenuA
SetCursor
OpenPrinterA
DocumentPropertiesA
ClosePrinter
Number of PE resources by type
RT_CURSOR 16
RT_GROUP_CURSOR 15
RT_STRING 13
RT_DIALOG 2
RT_BITMAP 2
BIN 1
Number of PE resources by language
ENGLISH US 49
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2011:06:15 16:50:34+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
118784

LinkerVersion
7.1

EntryPoint
0x98d2

InitializedDataSize
167936

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 e5bf9c400b5abd07b68beb5725467723
SHA1 72641bf23246a411cf9b70de6095da29343c6ab2
SHA256 f2d33e730feba021b2f68ff5c224672fc984c4fb5cde718db6a5fd1fa6084d55
ssdeep
3072:KlC2ZkCfGXOsK3xkRi970ndCaWsEdt3ixl3Hc757iQx9gUutHuKEeRVeq5zD:GCKuXOsK36w70dC1sTH8GQxZoIYVek

authentihash c1d818fc36e88112cfdc9fa6ee693f658fab1f3b47f7bb8f21a9e71fc4a88490
imphash 5f0170f8bb4d57968f2a4fe932fefba6
File size 267.3 KB ( 273704 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (38.7%)
Win64 Executable (generic) (34.3%)
Windows screen saver (16.2%)
Win32 Executable (generic) (5.6%)
Generic Win/DOS Executable (2.4%)
Tags
peexe overlay

VirusTotal metadata
First submission 2012-02-17 11:47:06 UTC ( 6 years, 11 months ago )
Last submission 2016-01-13 04:03:17 UTC ( 3 years ago )
File names E5BF9C400B5ABD07B68BEB5725467723.exe
1329479062.exe
f2d33e730feba021b2f68ff5c224672fc984c4fb5cde718db6a5fd1fa6084d55.vir
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!