× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f31bdf99cc964eb9979bc8974a69d9f0ecc809a19b8b0dea9d53b86dce8ce889
File name: bbucolor.exe
Detection ratio: 24 / 41
Analysis date: 2010-01-11 22:14:08 UTC ( 5 years, 4 months ago ) View latest
Antivirus Result Update
AVG PSW.Generic7.ABFG 20100111
AntiVir DR/PSW.QQPass.kvg 20100111
Antiy-AVL Trojan/Win32.QQPass.gen 20100111
Authentium W32/TrojanX.CEGP 20100111
Avast Win32:Trojan-gen 20100111
BitDefender Trojan.Generic.2500067 20100111
Comodo UnclassifiedMalware 20100111
F-Prot W32/TrojanX.CEGP 20100110
F-Secure Trojan.Generic.2500067 20100111
GData Trojan.Generic.2500067 20100111
Ikarus Trojan-PWS.Win32.QQPass 20100111
Jiangmin Trojan/PSW.QQPass.xrk 20100111
Kaspersky Trojan-PSW.Win32.QQPass.kvg 20100111
McAfee+Artemis Artemis!1745A9EBADF6 20100111
McAfee-GW-Edition Trojan.Dropper.PSW.QQPass.kvg 20100111
Microsoft PWS:Win32/Inido!rts 20100111
NOD32 probably a variant of Win32/PSW.IM 20100111
PCTools Trojan-PSW.Generic 20100111
Panda Trj/CI.A 20100111
Sophos Mal/Generic-A 20100111
Symantec Infostealer 20100111
TrendMicro TROJ_VB.HOT 20100111
a-squared Trojan-PWS.Win32.QQPass!IK 20100111
eSafe Win32.DRPSW.QQPass.K 20100111
AhnLab-V3 20100111
CAT-QuickHeal 20100111
ClamAV 20100111
DrWeb 20100111
Fortinet 20100109
K7AntiVirus 20100111
McAfee 20100111
Norman 20100111
Prevx 20100111
Rising 20100111
Sunbelt 20100111
TheHacker 20100111
VBA32 20100111
ViRobot 20100111
VirusBuster 20100111
eTrust-Vet 20100111
nProtect 20100111
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Developer metadata
Copyright
Copyright by Alanoll

Publisher Alanoll, n
Product BBU Color Changer
File version 1.0.0.0
Description Packaged with Paquet Builder - Freeware edition. Personal use only.
Comments Packed with Paquet Builder, see http://www.gdgsoft.com
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Link date 11:22 PM 6/19/1992
Entry Point 0x00002EF4
Number of sections 8
PE sections
PE imports
InitCommonControls
LocalReAlloc
FreeLibrary
ExitProcess
LoadLibraryA
RtlUnwind
GetModuleFileNameA
SizeofResource
LocalAlloc
LockResource
DeleteFileA
UnhandledExceptionFilter
GetCommandLineA
GetProcAddress
GetTempPathA
RaiseException
GetModuleHandleA
WriteFile
CloseHandle
GetTempFileNameA
FreeResource
LocalFree
LocalSize
LoadResource
VirtualFree
TlsGetValue
TlsSetValue
CreateFileA
GetCurrentThreadId
FindResourceA
VirtualAlloc
GetActiveWindow
MessageBoxA
Number of PE resources by type
RT_ICON 4
RT_MANIFEST 1
RT_VERSION 1
RT_RCDATA 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 6
ENGLISH US 2
ExifTool file metadata
Web
MSFN

UninitializedDataSize
0

Comments
Packed with Paquet Builder, see http://www.gdgsoft.com

LinkerVersion
2.25

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
132096

MIMEType
application/octet-stream

LegalCopyright
Copyright by Alanoll

FileVersion
1.0.0.0

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
4.0

ProductVersion
1.0.0.0

FileDescription
Packaged with Paquet Builder - Freeware edition. Personal use only.

OSVersion
1.0

FileOS
Windows 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Alanoll, n

CodeSize
8192

ProductName
BBU Color Changer

ProductVersionNumber
1.0.0.0

EntryPoint
0x2ef4

ObjectFileType
Executable application

File identification
MD5 1745a9ebadf6814883c9fe2cb0d18807
SHA1 7ec5640e86413e4b9c08001b355920b1cbbadb65
SHA256 f31bdf99cc964eb9979bc8974a69d9f0ecc809a19b8b0dea9d53b86dce8ce889
ssdeep
3072:GK4VMJDTfkxRXljjmRVdChJWxrnT0uSCJHlCJf5h3V7mD/TS2lusd9cVcBI:eMJfcH1/EVd2JWxH0uXJFCJfXF7mzTF4

authentihash a9aaab42722655bfa06a17c3694156d51709cb1e45a880d5723ad7b39e3dc539
imphash 6949b83c11def6b983459bc9bf5e8c13
File size 172.9 KB ( 177096 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2009-06-01 18:58:33 UTC ( 6 years ago )
Last submission 2015-01-17 07:22:39 UTC ( 4 months, 2 weeks ago )
File names bbucolor.exe
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/doc/pua.html .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!