× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f7cc636ed4dbc8e9184b4d5d12228797c6f37e1964ffddd193dd6b610161ffde
File name: Product (2).exe
Detection ratio: 12 / 67
Analysis date: 2017-11-09 05:26:25 UTC ( 1 year, 5 months ago ) View latest
Antivirus Result Update
ClamAV Win.Packer.VbPack-0-6334882-0 20171109
CrowdStrike Falcon (ML) malicious_confidence_60% (D) 20171016
Cylance Unsafe 20171109
Endgame malicious (high confidence) 20171024
Fortinet W32/GenKryptik.BANO!tr 20171109
Ikarus Trojan.VB.Crypt 20171109
Sophos ML heuristic 20170914
Kaspersky UDS:DangerousObject.Multi.Generic 20171109
Qihoo-360 HEUR/QVM03.0.0F84.Malware.Gen 20171109
SentinelOne (Static ML) static engine - malicious 20171019
Sophos AV Mal/FareitVB-M 20171109
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20171109
Ad-Aware 20171109
AegisLab 20171109
AhnLab-V3 20171109
Alibaba 20170911
ALYac 20171109
Antiy-AVL 20171103
Arcabit 20171109
Avast 20171109
Avast-Mobile 20171108
AVG 20171109
Avira (no cloud) 20171109
AVware 20171109
Baidu 20171109
BitDefender 20171109
Bkav 20171108
CAT-QuickHeal 20171108
CMC 20171104
Comodo 20171109
Cybereason 20171030
Cyren 20171109
DrWeb 20171109
eGambit 20171109
Emsisoft 20171109
ESET-NOD32 20171109
F-Prot 20171109
F-Secure 20171109
GData 20171109
Jiangmin 20171109
K7AntiVirus 20171109
K7GW 20171109
Kingsoft 20171109
Malwarebytes 20171109
MAX 20171109
McAfee 20171109
McAfee-GW-Edition 20171109
Microsoft 20171109
eScan 20171109
NANO-Antivirus 20171109
nProtect 20171109
Palo Alto Networks (Known Signatures) 20171109
Panda 20171108
Rising 20171109
SUPERAntiSpyware 20171109
Symantec 20171108
Symantec Mobile Insight 20171107
Tencent 20171109
TheHacker 20171102
TrendMicro 20171109
TrendMicro-HouseCall 20171109
Trustlook 20171109
VBA32 20171108
VIPRE 20171109
ViRobot 20171109
Webroot 20171109
WhiteArmor 20171104
Yandex 20171108
Zillya 20171108
Zoner 20171109
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Holo_11

Product Holo_11
Original name Storcirklens0.exe
Internal name Storcirklens0
File version 2.05.0009
Description Holo_11
Comments Holo_11
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-11-08 21:32:57
Entry Point 0x000011AC
Number of sections 3
PE sections
PE imports
_adj_fdiv_m32
__vbaChkstk
_CIcos
EVENT_SINK_QueryInterface
_allmul
_adj_fdivr_m64
_adj_fprem
_adj_fpatan
EVENT_SINK_AddRef
Ord(693)
_adj_fdiv_m32i
__vbaExceptHandler
__vbaSetSystemError
DllFunctionCall
__vbaFPException
_adj_fdivr_m16i
__vbaStrMove
_adj_fdiv_r
Ord(100)
_adj_fdiv_m64
__vbaStrCmp
__vbaHresultCheckObj
_CIsqrt
_CIsin
_CIlog
EVENT_SINK_Release
_adj_fptan
_CItan
__vbaErrorOverflow
_CIatan
__vbaFreeStr
_adj_fdivr_m32i
_CIexp
__vbaStrI2
_adj_fprem1
_adj_fdivr_m32
__vbaStrCat
__vbaFreeStrList
_adj_fdiv_m16i
Number of PE resources by type
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
ENGLISH US 1
PE resources
ExifTool file metadata
CodeSize
131072

SubsystemVersion
4.0

Comments
Holo_11

LinkerVersion
6.0

ImageVersion
2.5

FileSubtype
0

FileVersionNumber
2.5.0.9

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Holo_11

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
8192

EntryPoint
0x11ac

OriginalFileName
Storcirklens0.exe

MIMEType
application/octet-stream

LegalCopyright
Holo_11

FileVersion
2.05.0009

TimeStamp
2017:11:08 22:32:57+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Storcirklens0

ProductVersion
2.05.0009

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
HecKIN

LegalTrademarks
Holo_11

ProductName
Holo_11

ProductVersionNumber
2.5.0.9

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 79f54a25d58be9e19b16f44a6a7a9f61
SHA1 414b1d73600b625ca4c15428c21cd8a299225b44
SHA256 f7cc636ed4dbc8e9184b4d5d12228797c6f37e1964ffddd193dd6b610161ffde
ssdeep
3072:Q3indsEjItlyCQnw+NAzy0sg11ysZn3ua2:QSnWvlybntSe0sg1ky

authentihash f67dd55e5eb6b59126d493a587b01a7e0fd8315aba38145a4a2541d2075d6d14
imphash cb67bfbf5880a76f174a0aadc8468c0c
File size 140.0 KB ( 143360 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (88.6%)
Win32 Executable (generic) (4.8%)
OS/2 Executable (generic) (2.1%)
Generic Win/DOS Executable (2.1%)
DOS Executable Generic (2.1%)
Tags
peexe

VirusTotal metadata
First submission 2017-11-09 05:12:53 UTC ( 1 year, 5 months ago )
Last submission 2017-11-13 01:14:14 UTC ( 1 year, 5 months ago )
File names Storcirklens0
SAMPLES 09_11_2017 (42)
Product (2).exe
Product.exe
Storcirklens0.exe
Product (2).exe.virus
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!