× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f7f347d47ade76589b1d6c9986ae76d11b05f946a61fd13e888ec4e36c3cc470
File name: 44465b1f10c5d021648f0fe9803e5085.vir
Detection ratio: 52 / 66
Analysis date: 2018-05-19 23:59:46 UTC ( 4 days, 6 hours ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.11216 20180520
AegisLab Win.Troj.Agent.mbOV 20180519
AhnLab-V3 PUP/Win32.LoadMoney.R124294 20180519
ALYac Gen:Variant.Razy.11216 20180520
Antiy-AVL HackTool[Hoax]/Win32.ArchSMS 20180519
AVG Win32:LoadMoney-APN [Adw] 20180519
Avira (no cloud) PUA/LoadMoney.Gen7 20180519
AVware Trojan.Win32.Generic.pak!cobra 20180519
Babable Malware.HighConfidence 20180406
BitDefender Gen:Variant.Razy.11216 20180519
Bkav HW32.Packed.EBAF 20180518
CAT-QuickHeal Trojan.Sisproc.A6 20180519
ClamAV Win.Adware.LoadMoney-3644756-1 20180519
Comodo Application.Win32.LoadMoney.XST 20180519
Cylance Unsafe 20180520
Cyren W32/LoadMoney.DN.gen!Eldorado 20180519
DrWeb Trojan.LoadMoney.364 20180519
Emsisoft Gen:Variant.Razy.11216 (B) 20180519
Endgame malicious (high confidence) 20180507
ESET-NOD32 a variant of Win32/Adware.LoadMoney.AAD 20180519
F-Prot W32/LoadMoney.DN.gen!Eldorado 20180519
F-Secure Gen:Variant.Razy.11216 20180519
Fortinet W32/Kryptik.CPAR!tr 20180519
GData Gen:Variant.Razy.11216 20180519
Ikarus Virus.Win32.Cryptor 20180519
Sophos ML heuristic 20180504
Jiangmin Packed.Krap.evet 20180520
K7AntiVirus Unwanted-Program ( 0040f98d1 ) 20180519
K7GW Unwanted-Program ( 0040f98d1 ) 20180520
Kaspersky HEUR:Hoax.Win32.ArchSMS.gen 20180519
Malwarebytes PUP.Optional.LoadMoney 20180519
MAX malware (ai score=100) 20180520
McAfee Packed-CQ 20180519
McAfee-GW-Edition BehavesLike.Win32.Worm.gh 20180519
Microsoft SoftwareBundler:Win32/Ogimant 20180519
eScan Gen:Variant.Razy.11216 20180519
NANO-Antivirus Trojan.Win32.Plocust.diluss 20180520
Palo Alto Networks (Known Signatures) generic.ml 20180520
Panda Trj/Genetic.gen 20180519
Qihoo-360 HEUR/QVM20.1.Malware.Gen 20180520
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Troj/LdMon-J 20180519
SUPERAntiSpyware PUP.LoadMoney/Variant 20180519
Symantec PUA.Gen.2 20180519
Tencent Win32.Adware.Bp-startpage.Renw 20180520
TotalDefense Win32/Ogiman.bJMJFc 20180519
TrendMicro Possible_Ogimant 20180520
TrendMicro-HouseCall Possible_Ogimant 20180519
VBA32 TScope.Malware-Cryptor.SB 20180518
VIPRE Trojan.Win32.Generic.pak!cobra 20180519
Webroot W32.Adware.Gen 20180520
ZoneAlarm by Check Point HEUR:Hoax.Win32.ArchSMS.gen 20180520
Alibaba 20180518
Arcabit 20180519
Avast 20180520
Avast-Mobile 20180519
Baidu 20180518
CMC 20180519
CrowdStrike Falcon (ML) 20180202
Cybereason None
eGambit 20180520
Kingsoft 20180520
nProtect 20180519
Rising 20180519
Symantec Mobile Insight 20180519
TheHacker 20180516
Trustlook 20180520
ViRobot 20180519
Yandex 20180518
Zillya 20180519
Zoner 20180520
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
998 Ma8-20no0rk Ruichssiv

Product ternals Desin wbugvieSy
Original name fdjuu5we.exe
Internal name rnaStels Deut Viebug sinOuertpw
File version 4.76
Description AllowMultipleInstances
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x000014DB
Number of sections 6
PE sections
PE imports
LsaICLookupSidsWithCreds
CryptHashSessionKey
CryptSetProviderExA
CredUnmarshalCredentialW
CredGetTargetInfoW
CredWriteA
ReportEventW
LsaSetTrustedDomainInfoByName
CryptGetDefaultProviderA
ObjectDeleteAuditAlarmW
LsaEnumeratePrivilegesOfAccount
AreAnyAccessesGranted
StartServiceA
SetTokenInformation
SaferSetLevelInformation
SaferiRecordEventLogEntry
RegReplaceKeyW
CryptGetDefaultProviderW
GetTraceLoggerHandle
GetServiceDisplayNameW
FlatSB_ShowScrollBar
ImageList_Write
ImageList_Duplicate
PropertySheetA
ImageList_SetOverlayImage
ImageList_Remove
CreateStatusWindowW
ImageList_DragMove
ImageList_SetBkColor
ImageList_Draw
DrawStatusText
FlatSB_GetScrollPos
CreateToolbar
ImageList_Merge
ImageList_Create
DrawInsert
FlatSB_GetScrollRange
FlatSB_GetScrollInfo
ImageList_GetImageRect
ImageList_ReplaceIcon
UninitializeFlatSB
PrintDlgA
ReplaceTextA
FindTextA
CommDlgExtendedError
GetOpenFileNameW
GetOpenFileNameA
ChooseColorA
FindTextW
ReplaceTextW
PrintDlgW
PageSetupDlgW
ChooseFontA
RestoreDC
EnumFontFamiliesExA
GetOutlineTextMetricsA
CreateEllipticRgn
GdiAddGlsBounds
GetBoundsRect
SetBkMode
GdiSetPixelFormat
SetRelAbs
ResetDCA
SetPixel
SetBitmapAttributes
GetCharABCWidthsFloatA
WidenPath
EngMarkBandingSurface
GdiGetCodePage
GetFontLanguageInfo
CreateCompatibleDC
GetTextCharacterExtra
GetGlyphOutlineA
OpenMutexA
GetWriteWatch
IsBadStringPtrW
GetConsoleOutputCP
UpdateResourceW
FindResourceA
WriteConsoleInputA
RequestDeviceWakeup
AddVectoredExceptionHandler
ReplaceFileA
ReplaceFile
GlobalFindAtomA
GlobalAlloc
GetConsoleHardwareState
GetCommMask
GetFileAttributesW
SetFileApisToOEM
CreateNamedPipeA
VerifyVersionInfoW
FindFirstChangeNotificationW
GlobalSize
TransmitCommChar
HeapCompact
SetCriticalSectionSpinCount
EnumResourceLanguagesW
GetConsoleMode
GetLocaleInfoA
SetUserGeoID
DelayLoadFailureHook
ChangeTimerQueueTimer
GetStartupInfoW
GetComPlusPackageInstallStatus
GetFileInformationByHandle
BackupRead
GetCPInfoExW
GlobalLock
GetLocaleInfoW
RestoreLastError
CreateWaitableTimerW
WriteTapemark
GlobalWire
FindNextVolumeMountPointA
GlobalAddAtomW
CreateSemaphoreA
MapViewOfFile
SetFilePointer
FreeLibraryAndExitThread
GetExitCodeThread
VerLanguageNameW
GetProcessPriorityBoost
RtlCaptureContext
MulDiv
IsBadHugeReadPtr
FindVolumeMountPointClose
FindFirstFileW
UnlockFileEx
ExpandEnvironmentStringsA
FindActCtxSectionStringW
GetNumberOfConsoleFonts
WriteProfileSectionA
SetProcessAffinityMask
TerminateProcess
GetProcessAffinityMask
IsProcessInJob
ReadFileScatter
GetLocalTime
FoldStringA
OutputDebugStringW
GlobalCompact
GlobalHandle
FindNextFileW
SetFileShortNameW
AllocConsole
lstrcpyn
QueryDosDeviceW
GetFileType
GetVolumePathNamesForVolumeNameW
GetProcessVersion
VirtualQueryEx
SetLocaleInfoW
ReadConsoleInputExA
BeginUpdateResourceA
ReadClassStg
StgSetTimes
OleQueryLinkFromData
CoWaitForMultipleHandles
CoInitialize
CoAddRefServerProcess
StgOpenStorageOnHandle
OleInitializeWOW
GetClassFile
CoGetInterfaceAndReleaseStream
HBRUSH_UserMarshal
CoFileTimeNow
CoGetCallerTID
OleCreateLinkFromData
CreateErrorInfo
CoQueryAuthenticationServices
OleLoad
IsValidInterface
CoRetireServer
CoCreateObjectInContext
CreateDispTypeInfo
SysStringByteLen
VarBstrFromDec
VarI2FromR8
VarUI2FromUI4
SafeArrayAllocDescriptor
VarUI1FromStr
VarUI2FromUI8
OleCreatePropertyFrame
VarI4FromStr
VarXor
VarPow
LPSAFEARRAY_Unmarshal
VarDateFromI4
VarFormatCurrency
VarCyAdd
DispCallFunc
VarUI8FromUI4
VarI1FromR8
SetErrorInfo
VarFormatPercent
VarBstrFromDisp
VarTokenizeFormatString
VarI2FromUI8
VarUI2FromStr
StrCmpNIW
RegenerateUserEnvironment
SHChangeNotify
SHFileOperationW
StrRChrA
RealShellExecuteExW
SHCreateShellItem
SHGetDiskFreeSpaceExW
StrRChrIW
ShellExecuteEx
ShellAboutW
SHGetPathFromIDListA
SHAppBarMessage
OpenAs_RunDLLW
StrStrIW
SHAddToRecentDocs
SHCreateQueryCancelAutoPlayMoniker
SheGetDirA
CheckEscapesW
DllGetClassObject
StrNCmpIW
SHGetDataFromIDListA
SHParseDisplayName
PathCompactPathW
PathGetCharTypeA
StrChrW
PathIsPrefixA
PathQuoteSpacesA
PathRemoveExtensionA
PathIsDirectoryA
PathIsUNCServerW
UrlCombineW
UrlHashA
UrlCanonicalizeW
PathFindNextComponentA
PathMakeSystemFolderW
StrFormatByteSizeW
GetMessagePos
CharPrevA
UnregisterHotKey
SetMenuItemBitmaps
EnumDesktopsW
PostQuitMessage
DrawStateW
GrayStringW
WindowFromPoint
SetCaretBlinkTime
DispatchMessageW
GetMenu
CharLowerBuffA
CharPrevExA
LoadImageW
AlignRects
SetMessageExtraInfo
BlockInput
DrawFrame
SetDlgItemTextW
LoadImageA
MapVirtualKeyExA
GetMenuContextHelpId
DestroyWindow
GetMessageW
DrawFrameControl
ValidateRgn
CharToOemBuffW
SetThreadDesktop
GetMenuDefaultItem
GetDlgItemInt
GetTabbedTextExtentW
EditWndProc
SetClipboardData
OpenDesktopW
LoadStringW
SendMessageCallbackW
IsIconic
RegisterClassA
GetDCEx
OemToCharA
LoadKeyboardLayoutEx
GetKeyboardLayout
FlashWindow
EnumThreadWindows
GetDialogBaseUnits
RealChildWindowFromPoint
CharNextW
RegisterWindowMessageW
GetMonitorInfoW
SwitchDesktop
OffsetRect
SetCaretPos
CharPrevW
ToAsciiEx
GetSystemMetrics
PostMessageA
DrawIcon
SendDlgItemMessageW
SetKeyboardState
CheckDlgButton
DrawCaption
SetTimer
RemovePropW
UnloadKeyboardLayout
CreateIconFromResourceEx
LoadMenuA
CreateDialogIndirectParamA
EndTask
GetShellWindow
LoadMenuW
RemoveMenu
GetLastInputInfo
SetMenu
SetRectEmpty
wvsprintfA
LoadKeyboardLayoutA
RegisterClipboardFormatW
SetSysColors
GetAltTabInfoA
GetWindowModuleFileNameW
SetCursorPos
WinHelpA
MonitorFromRect
GetUserObjectSecurity
UnregisterDeviceNotification
GetFocus
wsprintfW
DeviceCapabilitiesW
DocumentPropertiesW
EnumFormsW
AdvancedSetupDialog
ReadPrinter
FreePrinterNotifyInfo
AddJobW
ExtDeviceMode
DeleteMonitorA
ConfigurePortW
DevQueryPrint
CommitSpoolData
ConfigurePortA
DeletePrinterDataExA
GetDefaultPrinterA
DeletePrintProcessorW
SpoolerPrinterEvent
DeletePrinterConnectionW
DeletePrinterDriverA
EnumPrinterDataExW
DeletePrintProvidorA
EnumJobsA
FlushPrinter
GetFormW
FindNextPrinterChangeNotification
AbortPrinter
DeleteFormW
GetPrinterDriverDirectoryA
DocumentEvent
AddPrinterDriverA
EnumPrinterKeyA
StartDocDlgA
AddFormW
WSANtohl
WSAStartup
WSAAsyncGetServByPort
WSAHtons
WSAGetOverlappedResult
bind
WSAIsBlocking
WSASetServiceA
WSASocketW
WSALookupServiceBeginA
select
WSAGetServiceClassInfoA
WSASetBlockingHook
WSARecvDisconnect
WSAGetLastError
WSAStringToAddressW
WTSEnumerateSessionsA
WTSUnRegisterSessionNotification
WTSQuerySessionInformationA
WTSLogoffSession
WTSTerminateProcess
WTSVirtualChannelWrite
WTSVirtualChannelClose
WTSRegisterSessionNotification
WTSShutdownSystem
WTSQuerySessionInformationW
WTSSendMessageA
WTSEnumerateSessionsW
WTSWaitSystemEvent
WTSEnumerateServersA
RegDeleteKeyA
RegOpenCurrentUser
RegQueryValueExA
OpenBackupEventLogW
AccessCheck
RegCreateKeyW
CredpEncodeCredential
AccessCheckByTypeResultListAndAuditAlarmW
GetSecurityInfo
CloseTrace
SetSecurityDescriptorDacl
RegOpenKeyA
ConvertStringSidToSidW
CreateServiceA
GetTrusteeFormW
ObjectDeleteAuditAlarmW
SetTokenInformation
RegOpenKeyW
ReadEncryptedFileRaw
QueryAllTracesW
RemoveUsersFromEncryptedFile
RegEnumKeyExW
GetPrivateObjectSecurity
LsaAddAccountRights
CreateRestrictedToken
ObjectCloseAuditAlarmA
StartServiceW
RegUnLoadKeyA
ElfRegisterEventSourceW
LsaICLookupNamesWithCreds
WmiMofEnumerateResourcesA
WmiQueryAllDataMultipleW
ReportEventW
WmiFileHandleToInstanceNameW
CryptEnumProvidersA
RegDeleteValueA
ObjectOpenAuditAlarmW
ImageList_BeginDrag
ImageList_Replace
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollRange
GetEffectiveClientRect
FlatSB_GetScrollInfo
CreateStatusWindow
FlatSB_SetScrollRange
MakeDragList
DllGetVersion
ImageList_DrawIndirect
ImageList_GetImageRect
ImageList_Read
ImageList_SetFlags
FlatSB_ShowScrollBar
CreateToolbarEx
ImageList_GetIconSize
ImageList_SetOverlayImage
DrawStatusText
InitMUILanguage
LBItemFromPt
ImageList_GetFlags
ImageList_DragLeave
ImageList_GetBkColor
DrawStatusTextA
ImageList_GetIcon
FlatSB_SetScrollPos
FlatSB_GetScrollProp
ImageList_ReplaceIcon
ImageList_Duplicate
InitCommonControlsEx
CreateStatusWindowW
CreatePropertySheetPageW
ImageList_SetImageCount
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Remove
CreatePropertySheetPageA
ImageList_LoadImageW
PrintDlgA
PrintDlgExW
WantArrows
dwLBSubclass
GetFileTitleW
GetOpenFileNameW
ChooseColorW
ChooseFontW
GetFileTitleA
PageSetupDlgA
GetOpenFileNameA
ChooseColorA
PrintDlgW
CommDlgExtendedError
ReplaceTextW
LoadAlterBitmap
PageSetupDlgW
GetSaveFileNameA
ChooseFontA
dwOKSubclass
SetDIBits
GetDIBColorTable
EngGetPrinterDataFileName
EngCreateDeviceBitmap
GetWindowOrgEx
SetColorSpace
PlayMetaFileRecord
AddFontResourceA
SetEnhMetaFileBits
GetMetaRgn
SetStretchBltMode
SetICMProfileW
GetObjectType
GetTextExtentPointI
GetColorAdjustment
CreateEllipticRgn
RestoreDC
GdiGetPageCount
PaintRgn
CreateDCW
GetCharWidthA
Polyline
GdiAlphaBlend
GetCharacterPlacementA
GdiConvertToDevmodeW
AbortPath
BRUSHOBJ_hGetColorTransform
EngDeleteSurface
FONTOBJ_cGetGlyphs
CLIPOBJ_bEnum
DeleteColorSpace
EnumFontFamiliesExW
EqualRgn
GdiGetLocalDC
ExtTextOutA
GdiGetDC
SetBrushOrgEx
GetTextExtentExPointWPri
CreateColorSpaceA
GetEnhMetaFilePixelFormat
EngFreeModule
GdiCleanCacheDC
ResetDCA
GdiRealizationInfo
CreateColorSpaceW
GetTextColor
EngCreateSemaphore
GetFontData
bMakePathNameW
GetFontAssocStatus
CreateCompatibleBitmap
SetThreadLocale
GetPrivateProfileSectionNamesA
GetDriveTypeW
ReleaseMutex
DeactivateActCtx
GetDriveTypeA
GetPrivateProfileSectionNamesW
GetFileAttributesW
SystemTimeToTzSpecificLocalTime
SetDefaultCommConfigW
DeleteCriticalSection
GetStartupInfoW
OpenFileMappingW
CommConfigDialogW
GetLocaleInfoA
GetSystemDefaultLCID
SetFilePointer
lstrcat
IsProcessInJob
GetLogicalDrives
GetFileInformationByHandle
GetTapePosition
QueryMemoryResourceNotification
FatalAppExitA
FindResourceExA
WaitForDebugEvent
WritePrivateProfileStructA
FindResourceExW
EnumLanguageGroupLocalesW
GetConsoleHardwareState
SetComputerNameA
EnumCalendarInfoExA
FindActCtxSectionStringW
FormatMessageW
TransmitCommChar
GetThreadPriority
UnhandledExceptionFilter
SetDefaultCommConfigA
TlsGetValue
QueryDosDeviceW
MoveFileW
GetFullPathNameW
QueueUserWorkItem
OutputDebugStringA
FindFirstVolumeMountPointA
GetEnvironmentVariableW
VerLanguageNameA
SetCommState
GetNamedPipeInfo
RemoveDirectoryW
GetLargestConsoleWindowSize
ReadConsoleInputW
CreateMailslotA
RemoveDirectoryA
UpdateResourceA
FoldStringA
IsWow64Process
GetVolumeInformationA
GetPrivateProfileStringA
CancelDeviceWakeupRequest
GetCalendarInfoW
CreateActCtxA
EnumSystemLocalesW
OpenWaitableTimerW
EnumCalendarInfoW
SetFilePointerEx
SetProcessAffinityMask
GetProfileIntA
RegisterWaitForSingleObject
SetFileAttributesW
LockFileEx
CreateSemaphoreA
SetEnvironmentVariableW
GetSystemDefaultUILanguage
CreatePipe
SetUnhandledExceptionFilter
GetProcessPriorityBoost
CreateMutexW
GetVolumeNameForVolumeMountPointW
SetCommConfig
ReadConsoleA
GetThreadSelectorEntry
GetProcessShutdownParameters
BeginUpdateResourceA
Heap32Next
DosPathToSessionPathA
ReadConsoleW
GetVersion
SetCurrentDirectoryA
SetCalendarInfoA
InitializeCriticalSectionAndSpinCount
GetSystemTime
LoadLibraryW
LZSeek
DisableThreadLibraryCalls
SetFileApisToANSI
GetCommMask
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetConsoleKeyboardLayoutNameA
GlobalSize
GetProcessIoCounters
GetPrivateProfileStructW
ReadConsoleOutputW
GetNamedPipeHandleStateA
GetCommProperties
GenerateConsoleCtrlEvent
BackupWrite
GetUserDefaultLCID
GetConsoleAliasesA
WriteFileGather
GetComputerNameExA
CreateWaitableTimerW
GetProfileStringW
AssignProcessToJobObject
lstrcpyW
GetVolumePathNamesForVolumeNameA
SetCriticalSectionSpinCount
EnumDateFormatsExA
VirtualLock
FindFirstFileA
WaitNamedPipeA
HeapValidate
CreateHardLinkW
CreateFileMappingA
FindNextFileA
FindFirstFileExW
ExpandEnvironmentStringsA
GetBinaryTypeA
EnumDateFormatsExW
GetCurrencyFormatA
WriteProfileSectionW
GetFileType
SetVolumeLabelA
GetPrivateProfileSectionA
LocalReAlloc
FlushConsoleInputBuffer
GlobalDeleteAtom
OpenSemaphoreA
GlobalAlloc
WaitForSingleObjectEx
CreateProcessW
GetConsoleInputExeNameW
CancelWaitableTimer
GetCPInfoExW
CompareFileTime
GetCPInfoExA
SetThreadAffinityMask
CopyFileExW
InterlockedCompareExchange
OpenMutexA
EnumResourceTypesA
ReleaseSemaphore
GetFileAttributesExA
CreateSocketHandle
lstrcpynA
PeekConsoleInputA
VerifyVersionInfoW
FreeResource
GetLongPathNameW
WriteConsoleOutputCharacterW
HeapCreate
WriteFile
VirtualQuery
VirtualFree
GetLongPathNameA
LZClose
ReadFileEx
SetMailslotInfo
DnsHostnameToComputerNameA
CompareStringA
OleCreateLinkEx
CoImpersonateClient
HPALETTE_UserFree
CoGetTreatAsClass
OleDestroyMenuDescriptor
SNB_UserUnmarshal
CoGetCallerTID
HICON_UserFree
UtConvertDvtd32toDvtd16
IsEqualGUID
CoSetCancelObject
CoSetProxyBlanket
CoGetInterceptorFromTypeInfo
CreateItemMoniker
OleCreateLink
ReleaseStgMedium
CoFreeUnusedLibrariesEx
ReadClassStm
OleCreateFromData
StgGetIFillLockBytesOnILockBytes
CoRegisterMessageFilter
HWND_UserUnmarshal
OleGetClipboard
ComPs_NdrDllRegisterProxy
HENHMETAFILE_UserFree
CreateOleAdviseHolder
OleCreateFromDataEx
CoInitialize
CoTaskMemRealloc
OleRegEnumVerbs
CoInvalidateRemoteMachineBindings
CoGetCancelObject
OleCreateLinkFromDataEx
OleLoad
HICON_UserSize
SetErrorInfo
DllGetClassObject
OleCreateEmbeddingHelper
WriteClassStm
OleCreateDefaultHandler
CoFileTimeToDosDateTime
CoGetContextToken
WriteClassStg
CoGetDefaultContext
IsAccelerator
HMETAFILE_UserMarshal
StgCreateDocfile
GetErrorInfo
CoRevertToSelf
CreateGenericComposite
VarI1FromUI2
VarR4FromDec
VarDecFromStr
VarCyCmp
VarDateFromDisp
VarI8FromI1
VarDecNeg
VarUI1FromStr
VarDateFromBool
QueryPathOfRegTypeLib
VarUI8FromI2
VarCyFromUI1
VarBstrFromI2
VarI8FromDate
VarR8FromUI8
VarBoolFromI1
VarI2FromR4
VariantCopyInd
VarR8FromI8
SafeArrayGetUBound
VarCyFromDec
VarIdiv
VarBoolFromDate
SysAllocStringByteLen
VarI1FromUI4
VarI1FromI4
VarUI2FromDec
VarWeekdayName
VarDecRound
VarBoolFromCy
VarR8FromStr
VarUI2FromI4
VarUI8FromUI4
SysReAllocStringLen
OleCreatePictureIndirect
OleLoadPictureEx
DispGetIDsOfNames
VarI1FromR8
VarMonthName
VarUI8FromUI1
VarCmp
VarUI1FromUI8
VarDiv
VarR8FromBool
VarCat
VarDecFromI1
SafeArrayPutElement
VarR8FromI4
SHPathPrepareForWriteA
SHBrowseForFolderW
InternalExtractIconListA
SHChangeNotify
SHUpdateRecycleBinIcon
RealShellExecuteW
PrintersGetCommand_RunDLLA
ExtractAssociatedIconExA
SHBrowseForFolderA
StrChrIW
DllInstall
SHFileOperationA
SHGetFileInfoA
SHFormatDrive
StrChrW
SHHelpShortcuts_RunDLLA
SHGetPathFromIDListW
ExtractIconEx
SHGetDesktopFolder
SHEnableServiceObject
SHLoadInProc
SHGetFolderLocation
StrStrIW
DllGetClassObject
SHCreateQueryCancelAutoPlayMoniker
CheckEscapesW
RealShellExecuteExW
AppCompat_RunDLLW
DoEnvironmentSubstA
SHGetNewLinkInfoA
ShellHookProc
SHGetNewLinkInfo
ExtractIconExW
RealShellExecuteExA
FindExecutableW
DllGetVersion
SHGetNewLinkInfoW
PathFindExtensionA
StrSpnW
UrlApplySchemeW
PathRemoveArgsW
SHOpenRegStream2A
StrNCatA
SHGetValueW
PathMakePrettyW
PathCombineA
PathIsLFNFileSpecW
StrFormatByteSizeW
SHDeleteValueW
wnsprintfA
AssocQueryStringByKeyA
StrIsIntlEqualW
UrlHashA
StrRetToStrW
SHRegGetPathA
UrlGetPartW
PathAddExtensionA
PathFindFileNameW
StrPBrkA
StrCpyNW
PathGetArgsA
StrRetToStrA
SHLoadIndirectString
PathIsNetworkPathA
StrCatChainW
EnumWindowStationsA
SetWindowPlacement
GetInputState
SetMenuDefaultItem
SetRectEmpty
EnableScrollBar
SetScrollPos
IsWindow
OpenIcon
SetMenuItemInfoA
GrayStringA
OemToCharBuffW
CopyRect
GetInputDesktop
GetWindowWord
DispatchMessageW
GetAsyncKeyState
DrawTextA
LoadBitmapW
GetClassInfoA
GetClipCursor
SendMessageW
EndMenu
SendMessageA
GetClassWord
GetClientRect
DefWindowProcW
CharLowerBuffA
SetThreadDesktop
CallNextHookEx
GetWindowTextLengthA
CharUpperA
CopyAcceleratorTableA
RegisterHotKey
GetUpdateRgn
EnumDesktopsW
MapVirtualKeyExW
LockWindowUpdate
MapVirtualKeyExA
InvalidateRgn
GetClassInfoExW
MapDialogRect
GetCursorInfo
SetPropA
GetPropW
SetClassLongW
GetMenuState
SetClassWord
SetClassLongA
DrawFrameControl
GetNextDlgGroupItem
SetPropW
GetDesktopWindow
ValidateRgn
PeekMessageW
InsertMenuItemW
CreateMDIWindowW
SetProgmanWindow
TranslateMessage
GetProgmanWindow
GetWindow
GetMenuDefaultItem
CreateCursor
CharNextExA
GetIconInfo
SetParent
OpenDesktopW
RegisterDeviceNotificationA
GetWindowPlacement
GetWindowTextA
DrawMenuBar
OemToCharBuffA
EnableMenuItem
EnumPropsA
GetDCEx
LoadKeyboardLayoutEx
ShowOwnedPopups
FlashWindow
MonitorFromPoint
CreateAcceleratorTableW
WaitForInputIdle
OemToCharW
EnumPropsW
GetGUIThreadInfo
DragDetect
MapWindowPoints
SendNotifyMessageA
MapVirtualKeyA
SwitchDesktop
OffsetRect
SetCaretPos
GetScrollPos
TrackMouseEvent
ToAsciiEx
GetClipboardData
GetSystemMetrics
SetScrollRange
SetWindowWord
PostMessageA
IsDialogMessageW
SendDlgItemMessageW
PostMessageW
WaitMessage
CheckMenuItem
UnlockWindowStation
GetClassLongW
GetTitleBarInfo
DrawIconEx
SetWindowTextW
ScreenToClient
CloseWindowStation
GetCapture
LoadIconA
GetKeyboardState
DialogBoxIndirectParamW
CharToOemW
GetMenu
IsDlgButtonChecked
DestroyAcceleratorTable
ValidateRect
SetWindowsHookExW
SetUserObjectInformationW
DialogBoxIndirectParamA
GetMenuItemInfoW
EmptyClipboard
GetCaretBlinkTime
CreateDialogIndirectParamW
ChildWindowFromPointEx
DrawTextExW
LoadMenuA
PrivateExtractIconsW
CharNextA
CreateDialogIndirectParamA
GetCaretPos
RemoveMenu
MessageBoxW
AppendMenuA
RegisterClassExW
SetDlgItemTextA
MoveWindow
LoadCursorFromFileA
LoadKeyboardLayoutW
MessageBoxA
IsCharUpperW
CascadeChildWindows
MessageBoxExW
DialogBoxParamA
SetScrollInfo
MenuWindowProcW
MenuItemFromPoint
GetWindowModuleFileNameA
PrintWindow
GetListBoxInfo
GetAltTabInfoA
WinHelpA
ScrollChildren
DefFrameProcA
SendMessageTimeoutA
IsCharUpperA
DlgDirSelectExW
GetKeyboardType
AdjustWindowRect
CreateIcon
CloseDesktop
CallWindowProcA
IsMenu
GetDlgItemTextW
GetAncestor
DeviceCapabilitiesW
AddPrinterDriverExW
OpenPrinterA
AdvancedSetupDialog
AddJobA
ResetPrinterA
DeletePortA
AddMonitorW
DocumentPropertySheets
EnumPrintProcessorsW
DeletePortW
EnumPortsA
DeleteMonitorA
AddPrinterConnectionW
EnumPrinterDataA
DeleteMonitorW
EnumPrintProcessorsA
ClosePrinter
PrinterProperties
GetPrinterDriverW
AddPrintProcessorA
EnumMonitorsW
EnumPrinterDataExA
AddPrintProcessorW
GetJobA
DeletePrinterDataA
EndPagePrinter
AddPrintProvidorW
DeleteFormW
EnumPrinterKeyW
GetPrintProcessorDirectoryW
GetDefaultPrinterA
StartDocDlgW
ConvertAnsiDevModeToUnicodeDevmode
EndDocPrinter
AddPrinterDriverW
DeletePrintProcessorA
WSADuplicateSocketA
getaddrinfo
WSASendDisconnect
WSARecv
accept
WSAAddressToStringW
WSAInstallServiceClassW
getsockname
WSCInstallProvider
WSAAddressToStringA
inet_ntoa
WSASetBlockingHook
recvfrom
WSASetServiceA
WSALookupServiceEnd
WSAGetServiceClassNameByClassIdW
listen
WSANtohl
gethostbyname
getpeername
WSCWriteNameSpaceOrder
WSANtohs
WSAEnumNameSpaceProvidersA
inet_addr
WSALookupServiceBeginW
WSCEnumProtocols
WSALookupServiceBeginA
WSAEnumNetworkEvents
WSCWriteProviderOrder
WSAAsyncGetHostByAddr
WSAEnumNameSpaceProvidersW
getservbyname
WTSTerminateProcess
WTSQueryUserConfigW
WTSVirtualChannelPurgeInput
WTSSendMessageW
WTSSetUserConfigA
WTSEnumerateServersW
WTSVirtualChannelRead
WTSOpenServerA
WTSSetSessionInformationA
WTSShutdownSystem
WTSQuerySessionInformationW
WTSLogoffSession
WTSSetSessionInformationW
WTSVirtualChannelWrite
WTSEnumerateProcessesA
WTSRegisterSessionNotification
WTSWaitSystemEvent
WTSVirtualChannelOpen
WTSOpenServerW
WTSDisconnectSession
WTSEnumerateServersA
Number of PE resources by type
RT_ICON 3
RT_MANIFEST 1
RT_VERSION 1
RT_RCDATA 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 6
RUSSIAN 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
63488

ImageVersion
0.0

ProductName
ternals Desin wbugvieSy

FileVersionNumber
4.76.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
2.25

FileTypeExtension
exe

OriginalFileName
fdjuu5we.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.76

TimeStamp
1992:06:20 00:22:17+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
rnaStels Deut Viebug sinOuertpw

ProductVersion
4.76

FileDescription
AllowMultipleInstances

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
998 Ma8-20no0rk Ruichssiv

MachineType
Intel 386 or later, and compatibles

CompanyName
Slsysernaint

CodeSize
427520

FileSubtype
0

ProductVersionNumber
4.76.0.0

EntryPoint
0x14db

ObjectFileType
Executable application

File identification
MD5 44465b1f10c5d021648f0fe9803e5085
SHA1 d433200eebf014c26af76a2cb5e7dc758fd794ab
SHA256 f7f347d47ade76589b1d6c9986ae76d11b05f946a61fd13e888ec4e36c3cc470
ssdeep
6144:AsyM4/pJezdV7P4drIUwhxcybnwjuAu4pC5yeo99QgUZ4kDYWzOQhpZ80ag5oWaz:A7OzdNRhztGB2bYWz7WWanycE

authentihash c041a23b8d9033eb3e526673b99f025d54d06e9f838365c9f260919b9de0de24
imphash 78c98bd8c50dadc0bf60980296c2778f
File size 480.5 KB ( 492032 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Delphi generic (30.5%)
Windows screen saver (28.1%)
Win32 Dynamic Link Library (generic) (14.1%)
Win32 Executable (generic) (9.7%)
Win16/32 Executable Delphi generic (4.4%)
Tags
peexe

VirusTotal metadata
First submission 2014-11-21 14:13:20 UTC ( 3 years, 6 months ago )
Last submission 2018-05-19 23:59:46 UTC ( 4 days, 6 hours ago )
File names 44465b1f10c5d021648f0fe9803e5085
44465b1f10c5d021648f0fe9803e5085.vir
rnaStels Deut Viebug sinOuertpw
fdjuu5we.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
HTTP requests
DNS requests
TCP connections