× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f8ba4ef1c3927c059f26ae5449111b89c3baa4ad8a3c8d4e9d083681a4869533
File name: delay4net.exe
Detection ratio: 1 / 43
Analysis date: 2012-03-23 06:57:37 UTC ( 6 years, 11 months ago )
Antivirus Result Update
Jiangmin Worm/Sohanad.aim 20120322
AhnLab-V3 20120322
AntiVir 20120322
Antiy-AVL 20120323
Avast 20120320
AVG 20120322
BitDefender 20120323
ByteHero 20120319
CAT-QuickHeal 20120323
ClamAV 20120322
Commtouch 20120323
Comodo 20120323
DrWeb 20120323
Emsisoft 20120323
eSafe 20120322
eTrust-Vet 20120322
F-Prot 20120322
F-Secure 20120323
Fortinet 20120323
GData 20120323
Ikarus 20120323
K7AntiVirus 20120321
Kaspersky 20120323
McAfee 20120323
McAfee-GW-Edition 20120322
Microsoft 20120323
NOD32 20120323
Norman 20120323
nProtect 20120323
Panda 20120322
PCTools 20120323
Prevx 20120323
Rising 20120323
Sophos AV 20120323
SUPERAntiSpyware 20120322
Symantec 20120323
TheHacker 20120322
TrendMicro 20120323
TrendMicro-HouseCall 20120323
VBA32 20120322
VIPRE 20120323
ViRobot 20120323
VirusBuster 20120322
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
File version 3, 3, 8, 1
PE header basic information
Number of sections 3
PE sections
PE imports
ImageList_Remove
GetSaveFileNameW
LineTo
LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
WNetGetConnectionW
EnumProcesses
DragFinish
LoadUserProfileW
VerQueryValueW
FtpOpenFileW
timeGetTime
CoInitialize
ExifTool file metadata
SubsystemVersion
5.0

InitializedDataSize
32768

ImageVersion
0.0

FileVersionNumber
3.3.8.1

UninitializedDataSize
483328

LanguageCode
English (British)

FileFlagsMask
0x0017

CharacterSet
Unicode

LinkerVersion
10.0

MIMEType
application/octet-stream

FileVersion
3, 3, 8, 1

TimeStamp
2012:01:29 22:32:28+01:00

FileType
Win32 EXE

PEType
PE32

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

CompiledScript
AutoIt v3 Script: 3, 3, 8, 1

MachineType
Intel 386 or later, and compatibles

CodeSize
274432

FileSubtype
0

ProductVersionNumber
3.3.8.1

EntryPoint
0xb8e70

ObjectFileType
Unknown

File identification
MD5 a53c7d74e5317fbeb7f3c515b997bda8
SHA1 a3887e33db48b3e47ad1da93abe477ca0d200221
SHA256 f8ba4ef1c3927c059f26ae5449111b89c3baa4ad8a3c8d4e9d083681a4869533
ssdeep
6144:EuIlWqB+ihabs7Ch9KwyF5LeLodp2D1Mmakda0qLqI5:v6Wq4aaE6KwyF5L0Y2D1PqLX

File size 295.0 KB ( 302089 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit, UPX compressed

TrID UPX compressed Win32 Executable (43.8%)
Win32 EXE Yoda's Crypter (38.1%)
Win32 Executable Generic (12.2%)
Generic Win/DOS Executable (2.8%)
DOS Executable Generic (2.8%)
VirusTotal metadata
First submission 2012-03-23 06:57:37 UTC ( 6 years, 11 months ago )
Last submission 2012-03-23 06:57:37 UTC ( 6 years, 11 months ago )
File names delay4net.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!