× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f9bd2c0412344fe324b9263c1b97ee84a8d6e5bfecd21a780633df46106820f8
File name: alkxcl.exe
Detection ratio: 4 / 57
Analysis date: 2016-03-26 19:17:54 UTC ( 3 years ago ) View latest
Antivirus Result Update
AhnLab-V3 Win-Trojan/Lockycrypt.Gen 20160326
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160325
Qihoo-360 QVM07.1.Malware.Gen 20160326
TrendMicro-HouseCall Ransom_HPCRYPTESLA.SM2 20160326
Ad-Aware 20160326
AegisLab 20160326
Yandex 20160316
Alibaba 20160323
ALYac 20160326
Antiy-AVL 20160326
Arcabit 20160326
Avast 20160326
AVG 20160326
Avira (no cloud) 20160326
AVware 20160326
Baidu-International 20160326
BitDefender 20160326
Bkav 20160326
ByteHero 20160326
CAT-QuickHeal 20160326
ClamAV 20160326
CMC 20160322
Comodo 20160326
Cyren 20160326
DrWeb 20160326
Emsisoft 20160326
ESET-NOD32 20160326
F-Prot 20160326
F-Secure 20160326
Fortinet 20160326
GData 20160326
Ikarus 20160326
Jiangmin 20160326
K7AntiVirus 20160326
K7GW 20160323
Kaspersky 20160326
Kingsoft 20160326
Malwarebytes 20160326
McAfee 20160326
McAfee-GW-Edition 20160326
Microsoft 20160326
eScan 20160326
NANO-Antivirus 20160326
nProtect 20160325
Panda 20160326
Rising 20160326
Sophos AV 20160326
SUPERAntiSpyware 20160326
Symantec 20160326
Tencent 20160326
TheHacker 20160325
TrendMicro 20160326
VBA32 20160325
VIPRE 20160326
ViRobot 20160326
Zillya 20160326
Zoner 20160326
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-05-23 13:40:41
Entry Point 0x0001031C
Number of sections 4
PE sections
Overlays
MD5 1a703ae5064b99ad4039d261c5d4ff3a
File type data
Offset 323584
Size 20480
Entropy 2.25
PE imports
MoveToEx
GetWinMetaFileBits
SaveDC
GetEnhMetaFileHeader
StrokePath
GetClipBox
SetViewportExtEx
CreateCompatibleBitmap
CreateSolidBrush
ReBaseImage
SymGetSymFromAddr
SymEnumerateSymbols
ImageGetDigestStream
SymGetLineNext
SymGetSearchPath
MapDebugInformation
SymGetOptions
SymGetSymFromName
ImageEnumerateCertificates
SymInitialize
ImagehlpApiVersion
SymLoadModule
ImageNtHeader
MakeSureDirectoryPathExists
MapFileAndCheckSumW
SymGetModuleBase
BindImage
SymSetSearchPath
SymEnumerateModules
ImmEscapeW
ImmGetConversionStatus
ImmGetDefaultIMEWnd
ImmGetCandidateListCountW
ImmIsUIMessageW
ImmGetConversionListW
ImmGetDescriptionW
ImmGetCompositionFontW
WNetGetConnectionW
MultinetGetConnectionPerformanceW
WNetEnumResourceA
WNetOpenEnumW
WNetDisconnectDialog1W
WNetGetUserW
WNetGetUniversalNameW
WNetCancelConnection2W
WNetOpenEnumA
WNetGetNetworkInformationW
WNetEnumResourceW
WNetGetLastErrorW
WNetGetConnectionA
WNetGetUniversalNameA
WNetCancelConnection2A
WNetAddConnection3A
WNetUseConnectionW
SHEnumValueW
PathQuoteSpacesW
SHRegSetUSValueW
PathFileExistsA
SetFocus
GetMessagePos
VkKeyScanExW
DrawTextW
SetRectEmpty
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
DrawStateW
LoadKeyboardLayoutW
OemToCharBuffA
DispatchMessageA
ScreenToClient
WindowFromPoint
SetCaretBlinkTime
CharUpperBuffW
VkKeyScanW
SetActiveWindow
DispatchMessageW
GetCursorPos
DrawTextA
GetDlgCtrlID
DefFrameProcW
GetClassInfoW
SetMenuDefaultItem
SetScrollPos
CharPrevW
GetWindowTextLengthA
TrackPopupMenu
ShowCursor
MapVirtualKeyExW
CopyAcceleratorTableW
ScrollWindow
GetWindowTextA
GetKeyState
PtInRect
GetUserObjectInformationW
GetClassInfoExW
SetPropA
RegisterWindowMessageA
SetClassLongW
CheckRadioButton
TranslateAcceleratorW
GetCaretPos
DrawFrameControl
GetMenuState
IsCharAlphaW
PeekMessageW
EnableWindow
SetWindowPlacement
LoadImageA
GetDlgItemTextA
GetClipboardFormatNameW
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
IsCharLowerA
GetSystemMetrics
IsZoomed
LoadStringW
IsWindow
TrackPopupMenuEx
GetWindowLongA
CreateMenu
ShowOwnedPopups
FillRect
CharNextA
GetSysColorBrush
CreateWindowExW
WindowFromDC
IsChild
IsDialogMessageA
MapWindowPoints
CharPrevA
LockWindowUpdate
SetCapture
OffsetRect
GetScrollPos
CopyIcon
KillTimer
SendNotifyMessageW
DefWindowProcA
GetClipboardData
GetParent
LoadBitmapW
SendDlgItemMessageA
CharLowerA
SetWindowLongW
PostMessageA
DrawIcon
GetMessageExtraInfo
CharLowerW
SetWindowLongA
GetProcessWindowStation
InvalidateRect
WaitMessage
SetWindowTextA
CheckMenuItem
CallMsgFilterA
GetLastActivePopup
SetWindowTextW
SetTimer
GetDlgItem
CreateDialogParamA
BringWindowToTop
FindWindowW
ClientToScreen
SetKeyboardState
InsertMenuA
FindWindowExA
LoadCursorA
GetKeyboardState
DialogBoxIndirectParamW
GetMenuItemCount
IsDlgButtonChecked
DestroyAcceleratorTable
BeginDeferWindowPos
ValidateRect
EnumDisplaySettingsW
FindWindowExW
GetMenuItemID
SetForegroundWindow
PostThreadMessageA
CharToOemA
EmptyClipboard
IntersectRect
SendInput
CreateDialogIndirectParamA
RemovePropA
FindWindowA
MessageBeep
SetClassLongA
RemoveMenu
ShowScrollBar
RegisterClassExW
SetMenu
RegisterClipboardFormatA
MoveWindow
SetDlgItemInt
LoadMenuW
MessageBoxA
AppendMenuW
DestroyCursor
wvsprintfA
GetSysColor
RegisterClipboardFormatW
CopyImage
SystemParametersInfoA
GetWindowModuleFileNameA
ReuseDDElParam
IsWindowVisible
UnpackDDElParam
SystemParametersInfoW
WinHelpA
UnionRect
SetRect
GetKeyNameTextW
CharNextW
CharLowerBuffA
AdjustWindowRect
CloseDesktop
GetClassNameA
CloseClipboard
GetDlgItemTextW
ModifyMenuA
SetCursor
timeKillEvent
midiInGetErrorTextA
mmioWrite
mciSendStringW
waveInGetErrorTextA
waveInGetDevCapsA
midiInStart
midiOutReset
joyGetDevCapsA
midiOutGetDevCapsW
waveInAddBuffer
midiInUnprepareHeader
waveInGetNumDevs
midiOutClose
mciSendCommandW
waveOutPrepareHeader
waveInGetPosition
mixerGetControlDetailsA
mciSendCommandA
midiOutLongMsg
waveOutReset
waveInOpen
mmioDescend
mciGetDeviceIDFromElementIDA
timeBeginPeriod
midiOutShortMsg
mixerGetNumDevs
midiOutMessage
auxGetNumDevs
midiOutUnprepareHeader
waveOutGetID
mmioStringToFOURCCA
mmioRenameA
waveOutClose
midiOutOpen
mixerGetID
CloseDriver
midiOutGetNumDevs
mmioRead
waveOutUnprepareHeader
waveInStart
midiOutGetID
SendDriverMessage
GetDriverModuleHandle
waveInStop
midiStreamStop
midiOutSetVolume
sndPlaySoundW
mmioSendMessage
mixerGetLineInfoA
mixerOpen
mmioFlush
mmioSeek
waveInMessage
waveOutGetNumDevs
auxSetVolume
mixerGetLineInfoW
midiStreamOut
PlaySoundW
midiInGetDevCapsW
mciSetYieldProc
mmioCreateChunk
mixerGetDevCapsA
midiInGetDevCapsA
PlaySoundA
joySetThreshold
waveOutSetPitch
mmioAdvance
mixerSetControlDetails
midiStreamPause
DefDriverProc
midiInPrepareHeader
mixerGetLineControlsW
midiOutGetErrorTextW
auxGetDevCapsA
midiStreamPosition
mciGetErrorStringA
waveInPrepareHeader
mmioClose
waveOutMessage
waveInGetID
timeGetTime
waveInClose
mmioAscend
timeGetDevCaps
waveOutGetErrorTextW
mciGetDeviceIDW
midiStreamProperty
midiInStop
midiStreamOpen
mixerGetDevCapsW
waveOutGetVolume
waveOutGetErrorTextA
waveInReset
Number of PE resources by type
RT_ICON 4
RT_GROUP_ICON 4
RT_DIALOG 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 6
ARABIC IRAQ 4
PE resources
ExifTool file metadata
LegalTrademarks
Centric

SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.34.63.181

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Debatable Combated Bloodstains

CharacterSet
Unicode

InitializedDataSize
733184

EntryPoint
0x1031c

OriginalFileName
Boundl.EXE

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2013

FileVersion
0.39.173.19

TimeStamp
2007:05:23 14:40:41+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Deceptions

ProductVersion
0.228.162.113

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Vellosoft

CodeSize
65536

ProductName
Destined Dreamers

ProductVersionNumber
0.248.135.135

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 34cc34d6dd8a37c79c4f6ca1373b053f
SHA1 774fe53dacdaf2e0c6f45d8558aad8ccc460b8d3
SHA256 f9bd2c0412344fe324b9263c1b97ee84a8d6e5bfecd21a780633df46106820f8
ssdeep
6144:A6tthVglnxbA3THzKDeQ/0Aebu7L+UIF2cvavJGdxc18mNb:ACthVgxbAjW9/kbjYTd8mNb

authentihash 7738c8e409d38f546dc8f8b9609931b78cc9e3dd987abc5be42ed720433b94fd
imphash 9a4f5b0d4de227685d13bb2c0f0edd88
File size 336.0 KB ( 344064 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-03-26 19:17:54 UTC ( 3 years ago )
Last submission 2016-04-01 23:55:22 UTC ( 3 years ago )
File names alkxcl.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!