× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fbffe8790d3d128f5678cde31e0e3b6e3511c6ce73cdfc06b849990855fb4f9f
File name: 42e26a8f5f635b167d46f0b8fa166a41.virus
Detection ratio: 35 / 57
Analysis date: 2016-12-31 05:20:45 UTC ( 2 years, 1 month ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.215170 20161231
AhnLab-V3 Trojan/Win32.Upbot.C1729041 20161230
ALYac Gen:Variant.Mikey.57487 20161231
Arcabit Trojan.Zusy.D34882 20161231
Avast Win32:Malware-gen 20161231
AVG GenericX.682 20161231
Avira (no cloud) TR/Crypt.ZPACK.hblvq 20161230
AVware LooksLike.Win32.Crowti.b (v) 20161231
BitDefender Gen:Variant.Zusy.215170 20161231
Bkav W32.FamVT.RazyNHmA.Trojan 20161229
CrowdStrike Falcon (ML) malicious_confidence_99% (D) 20161024
Cyren W32/S-e2e07e9d!Eldorado 20161231
DrWeb Trojan.Proxy2.159 20161231
Emsisoft Gen:Variant.Zusy.215170 (B) 20161231
ESET-NOD32 a variant of Generik.GJYHYGF 20161231
F-Prot W32/S-e2e07e9d!Eldorado 20161231
F-Secure Gen:Variant.Zusy.215170 20161231
GData Gen:Variant.Zusy.215170 20161231
Sophos ML trojan.win32.lethic.k 20161216
Jiangmin Backdoor.Generic.aimp 20161231
Kaspersky Trojan.Win32.Bublik.euxi 20161231
Malwarebytes Backdoor.Andromeda 20161231
McAfee GenericRXAT-HZ!42E26A8F5F63 20161231
Microsoft Worm:Win32/Dorkbot.I 20161231
eScan Gen:Variant.Zusy.215170 20161231
NANO-Antivirus Trojan.Win32.Agent.ekcprk 20161231
Panda Trj/GdSda.A 20161230
Qihoo-360 HEUR/QVM09.0.2092.Malware.Gen 20161231
Rising Malware.Generic!JdWO1vJS7K@5 (thunder) 20161231
Sophos AV Mal/Generic-S 20161231
Symantec Heur.AdvML.B 20161231
TrendMicro TROJ_GEN.R0C1C0DLU16 20161231
TrendMicro-HouseCall TROJ_GEN.R0C1C0DLU16 20161231
VIPRE LooksLike.Win32.Crowti.b (v) 20161231
ViRobot Backdoor.Win32.Androm.259584[h] 20161231
AegisLab 20161231
Alibaba 20161223
Antiy-AVL 20161231
Baidu 20161207
CAT-QuickHeal 20161230
ClamAV 20161231
CMC 20161230
Comodo 20161231
Fortinet 20161231
Ikarus 20161230
K7AntiVirus 20161230
K7GW 20161231
Kingsoft 20161231
McAfee-GW-Edition 20161231
nProtect 20161231
SUPERAntiSpyware 20161230
Tencent 20161231
TheHacker 20161229
TotalDefense 20161230
Trustlook 20161231
VBA32 20161229
WhiteArmor 20161221
Yandex 20161230
Zillya 20161230
Zoner 20161231
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2006-2010 MIT University All Rights Reserved.

Product MIT University
Internal name MIT
File version 54.0.12.0
Description MIT University
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-12-28 13:00:49
Entry Point 0x00007570
Number of sections 4
PE sections
PE imports
CreateToolbarEx
InitCommonControlsEx
ImageList_Destroy
CreateStatusWindowW
ImageList_SetBkColor
ImageList_Draw
ImageList_GetIconSize
CreatePropertySheetPageW
ImageList_Create
ImageList_DrawEx
PropertySheetW
Ord(17)
ImageList_ReplaceIcon
ImageList_Add
ChooseFontW
AddFontResourceA
GetCharABCWidthsFloatW
CreateFontIndirectW
CreatePen
GetBkMode
CreateFontIndirectA
GetTextMetricsA
CreateRectRgnIndirect
GetPixel
Rectangle
GetObjectA
CreateDCA
LineTo
DeleteDC
EndDoc
PtInRegion
DeleteObject
GetObjectW
BitBlt
CreateDIBSection
GetDeviceCaps
CreateFontA
ExtTextOutW
MoveToEx
GetStockObject
CreateDIBitmap
ExtTextOutA
GetDIBits
SelectClipRgn
CreateCompatibleDC
GetBkColor
EndPage
CreateRectRgn
RemoveFontResourceA
SelectObject
GetTextExtentPoint32A
AbortDoc
GetTextColor
CreateSolidBrush
ExtCreatePen
GetTextExtentPoint32W
CreateCompatibleBitmap
GetStdHandle
GetConsoleOutputCP
WaitForSingleObject
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
SetThreadAffinityMask
HeapReAlloc
GetStringTypeW
GetOEMCP
LocalFree
FormatMessageW
InitializeCriticalSection
FindClose
InterlockedDecrement
SetLastError
OpenThread
TlsGetValue
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
RaiseException
EnumSystemLocalesA
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
SetFilePointerEx
GetPrivateProfileStringW
GetModuleHandleA
GlobalAddAtomW
CreateThread
GetSystemDirectoryW
GetExitCodeThread
SetUnhandledExceptionFilter
MulDiv
ExitThread
SetEnvironmentVariableA
TerminateProcess
SearchPathW
WriteConsoleA
GetVersion
VirtualQuery
CreateEventW
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
FreeLibrary
GetStartupInfoA
OpenProcess
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetProcessHeap
CompareStringW
GetFileSizeEx
FindNextFileW
GetProcessWorkingSetSize
FindFirstFileW
IsValidLocale
WaitForMultipleObjects
GetProcAddress
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LCMapStringW
GetSystemInfo
GetConsoleCP
LCMapStringA
GetThreadLocale
GetEnvironmentStringsW
lstrlenW
CreateProcessW
GetEnvironmentStrings
GetCurrentProcessId
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
GetCurrentThread
lstrcpynW
ReadConsoleW
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
IsValidCodePage
HeapCreate
FindResourceW
VirtualFree
Sleep
VirtualAlloc
WNetGetConnectionW
ColorRGBToHLS
UrlUnescapeW
ColorHLSToRGB
RedrawWindow
SetUserObjectSecurity
PostQuitMessage
IsWindow
ScreenToClient
WindowFromPoint
SetMenuItemInfoW
DispatchMessageW
GetCursorPos
GetDlgCtrlID
GetClientRect
GetDlgItemTextW
LoadImageW
GetWindowTextW
LoadAcceleratorsW
InvalidateRgn
PtInRect
DrawEdge
GetParent
SetClassLongW
EnumWindows
CheckRadioButton
GetMessageW
DrawFrameControl
PeekMessageW
EnableWindow
SetWindowPlacement
ShowWindowAsync
ChildWindowFromPoint
TranslateMessage
IsWindowEnabled
GetWindow
RegisterClassW
MsgWaitForMultipleObjects
SetClipboardData
IsZoomed
GetWindowPlacement
SetWindowLongW
DrawMenuBar
EnableMenuItem
TrackPopupMenuEx
CreateMenu
IsDialogMessageW
FillRect
CopyRect
DeferWindowPos
GetWindowLongW
DestroyWindow
MapWindowPoints
RegisterWindowMessageW
OffsetRect
DefMDIChildProcW
KillTimer
CheckMenuRadioItem
IsIconic
GetWindowRect
InflateRect
EnumChildWindows
PostMessageW
CheckDlgButton
CreateDialogParamW
CreatePopupMenu
GetClassLongW
DrawIconEx
SetWindowTextW
GetDlgItem
ClientToScreen
GetScrollInfo
TrackPopupMenu
DialogBoxIndirectParamW
GetMenuItemCount
IsDlgButtonChecked
GetDesktopWindow
GetMenuItemID
ExitWindowsEx
OpenClipboard
EmptyClipboard
IntersectRect
EndDialog
CreateIconIndirect
LoadMenuW
RemoveMenu
GetSysColorBrush
BeginDeferWindowPos
MoveWindow
DialogBoxParamW
AppendMenuW
GetWindowDC
GetSysColor
SetDlgItemTextW
SetScrollInfo
EndDeferWindowPos
IsWindowVisible
SystemParametersInfoW
UnionRect
FrameRect
GetUserObjectSecurity
GetClassNameW
ModifyMenuW
SendMessageTimeoutW
CloseClipboard
DefDlgProcW
TranslateAcceleratorW
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
Number of PE resources by type
RT_DIALOG 3
RT_ACCELERATOR 1
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
SPANISH PARAGUAY 1
FRENCH LUXEMBOURG 1
PE resources
ExifTool file metadata
ProductShortName
MIT University

SubsystemVersion
5.0

OfficialBuild
256

InitializedDataSize
226304

ImageVersion
0.0

ProductName
MIT University

FileVersionNumber
22.0.1229.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

CompanyShortName
MIT University

FileVersion
54.0.12.0

TimeStamp
2016:12:28 14:00:49+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MIT

ProductVersion
54.0.12.0

FileDescription
MIT University

OSVersion
5.0

FileOS
Win32

LegalCopyright
Copyright (C) 2006-2010 MIT University All Rights Reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
MIT University

CodeSize
99328

FileSubtype
0

ProductVersionNumber
22.0.1229.0

LastChange
54.0.12.0

EntryPoint
0x7570

ObjectFileType
Executable application

File identification
MD5 42e26a8f5f635b167d46f0b8fa166a41
SHA1 29e906cd0eff39c349754561cd101e68f0c8fd5d
SHA256 fbffe8790d3d128f5678cde31e0e3b6e3511c6ce73cdfc06b849990855fb4f9f
ssdeep
6144:jY9K/Gak1e/FBNN/tL1pd+3CkkG3hg83uRhc:U9K/Ga/B9Bzy14

authentihash df0d7856f5e74d5826995499e42f51fc49102aa73c06752b0e17d996b62ca54a
imphash d475b8223f5231588ab2fdc6efbbfbff
File size 243.5 KB ( 249344 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-12-31 05:20:45 UTC ( 2 years, 1 month ago )
Last submission 2016-12-31 05:20:45 UTC ( 2 years, 1 month ago )
File names 42e26a8f5f635b167d46f0b8fa166a41.virus
MIT
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!