× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fe127f350a0c591ddec6e4c338439d24badb5e51945c41a1b8d2cf98cb438d6e
File name: Brea
Detection ratio: 23 / 48
Analysis date: 2013-12-14 09:59:17 UTC ( 3 years, 6 months ago )
Antivirus Result Update
AntiVir TR/Agent.cada.23124 20131214
Avast Win32:Malware-gen 20131214
AVG Zbot.EHO 20131214
Baidu-International Trojan.Win32.Demp.AZQ 20131213
ByteHero Virus.Win32.Heur.p 20130613
CMC Heur.Win32.Veebee.1!O 20131213
Comodo UnclassifiedMalware 20131214
DrWeb Trojan.PWS.Panda.2401 20131214
ESET-NOD32 a variant of Win32/Injector.ATGA 20131214
F-Secure Trojan.GenericKD.1454183 20131214
Fortinet W32/Injector.ATGA!tr 20131214
GData Trojan.GenericKD.1454183 20131214
Ikarus Virus.Win32.Zbot 20131214
Kaspersky Trojan-Dropper.Win32.Demp.rbx 20131214
Malwarebytes Trojan.VBInject 20131214
McAfee Artemis!3751904F2CAE 20131214
McAfee-GW-Edition Artemis!3751904F2CAE 20131213
Panda Trj/CI.A 20131213
Rising PE:Trojan.VBInject!1.6546 20131210
Sophos Mal/Generic-S 20131214
Symantec WS.Reputation.1 20131214
TrendMicro-HouseCall TROJ_GEN.R0CBB01LD13 20131214
VIPRE Trojan.Win32.Generic!BT 20131214
Ad-Aware 20131211
Yandex 20131213
AhnLab-V3 20131214
Antiy-AVL 20131210
BitDefender 20131211
Bkav 20131214101257
CAT-QuickHeal 20131209
ClamAV 20131214
Commtouch 20131214
Emsisoft 20131214
F-Prot 20131214
Jiangmin 20131214
K7AntiVirus 20131213
K7GW 20131213
Kingsoft 20130829
Microsoft 20131214
eScan 20131214
NANO-Antivirus 20131214
Norman 20131214
nProtect 20131213
SUPERAntiSpyware 20131214
TheHacker 20131212
TotalDefense 20131214
TrendMicro 20131214
VBA32 20131213
ViRobot 20131214
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Symantec Corporation Pink

Publisher Symantec Corporation Yellow
Product Seething preevapo photomet canopus
Original name Brea.exe
Internal name Brea
File version 7.06.0007
Description Janty's adusted vapouriz sipuncul
Packers identified
F-PROT UPX
PEiD UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-12-11 07:30:20
Entry Point 0x000FC830
Number of sections 3
PE sections
PE imports
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
Ord(546)
Number of PE resources by type
RT_ICON 3
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
28672

ImageVersion
7.6

ProductName
Seething preevapo photomet canopus

FileVersionNumber
7.6.0.7

UninitializedDataSize
720896

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

LinkerVersion
6.0

OriginalFilename
Brea.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
7.06.0007

TimeStamp
2013:12:11 08:30:20+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Brea

FileAccessDate
2013:12:14 12:05:19+01:00

ProductVersion
7.06.0007

FileDescription
Janty's adusted vapouriz sipuncul

OSVersion
4.0

FileCreateDate
2013:12:14 12:05:19+01:00

FileOS
Win32

LegalCopyright
Symantec Corporation Pink

MachineType
Intel 386 or later, and compatibles

CompanyName
Symantec Corporation Yellow

CodeSize
311296

FileSubtype
0

ProductVersionNumber
7.6.0.7

EntryPoint
0xfc830

ObjectFileType
Executable application

File identification
MD5 3751904f2cae24f9a030a54f1937ca9e
SHA1 4555fa177a77822fcc470f073812bf93907685f9
SHA256 fe127f350a0c591ddec6e4c338439d24badb5e51945c41a1b8d2cf98cb438d6e
ssdeep
6144:JfNsfQWWnd5KxHmgZQJtDXm8rmpqqiqweFyv2wY:JCIn8XZQJtD5mPyI

File size 329.5 KB ( 337408 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (42.3%)
Win32 EXE Yoda's Crypter (36.7%)
Win32 Dynamic Link Library (generic) (9.1%)
Win32 Executable (generic) (6.2%)
Generic Win/DOS Executable (2.7%)
Tags
peexe upx

VirusTotal metadata
First submission 2013-12-13 08:24:47 UTC ( 3 years, 6 months ago )
Last submission 2013-12-13 08:24:47 UTC ( 3 years, 6 months ago )
File names Brea.exe
Brea
3751904f2cae24f9a030a54f1937ca9e
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!