× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fe4d7a46de5675ac33ef81fb094d35b306c6d247a316d749c13d488593093247
File name: .
Detection ratio: 44 / 69
Analysis date: 2019-02-06 19:45:22 UTC ( 1 month, 2 weeks ago )
Antivirus Result Update
Acronis suspicious 20190130
Ad-Aware Trojan.Agent.DJZO 20190206
AhnLab-V3 Malware/Win32.Generic.C2871571 20190206
Antiy-AVL Trojan[Banker]/Win32.IcedID 20190206
Arcabit Trojan.Agent.DJZO 20190206
Avast Win32:Trojan-gen 20190206
AVG Win32:Trojan-gen 20190206
Avira (no cloud) HEUR/AGEN.1037293 20190206
BitDefender Trojan.Agent.DJZO 20190206
CAT-QuickHeal Trojan.UrsnifRI.S4525369 20190206
Comodo TrojWare.Win32.Muldrop.CE@7yvsh4 20190206
Cybereason malicious.9ff3f9 20190109
Cylance Unsafe 20190206
Cyren W32/Agent.ATC.gen!Eldorado 20190206
DrWeb Trojan.IcedID.15 20190206
Emsisoft Trojan.Agent.DJZO (B) 20190206
ESET-NOD32 a variant of Win32/Kryptik.GNFR 20190206
F-Prot W32/Agent.ATC.gen!Eldorado 20190206
F-Secure Heuristic.HEUR/AGEN.1037293 20190206
Fortinet W32/GenKryptik.CRRJ!tr 20190206
GData Trojan.Agent.DJZO 20190206
Ikarus Trojan-Banker.Emotet 20190206
Jiangmin Trojan.Banker.IcedID.dv 20190206
K7AntiVirus Trojan ( 00542a031 ) 20190206
K7GW Trojan ( 00542a031 ) 20190206
Kaspersky HEUR:Trojan.Win32.Generic 20190206
Malwarebytes Trojan.Banker 20190206
MAX malware (ai score=80) 20190206
McAfee GenericRXGQ-CR!4A8C50F9FF3F 20190206
McAfee-GW-Edition GenericRXGQ-CR!4A8C50F9FF3F 20190206
Microsoft Trojan:Win32/Fuery.B!cl 20190206
eScan Trojan.Agent.DJZO 20190206
NANO-Antivirus Trojan.Win32.IcedID.fkscaa 20190206
Panda Trj/GdSda.A 20190206
Qihoo-360 HEUR/QVM10.1.0D91.Malware.Gen 20190206
Rising Trojan.Kryptik!8.8 (TFE:5:LRc7qSRu1ME) 20190206
Sophos AV Troj/BokBot-H 20190206
SUPERAntiSpyware Trojan.Agent/Gen-Injector 20190130
Symantec Trojan.IcedID 20190206
VBA32 TrojanBanker.IcedID 20190206
Webroot W32.Trojan.Emotet 20190206
Yandex Trojan.PWS.IcedID! 20190206
Zillya Trojan.Agent.Win32.1025364 20190206
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20190206
AegisLab 20190206
Alibaba 20180921
Avast-Mobile 20190206
Babable 20180917
Baidu 20190201
Bkav 20190201
ClamAV 20190206
CMC 20190206
CrowdStrike Falcon (ML) 20181023
eGambit 20190206
Endgame 20181108
Sophos ML 20181128
Kingsoft 20190206
Palo Alto Networks (Known Signatures) 20190206
SentinelOne (Static ML) 20190203
TACHYON 20190205
Tencent 20190206
TheHacker 20190203
TotalDefense 20190206
Trapmine 20190123
TrendMicro 20190206
TrendMicro-HouseCall 20190206
Trustlook 20190206
ViRobot 20190206
Zoner 20190206
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2008 ELEKS Fire. All rights reserved

Product Logglass
Original name icesuit.exe
Internal name Logglass
File version 9.4.86.10
Comments stri
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-11-27 10:30:19
Entry Point 0x00001F0C
Number of sections 4
PE sections
PE imports
DeviceIoControl
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetLastError
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetModuleFileNameA
GetACP
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
GetConsoleMode
GetLocaleInfoA
GetCurrentProcessId
GetConsoleOutputCP
WriteConsoleW
IsValidCodePage
GetWindowsDirectoryA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineA
GetProcAddress
GetStringTypeA
SetStdHandle
GetTempPathA
WideCharToMultiByte
TlsFree
SetFilePointer
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
CloseHandle
GetSystemTimeAsFileTime
GetSystemDirectoryA
HeapReAlloc
GetStringTypeW
GetModuleHandleW
TerminateProcess
LCMapStringA
WriteConsoleA
GetEnvironmentVariableA
HeapCreate
VirtualFree
TlsGetValue
Sleep
GetFileType
GetTickCount
TlsSetValue
CreateFileA
ExitProcess
GetCurrentThreadId
InterlockedIncrement
VirtualAlloc
SetLastError
LeaveCriticalSection
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

Comments
stri

InitializedDataSize
79872

ImageVersion
0.0

ProductName
Logglass

FileVersionNumber
9.4.86.10

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
exe

OriginalFileName
icesuit.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
9.4.86.10

TimeStamp
2009:11:27 02:30:19-08:00

FileType
Win32 EXE

PEType
PE32

InternalName
Logglass

ProductVersion
9.4.86.10

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

LegalCopyright
Copyright 2008 ELEKS Fire. All rights reserved

MachineType
Intel 386 or later, and compatibles

CompanyName
ELEKS Fire

CodeSize
86016

FileSubtype
0

ProductVersionNumber
9.4.86.10

EntryPoint
0x1f0c

ObjectFileType
Executable application

File identification
MD5 4a8c50f9ff3f9e0b42c503e2d956c80f
SHA1 9d02b1229505cc5e88c11d88794dea7531ac79bc
SHA256 fe4d7a46de5675ac33ef81fb094d35b306c6d247a316d749c13d488593093247
ssdeep
1536:CP8HS3Az6R+HtqKm8APNeTibjQHRnHA0L4meD2iZjumJBoQgVk5vAMxlDt5g11As:uYLHtqFw5L4meyXwBZFLxlJ5g8UI+1z

authentihash 3d9ee9dc260d243a16873765b80b8ebff961c04d467a7937a98e02fdea7fb674
imphash 68954fb748e5f3b6bf5a826c3d8ff209
File size 116.5 KB ( 119296 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2019-02-06 19:45:22 UTC ( 1 month, 2 weeks ago )
Last submission 2019-02-06 19:45:22 UTC ( 1 month, 2 weeks ago )
File names Logglass
icesuit.exe
.
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs