× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ff4808ea81ad1f7223d542fd6aad0e3819a4f3f18b47ff2445adce1e4336194d
File name: 96da073001aacf278dc42a4e037cf1bd
Detection ratio: 6 / 54
Analysis date: 2014-10-29 11:41:07 UTC ( 2 years, 8 months ago )
Antivirus Result Update
Comodo Heur.Corrupt.PE 20141029
F-Prot W32/Damaged_File.gen!Eldorado 20141029
McAfee-GW-Edition BehavesLike.Win32.Backdoor.fc 20141028
Symantec WS.Reputation.1 20141029
TheHacker W32/Behav-Heuristic-CorruptFile-EP 20141028
TrendMicro-HouseCall Suspicious_GEN.F47V1027 20141029
Ad-Aware 20141029
AegisLab 20141029
Yandex 20141028
AhnLab-V3 20141028
Antiy-AVL 20141029
Avast 20141029
AVG 20141029
Avira (no cloud) 20141029
AVware 20141029
Baidu-International 20141027
BitDefender 20141029
Bkav 20141027
ByteHero 20141029
CAT-QuickHeal 20141029
ClamAV 20141029
CMC 20141029
Cyren 20141029
DrWeb 20141029
Emsisoft 20141029
ESET-NOD32 20141029
F-Secure 20141029
Fortinet 20141029
GData 20141029
Ikarus 20141029
Jiangmin 20141028
K7AntiVirus 20141028
K7GW 20141028
Kaspersky 20141029
Kingsoft 20141029
Malwarebytes 20141029
McAfee 20141029
Microsoft 20141029
eScan 20141029
NANO-Antivirus 20141029
Norman 20141029
nProtect 20141028
Qihoo-360 20141029
Rising 20141029
Sophos 20141029
SUPERAntiSpyware 20141029
Tencent 20141029
TotalDefense 20141027
TrendMicro 20141029
VBA32 20141029
VIPRE 20141029
ViRobot 20141029
Zillya 20141029
Zoner 20141024
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-09-18 14:50:36
Entry Point 0x003281F0
Number of sections 3
PE sections
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2014:09:18 15:50:36+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
2781184

LinkerVersion
6.0

FileAccessDate
2014:10:29 12:41:57+01:00

Warning
Error processing PE data dictionary

EntryPoint
0x3281f0

InitializedDataSize
32768

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

FileCreateDate
2014:10:29 12:41:57+01:00

UninitializedDataSize
528384

File identification
MD5 96da073001aacf278dc42a4e037cf1bd
SHA1 707b78dbc24da0fdcfe94c59bfabd14a79e92d0b
SHA256 ff4808ea81ad1f7223d542fd6aad0e3819a4f3f18b47ff2445adce1e4336194d
ssdeep
6144:fd3fLLxSxdcmsmKaQBznK95Ym2tUtzOC7Sb//nhFNMoXXAjeHn53DH5CI+mFCB48:F3fpSx9pQ49xxP23nhXXv31JZ0

authentihash 72acd536205616900e5bbe0b993b727a1f2c2711acbe3c1f613619d6a422859e
File size 353.7 KB ( 362150 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
corrupt peexe

VirusTotal metadata
First submission 2014-10-01 00:35:30 UTC ( 2 years, 9 months ago )
Last submission 2014-10-01 00:35:30 UTC ( 2 years, 9 months ago )
File names 96da073001aacf278dc42a4e037cf1bd
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!