× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 82e86602ed7b64addf247191a541c22426bbd14d29bfaf35a18e871bd2fb87de
Nombre: l4g4r-p0_71.exe
Detecciones: 3 / 56
Fecha de análisis: 2016-12-27 06:04:55 UTC ( hace 2 años, 2 meses )
Antivirus Resultado Actualización
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9871 20161207
Sophos ML backdoor.msil.bladabindi.b 20161216
Qihoo-360 HEUR/QVM10.1.0000.Malware.Gen 20161227
Ad-Aware 20161227
AegisLab 20161227
AhnLab-V3 20161227
Alibaba 20161223
ALYac 20161227
Antiy-AVL 20161227
Arcabit 20161227
Avast 20161227
AVG 20161227
Avira (no cloud) 20161226
AVware 20161227
BitDefender 20161227
Bkav 20161227
CAT-QuickHeal 20161227
ClamAV 20161227
CMC 20161226
Comodo 20161227
CrowdStrike Falcon (ML) 20161024
Cyren 20161227
DrWeb 20161227
Emsisoft 20161227
ESET-NOD32 20161227
F-Prot 20161227
F-Secure 20161227
Fortinet 20161227
GData 20161227
Ikarus 20161226
Jiangmin 20161226
K7AntiVirus 20161226
K7GW 20161227
Kaspersky 20161227
Kingsoft 20161227
Malwarebytes 20161227
McAfee 20161227
McAfee-GW-Edition 20161227
Microsoft 20161227
eScan 20161227
NANO-Antivirus 20161227
nProtect 20161227
Panda 20161226
Rising 20161227
Sophos AV 20161227
SUPERAntiSpyware 20161227
Symantec 20161227
Tencent 20161227
TheHacker 20161226
TrendMicro 20161227
TrendMicro-HouseCall 20161227
Trustlook 20161227
VBA32 20161226
VIPRE 20161227
ViRobot 20161227
WhiteArmor 20161221
Yandex 20161226
Zillya 20161226
Zoner 20161227
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT RAR
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-02-15 08:00:31
Entry Point 0x0001D7CB
Number of sections 4
PE sections
Overlays
MD5 56cecb02fdf3429617dd696014e24e51
File type data
Offset 410112
Size 95976218
Entropy 8.00
PE imports
RegCreateKeyExW
RegCloseKey
OpenProcessToken
RegSetValueExW
RegOpenKeyExW
SetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControlsEx
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
GetDeviceCaps
DeleteDC
SelectObject
StretchBlt
GetObjectW
CreateDIBSection
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
WaitForSingleObject
GetFileAttributesW
SystemTimeToTzSpecificLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
OpenFileMappingW
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
GetStringTypeA
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
GetExitCodeProcess
InitializeCriticalSection
FindClose
InterlockedDecrement
MoveFileW
SetFileAttributesW
SetLastError
GetSystemTime
DeviceIoControl
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
SetThreadPriority
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
SetFilePointer
GetFullPathNameW
CreateThread
SetEnvironmentVariableW
MoveFileExW
SetUnhandledExceptionFilter
TzSpecificLocalTimeToSystemTime
TerminateProcess
CreateSemaphoreW
WriteConsoleA
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
GetNumberFormatW
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetDateFormatW
SetEvent
DeleteFileW
GetProcAddress
CreateFileMappingW
CompareStringW
WriteFile
RemoveDirectoryW
ExpandEnvironmentStringsW
FindNextFileW
CreateDirectoryW
ResetEvent
FindFirstFileW
GetProcessAffinityMask
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
LCMapStringW
GetShortPathNameW
HeapCreate
GetConsoleCP
LCMapStringA
GetTimeFormatW
GetEnvironmentStringsW
IsDBCSLeadByte
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
RaiseException
ReleaseSemaphore
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetLongPathNameW
IsValidCodePage
UnmapViewOfFile
FindResourceW
VirtualFree
Sleep
VirtualAlloc
CreateHardLinkW
VariantInit
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
SHAutoComplete
MapWindowPoints
SetFocus
GetParent
UpdateWindow
EndDialog
LoadBitmapW
SetWindowTextW
DefWindowProcW
GetWindowTextW
GetMessageW
ShowWindow
SetWindowPos
wvsprintfW
GetSystemMetrics
SetWindowLongW
IsWindow
SendMessageW
GetWindowRect
EnableWindow
CharUpperW
DialogBoxParamW
SendDlgItemMessageW
GetDlgItemTextW
PostMessageW
GetSysColor
SetDlgItemTextW
GetDC
GetWindowLongW
ReleaseDC
DestroyIcon
TranslateMessage
IsWindowVisible
LoadStringW
GetClientRect
GetDlgItem
GetWindow
OemToCharBuffA
DispatchMessageW
MessageBoxW
PeekMessageW
GetClassNameW
CopyRect
WaitForInputIdle
LoadCursorW
LoadIconW
FindWindowExW
CreateWindowExW
RegisterClassExW
SetForegroundWindow
DestroyWindow
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromString
OleInitialize
OleUninitialize
Number of PE resources by type
RT_ICON 12
RT_STRING 9
RT_DIALOG 6
RT_MANIFEST 1
RT_BITMAP 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 16
NEUTRAL DEFAULT 14
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2015:02:15 09:00:31+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
165888

LinkerVersion
9.0

EntryPoint
0x1d7cb

InitializedDataSize
243200

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 3bf40f8ebeec57f098b25f0c042a1db9
SHA1 2fb9a0cd1e6a0b1fa28d5484a4d19a89671d3c85
SHA256 82e86602ed7b64addf247191a541c22426bbd14d29bfaf35a18e871bd2fb87de
ssdeep
1572864:PLqagVDmKRV9enLP/XhGPmvftJ4iJzV8RrtzSMWIn94Je8IZX0yBfjbkyW+OJIHF:PL0VDmKR78XCoftJnVIrt4JUkyd4yrOU

authentihash f16c84b4d66d4f7a2107442eaa61d2cf67152fc370fed79ed0b547113b582666
imphash 4cfda23baf1e2e983ddfeca47a5c755a
Tamaño del fichero 91.9 MB ( 96386330 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-12-27 06:04:55 UTC ( hace 2 años, 2 meses )
Last submission 2016-12-27 06:04:55 UTC ( hace 2 años, 2 meses )
Nombres l4g4r-p0_71.exe
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!