× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 65f063c433dcfc40b2576216702b9e0f9f6fd2f7489f62fc35c880f0a4127092
Nombre: F47D.tmp.exe
Detecciones: 2 / 55
Fecha de análisis: 2015-12-19 17:26:00 UTC ( hace 3 años, 3 meses ) Ver el más reciente
Antivirus Resultado Actualización
Malwarebytes Ransom.TeslaCrypt 20151219
Qihoo-360 HEUR/QVM41.1.Malware.Gen 20151219
Ad-Aware 20151219
AegisLab 20151219
Yandex 20151219
AhnLab-V3 20151219
Alibaba 20151208
ALYac 20151218
Antiy-AVL 20151219
Arcabit 20151219
Avast 20151219
AVG 20151219
Avira (no cloud) 20151219
AVware 20151219
Baidu-International 20151219
BitDefender 20151219
Bkav 20151219
ByteHero 20151219
CAT-QuickHeal 20151219
ClamAV 20151219
CMC 20151217
Comodo 20151219
Cyren 20151219
DrWeb 20151219
Emsisoft 20151219
ESET-NOD32 20151219
F-Prot 20151219
F-Secure 20151218
Fortinet 20151219
GData 20151219
Ikarus 20151219
Jiangmin 20151219
K7AntiVirus 20151219
K7GW 20151219
Kaspersky 20151219
McAfee 20151219
McAfee-GW-Edition 20151219
Microsoft 20151219
eScan 20151219
NANO-Antivirus 20151219
nProtect 20151218
Panda 20151219
Rising 20151218
Sophos AV 20151219
SUPERAntiSpyware 20151219
Symantec 20151217
Tencent 20151219
TheHacker 20151218
TrendMicro 20151219
TrendMicro-HouseCall 20151219
VBA32 20151218
VIPRE 20151219
ViRobot 20151219
Zillya 20151218
Zoner 20151219
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-12-19 12:47:53
Entry Point 0x0000CF8A
Number of sections 7
PE sections
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetOpenFileNameA
SetThreadLocale
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
GetFileAttributesW
lstrcmpW
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
GetVolumeInformationW
SetErrorMode
FreeEnvironmentStringsW
GetLocaleInfoW
EnumResourceLanguagesW
GetFileTime
WideCharToMultiByte
GetStringTypeA
GetSystemTimeAsFileTime
WriteFile
MoveFileA
SetStdHandle
GetDiskFreeSpaceA
GetStringTypeW
GetFullPathNameA
SetEvent
LocalFree
FormatMessageW
ResumeThread
GetExitCodeProcess
BeginUpdateResourceW
LoadResource
GlobalHandle
GetLogicalDriveStringsW
FindClose
InterlockedDecrement
FormatMessageA
SetFileAttributesW
GetStringTypeExA
GetCurrentThread
GetEnvironmentVariableW
SetLastError
ReadConsoleInputA
GlobalFindAtomW
UpdateResourceW
GetModuleFileNameW
GlobalFindAtomA
ExitProcess
FlushFileBuffers
GetModuleFileNameA
EnumCalendarInfoA
EnumSystemLocalesA
GetSystemDefaultLCID
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
GetPrivateProfileStringW
SetFilePointer
GetFullPathNameW
GlobalAddAtomW
CreateThread
SetEnvironmentVariableW
GetSystemDirectoryW
CreatePipe
GetExitCodeThread
GlobalAddAtomA
SetUnhandledExceptionFilter
ConvertDefaultLocale
CreateMutexW
MulDiv
GetDateFormatA
ExitThread
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
GetVersion
SetCurrentDirectoryW
GlobalAlloc
GetDiskFreeSpaceExW
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
HeapCreate
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
GetTimeZoneInformation
SetHandleCount
LoadLibraryW
EndUpdateResourceW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
CopyFileW
GetStartupInfoA
UnlockFile
GetWindowsDirectoryW
GetFileSize
GlobalDeleteAtom
DeleteFileA
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetConsoleScreenBufferInfo
GetProcessHeap
CompareStringW
GlobalReAlloc
RemoveDirectoryW
lstrcmpA
FindNextFileW
lstrcpyA
CompareStringA
CreateFileMappingA
FindFirstFileW
IsValidLocale
DuplicateHandle
GetProcAddress
CreateEventW
CreateFileW
CreateEventA
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
InitializeCriticalSection
LocalReAlloc
LCMapStringW
SetConsoleMode
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
FindResourceW
LCMapStringA
HeapReAlloc
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
GetCPInfo
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
WritePrivateProfileStringW
GetSystemDefaultLangID
RaiseException
UnhandledExceptionFilter
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
GlobalFlags
CloseHandle
GetTimeFormatA
GetACP
GlobalLock
GetModuleHandleW
FreeResource
FindResourceExW
GetEnvironmentStrings
CreateProcessA
TlsGetValue
IsValidCodePage
UnmapViewOfFile
GetTempPathW
VirtualQuery
VirtualFree
Sleep
FindResourceA
VirtualAlloc
GetOEMCP
ResetEvent
CharLowerA
GetParent
LoadStringA
ClientToScreen
GetKeyboardType
BeginPaint
CharNextA
CharUpperBuffA
CallWindowProcA
MessageBoxA
ChildWindowFromPoint
AdjustWindowRectEx
CharLowerBuffA
CheckMenuItem
CallNextHookEx
ActivateKeyboardLayout
CharToOemA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemAlloc
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2015:12:19 13:47:53+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
103424

LinkerVersion
9.0

EntryPoint
0xcf8a

InitializedDataSize
241664

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 f474151306092969f31b24ccb28fe852
SHA1 b95d5a845b12e330e4eb12f75ae186314a030fba
SHA256 65f063c433dcfc40b2576216702b9e0f9f6fd2f7489f62fc35c880f0a4127092
ssdeep
6144:gWOMNTeog0fHn93JbF11KMI1+ruVEfsTGgzyDAcqTVA/m3m6uNjia:gWOMPg0P1K74pUWDAcoq/m35uN3

authentihash f21d308ca9ea41e6343117893d4e91b845664bae6b1801a09f909b336b781924
imphash 892985add7be5feef01435180d9e8127
Tamaño del fichero 338.0 KB ( 346112 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe

VirusTotal metadata
First submission 2015-12-19 17:26:00 UTC ( hace 3 años, 3 meses )
Last submission 2015-12-22 09:19:28 UTC ( hace 3 años, 2 meses )
Nombres F47D.tmp.exe
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Deleted files
Created processes
Shell commands
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections