× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 99370d5162c2d9e165892af3bde7c6de8c44ec5945ed0a1ddb6b827b876931d0
Nombre: ctf4.exe
Detecciones: 52 / 56
Fecha de análisis: 2016-10-14 17:25:20 UTC ( hace 10 meses )
Antivirus Resultado Actualización
Ad-Aware Win32.Murofet.A 20161014
AegisLab Troj.W32.Gen.lijL 20161014
AhnLab-V3 Win32/Murofet 20161014
ALYac Win32.Murofet.A 20161014
Antiy-AVL Virus/Win32.Murofet.a 20161014
Arcabit Win32.Murofet.A 20161014
Avast Win32:MalOb-CS [Cryp] 20161014
AVG Cryptic.COL 20161014
Avira (no cloud) W32/Murofet.A 20161014
AVware Virus.Win32.Murofet.a (v) 20161014
Baidu Win32.Virus.Murofet.a 20161014
BitDefender Win32.Murofet.A 20161014
Bkav W32.Licat.PE 20161014
CAT-QuickHeal W32.Murofet.A 20161014
ClamAV Win.Trojan.Murofet-1 20161014
CMC Virus.Win32.Murofet!O 20161014
Comodo TrojWare.Win32.Kuluoz.DLL 20161014
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20160725
Cyren W32/Murofet.A 20161014
DrWeb Trojan.Packed.21552 20161014
Emsisoft Win32.Murofet.A (B) 20161014
ESET-NOD32 Win32/TrojanDownloader.Small.PAC 20161014
F-Prot W32/Murofet.A 20161014
F-Secure Win32.Murofet.A 20161014
Fortinet W32/Krypt.G!tr 20161014
GData Win32.Murofet.A 20161014
Ikarus Trojan-Dropper.Win32.HDrop 20161014
Sophos ML virtool.win32.obfuscator.wt 20160928
Jiangmin TrojanSpy.Zbot.anuk 20161014
K7AntiVirus Virus ( 0040fa811 ) 20161014
K7GW Virus ( 0040fa811 ) 20161014
Kaspersky Virus.Win32.Murofet.a 20161014
Kingsoft Win32.Murofet.a.30720 20161014
McAfee W32/Zbot 20161014
McAfee-GW-Edition BehavesLike.Win32.Downloader.lm 20161014
Microsoft Virus:Win32/Zbot.B 20161014
eScan Win32.Murofet.A 20161014
NANO-Antivirus Virus.Win32.Nimnul.bhskb 20161014
Panda Generic Malware 20161014
Qihoo-360 Virus.Win32.Licat.A 20161014
Rising Malware.Heuristic!ET (rdm+) 20161014
Sophos AV W32/Murofet-A 20161014
Symantec Trojan.Zbot.B!inf 20161014
Tencent Win32.Virus.Murofet.Pcir 20161014
TheHacker Backdoor/Bredolab.hsp 20161014
TrendMicro PE_LICAT.A 20161014
TrendMicro-HouseCall PE_LICAT.A 20161014
VBA32 Virus.Win32.Murofet.A 20161013
VIPRE Virus.Win32.Murofet.a (v) 20161014
ViRobot Win32.Murofet.A[h] 20161014
Yandex Trojan.DL.Small!UT6piqrytkw 20161013
Zillya Virus.Murofet.Win32.1 20161013
Alibaba 20161014
Malwarebytes 20161014
nProtect 20161014
SUPERAntiSpyware 20161014
Zoner 20161014
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-09-30 12:26:17
Entry Point 0x0000175C
Number of sections 4
PE sections
Overlays
MD5 390b6f5604bb7eb68884a854f6734b3f
File type data
Offset 17920
Size 1536
Entropy 6.20
PE imports
GetACP
GetOEMCP
GetDriveTypeW
GetUserDefaultLangID
lstrcmpA
TlsFree
CreateProcessInternalA
lstrcatA
GetModuleHandleW
GetCurrentProcessId
FreeLibrary
GetSystemDefaultLCID
TlsGetValue
GetLogicalDrives
GetCommandLineA
GetModuleFileNameA
IsDBCSLeadByte
VirtualAlloc
GetCurrentThreadId
TlsSetValue
GetCurrentThread
StrCmpNA
StrRChrIA
StrRChrA
StrChrA
StrChrIA
StrCmpNIA
CreateAssemblyNameObject
SxsLookupClrGuid
CreateAssemblyCache
SxsInstallW
GetWindowLongA
GetSystemMetrics
BeginPaint
GetForegroundWindow
UpdateWindow
GetActiveWindow
GetWindowTextLengthA
GetWindowDC
IsWindowVisible
CloseWindow
GetFocus
GetClassLongA
ReleaseDC
GetWindow
GetWindowTextA
ShowWindow
IsIconic
RegisterClassA
GetDC
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2009:09:30 13:26:17+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
2048

LinkerVersion
5.0

FileTypeExtension
exe

InitializedDataSize
9728

SubsystemVersion
4.0

EntryPoint
0x175c

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
5980

File identification
MD5 4c017ac3bba817369cd09e09d45a2e4d
SHA1 5e32a3c2fae62313e609ede57b0e01d768d41fbc
SHA256 99370d5162c2d9e165892af3bde7c6de8c44ec5945ed0a1ddb6b827b876931d0
ssdeep
192:roM9VVqbam/t/krJadkLXhtKgnnR/sgl0ziTXrqEPIicN3IBLgI5K0H/n5:cMWt/kr0dyxIAeUOEIyDKM/n

authentihash f7e0fb518422aa8548529f05436bb61c88d55ef9675a646df982a71e1dcf5bd9
imphash 245ea291197ed79d0bfbea0bef117cf3
Tamaño del fichero 19.0 KB ( 19456 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe overlay

VirusTotal metadata
First submission 2010-09-29 02:05:13 UTC ( hace 6 años, 10 meses )
Last submission 2016-10-14 17:25:20 UTC ( hace 10 meses )
Nombres ctf4.exe
aa
murofet14.exe
murofet15.exe
KGqkO8jWz.tar.bz2
V5Zfq.xlsm
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!