× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: a3a8959b5505029b773fb2ad1c2dc7adf657b17199d5e77b6cc796327d4a1561
Nombre: 4a01302e8ecd626daa2069a2f0e01df373ef1b7a
Detecciones: 48 / 60
Fecha de análisis: 2017-03-24 05:34:01 UTC ( hace 2 días, 1 hora )
Antivirus Resultado Actualización
Ad-Aware Trojan.Downloader.JTHG 20170324
AegisLab Troj.W32.Reconyc!c 20170324
AhnLab-V3 Trojan/Win32.Reconyc.R194275 20170324
ALYac Trojan.Downloader.JTHG 20170324
Antiy-AVL Trojan/Win32.Reconyc 20170324
Arcabit Trojan.Downloader.JTHG 20170324
Avast Win32:Trojan-gen 20170324
AVG Generic38.AJKP 20170324
Avira (no cloud) DR/Delphi.amsqb 20170324
AVware Trojan.Win32.Generic!BT 20170324
BitDefender Trojan.Downloader.JTHG 20170324
CAT-QuickHeal Trojan.Reconyc 20170324
ClamAV Win.Trojan.Agent-5678761-0 20170323
CrowdStrike Falcon (ML) malicious_confidence_91% (W) 20170130
Cyren W32/Injector.THEA-2635 20170324
DrWeb Trojan.DownLoader12.29878 20170324
Emsisoft Trojan.Downloader.JTHG (B) 20170324
Endgame malicious (moderate confidence) 20170317
ESET-NOD32 Win32/Injector.DKAK 20170324
F-Prot W32/Injector.DDC 20170324
F-Secure Trojan.Downloader.JTHG 20170324
Fortinet W32/Injector.DJWH!tr 20170324
GData Trojan.Downloader.JTHG 20170324
Ikarus Trojan.Win32.Injector 20170323
K7AntiVirus Trojan ( 00502dad1 ) 20170324
K7GW Trojan ( 00502dad1 ) 20170324
Kaspersky Trojan.Win32.Reconyc.hpgk 20170324
Malwarebytes Spyware.KeyBase 20170324
McAfee Artemis!C4B6B014E0B8 20170324
McAfee-GW-Edition BehavesLike.Win32.Worm.tc 20170324
Microsoft TrojanSpy:MSIL/Golroted.F 20170324
eScan Trojan.Downloader.JTHG 20170324
NANO-Antivirus Trojan.Win32.Reconyc.eksdtm 20170324
nProtect Trojan/W32.Reconyc.1525248 20170324
Palo Alto Networks (Known Signatures) generic.ml 20170324
Panda Trj/CI.A 20170323
Qihoo-360 Win32/Trojan.d34 20170324
Rising Trojan.Injector!8.C4 (cloud:ZJZUxJ3OzKK) 20170324
SentinelOne (Static ML) static engine - malicious 20170315
Sophos Mal/Generic-S 20170324
SUPERAntiSpyware Trojan.Agent/Gen-Injector 20170324
Symantec Infostealer.Limitail 20170322
Tencent Win32.Trojan.Reconyc.Szbi 20170324
VBA32 Trojan.Reconyc 20170323
VIPRE Trojan.Win32.Generic!BT 20170324
ViRobot Trojan.Win32.Z.Injector.1525248[h] 20170323
Yandex Trojan.Reconyc! 20170323
ZoneAlarm by Check Point Trojan.Win32.Reconyc.hpgk 20170324
Alibaba 20170324
Baidu 20170323
Bkav 20170323
CMC 20170317
Comodo 20170324
Invincea 20170203
Jiangmin 20170324
Kingsoft 20170324
Symantec Mobile Insight 20170324
TheHacker 20170321
TotalDefense 20170324
TrendMicro-HouseCall 20170324
Trustlook 20170324
WhiteArmor 20170315
Zillya 20170323
Zoner 20170324
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 2001 Borland Software Corp.

File version 6.0.0.0
Packers identified
PEiD BobSoft Mini Delphi -> BoB / BobSoft
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x000A7AB8
Number of sections 8
PE sections
PE imports
RegOpenKeyExA
RegFlushKey
RegQueryValueExA
RegCloseKey
ImageList_BeginDrag
ImageList_SetBkColor
ImageList_Replace
InitCommonControls
ImageList_SetDragCursorImage
ImageList_Read
ImageList_GetDragImage
ImageList_Create
ImageList_DragMove
ImageList_DrawEx
ImageList_SetIconSize
ImageList_Write
ImageList_GetImageCount
ImageList_Destroy
ImageList_Draw
ImageList_GetIconSize
ImageList_DragLeave
ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_Add
ImageList_DragShowNolock
ImageList_Remove
ImageList_EndDrag
GetBrushOrgEx
PolyPolyline
GetEnhMetaFileDescriptionA
DeleteEnhMetaFile
SetMapMode
GetWindowOrgEx
PatBlt
GetClipBox
GetDIBColorTable
SaveDC
GetCurrentPositionEx
CreateFontIndirectA
GetTextMetricsA
MaskBlt
CreateBrushIndirect
SetStretchBltMode
GetEnhMetaFilePaletteEntries
BitBlt
GetPixel
Rectangle
Polygon
GetObjectA
ExcludeClipRect
LineTo
DeleteDC
RestoreDC
SetBkMode
GetSystemPaletteEntries
SetPixel
EndDoc
CreateSolidBrush
StartPage
DeleteObject
IntersectClipRect
CreateHalftonePalette
CreateDIBSection
CopyEnhMetaFileA
RealizePalette
SetTextColor
GetDeviceCaps
MoveToEx
SetEnhMetaFileBits
SetAbortProc
CreateDCA
CreateBitmap
CreateICA
RectVisible
CreatePalette
GetStockObject
CreateDIBitmap
SetViewportOrgEx
SelectPalette
ExtTextOutA
UnrealizeObject
GetDIBits
CreateEnhMetaFileA
FlattenPath
GetEnhMetaFileBits
SetBrushOrgEx
GetDCOrgEx
PlayEnhMetaFile
StretchBlt
GetBitmapBits
CreateCompatibleDC
CloseEnhMetaFile
SetROP2
EndPage
SelectObject
StartDocA
GetWinMetaFileBits
SetDIBColorTable
CreateCompatibleBitmap
SetWindowExtEx
GetEnhMetaFileHeader
GetPaletteEntries
SetWindowOrgEx
Polyline
ExtCreatePen
GetTextExtentPointA
SetBkColor
SetWinMetaFileBits
SetViewportExtEx
GetTextExtentPoint32A
CreatePenIndirect
LPtoDP
SetThreadLocale
GetStdHandle
FileTimeToDosDateTime
WaitForSingleObject
DeleteCriticalSection
GetLocaleInfoA
LocalAlloc
ExpandEnvironmentStringsA
SetErrorMode
GetCPInfo
WriteFile
GetDiskFreeSpaceA
SetEvent
LocalFree
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
GetProfileIntA
GetStringTypeExA
GlobalFindAtomA
ExitProcess
GetModuleFileNameA
EnumCalendarInfoA
GetPriorityClass
LoadLibraryExA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
FormatMessageA
GetModuleHandleA
CreateThread
GlobalAddAtomA
MulDiv
GetNumberFormatA
GlobalAlloc
SetEndOfFile
GetVersion
InterlockedIncrement
EnterCriticalSection
FreeLibrary
GetTickCount
GetVersionExA
LoadLibraryA
RtlUnwind
GlobalSize
GetStartupInfoA
GetFileSize
GetNamedPipeHandleStateA
DeleteFileA
GetUserDefaultLCID
GlobalReAlloc
lstrcmpA
FindFirstFileA
lstrcpyA
GetProfileStringA
ResetEvent
GetComputerNameA
GetProcAddress
CreateEventA
GetFileType
TlsSetValue
CreateFileA
LeaveCriticalSection
GetLastError
GlobalDeleteAtom
GetSystemInfo
lstrlenA
GlobalFree
GetThreadLocale
GlobalUnlock
VirtualQuery
FileTimeToLocalFileTime
SizeofResource
GetCurrentProcessId
LockResource
WideCharToMultiByte
GetCommandLineA
RaiseException
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetACP
GlobalLock
GetCurrentThreadId
FreeResource
VirtualFree
Sleep
FindResourceA
VirtualAlloc
CompareStringA
CreateStreamOnHGlobal
OleDraw
CoInitialize
ProgIDFromCLSID
IsAccelerator
CoCreateInstance
StringFromCLSID
CoUninitialize
OleSetMenuDescriptor
IsEqualGUID
CoTaskMemFree
CoGetClassObject
VariantCopy
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayPtrOfIndex
SysAllocStringLen
VariantCopyInd
VariantClear
GetActiveObject
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayRedim
GetErrorInfo
SysFreeString
SafeArrayPutElement
VariantInit
VariantChangeTypeEx
RedrawWindow
GetMessagePos
DrawStateA
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
ScrollWindowEx
SetMenuItemInfoA
CharUpperBuffA
WindowFromPoint
DrawIcon
GetMessageTime
SetActiveWindow
GetMenuItemID
GetCursorPos
ReleaseDC
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
CharLowerBuffA
SetScrollPos
InSendMessage
CallNextHookEx
GetKeyboardState
ClientToScreen
GetTopWindow
ShowCursor
EnumClipboardFormats
ScrollWindow
GetWindowTextA
GetKeyState
PtInRect
DrawEdge
GetParent
UpdateWindow
SetPropA
EqualRect
EnumWindows
DefMDIChildProcA
ShowWindow
SetClassLongA
GetPropA
GetMenuState
TranslateMDISysAccel
EnableWindow
SetWindowPlacement
PeekMessageA
ChildWindowFromPoint
IsCharAlphaA
TranslateMessage
IsWindowEnabled
GetWindow
ActivateKeyboardLayout
InsertMenuItemA
CreatePopupMenu
SystemParametersInfoA
GetIconInfo
LoadStringA
SetParent
SetClipboardData
CharLowerA
IsZoomed
GetWindowPlacement
GetKeyboardLayoutList
DrawMenuBar
IsIconic
RegisterClassA
GetMenuItemCount
GetWindowLongA
SetTimer
OemToCharA
GetActiveWindow
ShowOwnedPopups
FillRect
EnumThreadWindows
CharNextA
CreateMenu
GetUpdateRect
DestroyWindow
IsChild
IsDialogMessageA
SetFocus
CreateWindowExA
MapVirtualKeyA
SetCapture
BeginPaint
OffsetRect
GetScrollPos
KillTimer
RegisterWindowMessageA
DefWindowProcA
DrawFocusRect
MapWindowPoints
GetSystemMetrics
EnableMenuItem
SetScrollRange
GetWindowRect
InflateRect
PostMessageA
ReleaseCapture
GetScrollRange
SetWindowLongA
SetKeyboardState
RemovePropA
SetWindowTextA
ShowCaret
GetSubMenu
GetLastActivePopup
DrawIconEx
GetDCEx
ScreenToClient
InsertMenuA
LoadCursorA
LoadIconA
TrackPopupMenu
SetWindowsHookExA
GetMenuStringA
ValidateRect
GetKeyboardLayout
GetSystemMenu
GetDC
CheckMenuItem
SetForegroundWindow
OpenClipboard
EmptyClipboard
DrawTextA
IntersectRect
GetScrollInfo
HideCaret
GetCapture
WaitMessage
FindWindowA
MessageBeep
GetCaretPos
RemoveMenu
GetWindowThreadProcessId
ShowScrollBar
DrawFrameControl
UnhookWindowsHookEx
RegisterClipboardFormatA
CallWindowProcA
MessageBoxA
GetClassNameA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
LoadKeyboardLayoutA
GetSysColor
SetScrollInfo
GetMenuItemInfoA
IsCharAlphaNumericA
GetDoubleClickTime
DestroyIcon
GetKeyNameTextA
IsWindowVisible
GetDesktopWindow
GetClipboardData
WinHelpA
UnionRect
FrameRect
SetRect
DeleteMenu
InvalidateRect
DefFrameProcA
CreateIcon
IsRectEmpty
GetCursor
GetFocus
CloseClipboard
GetKeyboardType
SetMenu
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
mciSendCommandA
mciGetErrorStringA
sndPlaySoundA
EnumPrintersA
OpenPrinterA
DocumentPropertiesA
ClosePrinter
Number of PE resources by type
RT_BITMAP 38
RT_STRING 17
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_ICON 6
RT_RCDATA 4
RT_DIALOG 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 73
ENGLISH US 9
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
2.25

ImageVersion
0.0

FileVersionNumber
6.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
841216

EntryPoint
0xa7ab8

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6.0.0.0

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
6.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2001 Borland Software Corp.

MachineType
Intel 386 or later, and compatibles

CompanyName
Borland Software Corp.

CodeSize
683008

FileSubtype
0

ProductVersionNumber
6.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 c4b6b014e0b8daaa2ddbf48c05cd2099
SHA1 5cd2d1c17520f42dea7749ced3f261cbf6c0a296
SHA256 a3a8959b5505029b773fb2ad1c2dc7adf657b17199d5e77b6cc796327d4a1561
ssdeep
24576:rjp+Tj0c9rdyS8iSo5yNri/brQmBKYVsE/je6FUQRIMqBlQ8:g044cChiXsEajCY1

authentihash 8723bba343b8c31b94c169f57b61f2f69270f5fc8980c2afe51cfc30a769dc30
imphash 3eec04d39f98fc28b0d28dc0a79bd571
Tamaño del fichero 1.5 MB ( 1525248 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Borland Delphi 7 (89.1%)
InstallShield setup (5.7%)
Win32 Executable Delphi generic (1.9%)
Windows screen saver (1.7%)
Win32 Executable (generic) (0.6%)
Tags
bobsoft peexe

VirusTotal metadata
First submission 2017-01-23 08:06:55 UTC ( hace 2 meses )
Last submission 2017-01-24 17:40:29 UTC ( hace 2 meses )
Nombres 4a01302e8ecd626daa2069a2f0e01df373ef1b7a
mi.exe
KEYBASE_EXE (5)
KEYBASE
output.106613168.txt
c4b6b014e0b8daaa2ddbf48c05cd2099.exe
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Created processes
Terminated processes
Opened mutexes
Runtime DLLs
UDP communications