× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: a6069bfe3fae2420154d3e463a71a906ebefe0f5fa26204f4fce1f8da27484ac
Nombre: output.114468032.txt
Detecciones: 25 / 68
Fecha de análisis: 2018-11-15 20:33:04 UTC ( hace 6 meses, 1 semana ) Ver el más reciente
Antivirus Resultado Actualización
Ad-Aware Trojan.GenericKD.40757029 20181115
AegisLab Trojan.Win32.Generic.4!c 20181115
ALYac Trojan.GenericKD.40757029 20181115
Arcabit Trojan.Generic.D26DE725 20181115
Avast FileRepMalware 20181115
AVG FileRepMalware 20181115
Avira (no cloud) TR/AD.Ursnif.pxvkb 20181115
BitDefender Trojan.GenericKD.40757029 20181115
CrowdStrike Falcon (ML) malicious_confidence_90% (W) 20181022
Emsisoft Trojan.GenericKD.40757029 (B) 20181115
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Generik.NKPREOV 20181115
F-Secure Trojan.GenericKD.40757029 20181115
Fortinet W32/Generik.NKPREOV!tr 20181115
GData Trojan.GenericKD.40757029 20181115
Ikarus Trojan-Banker.Ramnit 20181115
Kaspersky Trojan-Spy.Win32.Ursnif.aeqo 20181115
McAfee RDN/Generic PWS.y 20181115
McAfee-GW-Edition BehavesLike.Win32.Ransomware.hh 20181115
Microsoft Trojan:Win32/Dynamer!rfn 20181115
eScan Trojan.GenericKD.40757029 20181115
Palo Alto Networks (Known Signatures) generic.ml 20181115
Panda Trj/CI.A 20181115
Symantec ML.Attribute.HighConfidence 20181115
ZoneAlarm by Check Point Trojan-Spy.Win32.Ursnif.aeqo 20181115
AhnLab-V3 20181115
Alibaba 20180921
Antiy-AVL 20181115
Avast-Mobile 20181115
Babable 20180918
Baidu 20181115
Bkav 20181115
CAT-QuickHeal 20181115
ClamAV 20181115
CMC 20181115
Cybereason 20180225
Cylance 20181115
Cyren 20181115
DrWeb 20181115
eGambit 20181115
F-Prot 20181115
Sophos ML 20181108
Jiangmin 20181115
K7AntiVirus 20181113
K7GW 20181115
Kingsoft 20181115
Malwarebytes 20181115
MAX 20181115
NANO-Antivirus 20181115
Qihoo-360 20181115
Rising 20181115
SentinelOne (Static ML) 20181011
Sophos AV 20181115
SUPERAntiSpyware 20181114
Symantec Mobile Insight 20181108
TACHYON 20181115
Tencent 20181115
TheHacker 20181113
TotalDefense 20181115
TrendMicro 20181115
TrendMicro-HouseCall 20181115
Trustlook 20181115
VBA32 20181115
VIPRE 20181115
ViRobot 20181115
Webroot 20181115
Yandex 20181115
Zillya 20181115
Zoner 20181115
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2016 All rights reserved. Max Programming, LLC

Product Parametercollection
Original name Parametercollection.exe
File version 7.8.8.2
Description Dla Aggregation Propounded Nothing
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-13 21:14:06
Entry Point 0x000407D0
Number of sections 4
PE sections
PE imports
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegQueryValueA
RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegSetValueExA
InitializeAcl
RegDeleteValueA
GetFileSecurityA
RegCreateKeyExA
SetFileSecurityA
RegEnumKeyA
RegCreateKeyA
GetLengthSid
CreateToolbarEx
GetTextMetricsW
SetMapMode
GetWindowOrgEx
GetNearestColor
GetTextMetricsA
CombineRgn
GetROP2
GetViewportOrgEx
EndDoc
IntersectClipRect
GetTextFaceA
CreateEllipticRgn
GetPolyFillMode
SetTextAlign
StretchDIBits
ScaleViewportExtEx
SetWindowExtEx
SetBkColor
GetBkColor
SetRectRgn
MoveToEx
GetEnhMetaFileA
GetDIBColorTable
GetClipBox
GetCurrentPositionEx
TextOutA
CreateFontIndirectA
CreateRectRgnIndirect
LPtoDP
GetPixel
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
BitBlt
GetObjectA
FillRgn
SetAbortProc
ScaleWindowExtEx
PtVisible
ExtSelectClipRgn
SetROP2
EndPage
GetTextColor
Escape
SetViewportExtEx
GetWindowExtEx
PatBlt
CreatePen
SetStretchBltMode
Rectangle
GetDeviceCaps
CreateDCA
LineTo
DeleteDC
GetMapMode
StartPage
GetCharWidthA
CreatePatternBrush
CreateBitmap
RectVisible
GetStockObject
GetBkMode
ExtTextOutA
SelectClipRgn
GetTextAlign
GetTextExtentPoint32A
GetEnhMetaFileHeader
SetWindowOrgEx
SelectObject
GetViewportExtEx
GetRgnBox
SaveDC
SetDCPenColor
RestoreDC
GetStretchBltMode
SetTextColor
CreateFontA
SetViewportOrgEx
CreateCompatibleDC
CreateRectRgn
DeleteObject
StartDocA
SetPolyFillMode
Ellipse
SetTextJustification
CreateSolidBrush
DPtoLP
AbortDoc
CreateCompatibleBitmap
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
GetFileAttributesA
PurgeComm
HeapDestroy
lstrcmpW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
GetCPInfo
lstrcmpiA
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
EnumResourceLanguagesA
HeapReAlloc
GetStringTypeW
GetFullPathNameA
FreeLibrary
LocalFree
MoveFileA
IsWow64Process
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
GetStringTypeExA
SetLastError
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetVersionExA
GetModuleFileNameA
GetVolumeInformationA
GetPrivateProfileStringA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
GetTapeParameters
GlobalAddAtomA
SetUnhandledExceptionFilter
ConvertDefaultLocale
MulDiv
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
VirtualQuery
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
FillConsoleOutputCharacterA
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
UnlockFile
FlushConsoleInputBuffer
GetFileSize
GlobalDeleteAtom
GetPrivateProfileIntA
DeleteFileA
GlobalLock
GetProcessHeap
CompareStringW
GlobalReAlloc
VirtualLock
lstrcmpA
FindFirstFileA
GetDiskFreeSpaceA
CompareStringA
GetTempFileNameA
DuplicateHandle
GetProcAddress
GlobalAlloc
GetTimeZoneInformation
GlobalFindAtomA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetNativeSystemInfo
GetLastError
LocalReAlloc
SystemTimeToFileTime
LCMapStringW
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GlobalGetAtomNameA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
GetShortPathNameA
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
SetFileTime
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
lstrcpynA
GetACP
GetVersion
FreeResource
SizeofResource
WideCharToMultiByte
IsValidCodePage
HeapCreate
GetTempPathW
VirtualFree
Sleep
FindResourceA
VirtualAlloc
OleCreateFontIndirect
VariantTimeToSystemTime
SysStringLen
SystemTimeToVariantTime
SysAllocStringLen
VariantChangeType
OleCreatePictureIndirect
SysAllocString
SafeArrayDestroy
VariantCopy
VariantClear
SysFreeString
SysAllocStringByteLen
VariantInit
CM_Unregister_Device_InterfaceA
CM_Set_HW_Prof_FlagsA
CM_Uninstall_DevNode
CM_Setup_DevNode
CM_Test_Range_Available
SHGetFileInfoA
ExtractIconA
DragFinish
DragQueryFileA
ShellExecuteA
Shell_NotifyIconA
PathFindFileNameA
PathRemoveFileSpecW
PathFindExtensionA
PathIsUNCA
PathStripToRootA
phoneGetStatusW
SetFocus
SetDlgItemTextA
GetForegroundWindow
SetWindowRgn
SetMenuItemBitmaps
SetRectEmpty
EnableScrollBar
DestroyMenu
PostQuitMessage
GetMessagePos
LoadBitmapA
SetWindowPos
GetNextDlgTabItem
IsWindow
DispatchMessageA
ClientToScreen
GrayStringA
WindowFromPoint
GetMessageTime
SetActiveWindow
GetMenuItemID
GetCursorPos
MapDialogRect
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
SetWindowContextHelpId
SetScrollPos
CallNextHookEx
LoadAcceleratorsA
GetWindowTextLengthA
CopyAcceleratorTableA
GetTopWindow
LockWindowUpdate
ScrollWindow
GetWindowTextA
InvalidateRgn
DestroyWindow
GetMessageA
GetParent
UpdateWindow
SetPropA
IsDlgButtonChecked
EqualRect
DefWindowProcA
GetClassInfoExA
ShowWindow
GetPropA
GetNextDlgGroupItem
GetMenuState
GetTabbedTextExtentA
EnableWindow
LoadImageA
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
InsertMenuItemA
GetIconInfo
SetParent
IsZoomed
GetWindowPlacement
IsIconic
RegisterClassA
GetMenuItemCount
TabbedTextOutA
GetSubMenu
CreateWindowExA
GetActiveWindow
ShowOwnedPopups
FillRect
CharNextA
DeferWindowPos
GetDialogBaseUnits
DialogBoxIndirectParamA
ReleaseDC
CreateMenu
PtInRect
IsChild
IsDialogMessageA
MapWindowPoints
ReleaseCapture
PostMessageA
BeginPaint
OffsetRect
GetScrollPos
KillTimer
RegisterWindowMessageA
CreatePopupMenu
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
SetScrollRange
GetWindowRect
InflateRect
SetCapture
DrawIcon
IntersectRect
SetWindowLongA
GetScrollInfo
RemovePropA
SetWindowTextA
CheckMenuItem
GetWindowLongA
GetLastActivePopup
SetTimer
GetDlgItem
GetMenuCheckMarkDimensions
CreateDialogParamA
BringWindowToTop
ScreenToClient
GetClassLongA
InsertMenuA
GetCapture
LoadCursorA
LoadIconA
TrackPopupMenu
SetWindowsHookExA
GetMenuItemInfoA
AttachThreadInput
GetDesktopWindow
GetSystemMenu
ReuseDDElParam
GetDC
SetForegroundWindow
PostThreadMessageA
EndPaint
DrawTextA
GetScrollRange
EndDialog
LoadMenuA
CopyRect
CreateDialogIndirectParamA
FindWindowA
MessageBeep
DrawTextExA
RemoveMenu
GetWindowThreadProcessId
GetSysColorBrush
BeginDeferWindowPos
AppendMenuA
DrawFrameControl
SetMenu
RegisterClipboardFormatA
MoveWindow
GetMenuStringA
CallWindowProcA
MessageBoxA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
DialogBoxParamA
GetSysColor
SetScrollInfo
GetKeyState
EndDeferWindowPos
SystemParametersInfoA
DestroyIcon
EnumDisplayMonitors
ShowScrollBar
UnpackDDElParam
GetDCEx
WinHelpA
SetRect
DeleteMenu
InvalidateRect
TranslateAcceleratorA
ValidateRect
IsRectEmpty
GetClassNameA
GetFocus
IsWindowVisible
ModifyMenuA
UnhookWindowsHookEx
SetCursor
OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA
WSAStartup
GetFileTitleA
GetSaveFileNameW
CreateStreamOnHGlobal
OleUninitialize
CoTaskMemFree
OleInitialize
CoRevokeClassObject
OleFlushClipboard
IsAccelerator
CLSIDFromString
OleTranslateAccelerator
OleCreateMenuDescriptor
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleDestroyMenuDescriptor
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
CLSIDFromProgID
CreateILockBytesOnHGlobal
CoGetClassObject
Number of PE resources by type
RT_STRING 2
BIN 1
RT_MANIFEST 1
TYPELIB 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 6
PE resources
ExifTool file metadata
LegalTrademarks
Copyright 2016 All rights reserved. Max Programming, LLC

UninitializedDataSize
0

InitializedDataSize
176128

ImageVersion
0.0

ProductName
Parametercollection

FileVersionNumber
7.8.8.2

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
Parametercollection.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
7.8.8.2

TimeStamp
2018:11:13 22:14:06+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
4.0

ProductVersion
7.8.8.2

FileDescription
Dla Aggregation Propounded Nothing

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 2016 All rights reserved. Max Programming, LLC

MachineType
Intel 386 or later, and compatibles

CompanyName
Max Programming, LLC

CodeSize
360448

FileSubtype
0

ProductVersionNumber
7.8.8.2

EntryPoint
0x407d0

ObjectFileType
Executable application

File identification
MD5 0a3bc604816cfb397c07ec6bb79ad77f
SHA1 3f57077ca9452c0e6ff0df1fa796917f031d582a
SHA256 a6069bfe3fae2420154d3e463a71a906ebefe0f5fa26204f4fce1f8da27484ac
ssdeep
12288:OdanO3S0psWMHtN+fJ/Nt3SsAe9JwfVWx:OsWMHtN+fTt3SsAkwO

authentihash a4b1d24110c98cfeed09e4b7518d1896c4fc00047d853def3190cb29978f24f7
imphash f4afe8dfe08857944e160160eaf669ca
Tamaño del fichero 528.0 KB ( 540672 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-14 00:52:41 UTC ( hace 6 meses, 1 semana )
Last submission 2018-11-14 00:52:41 UTC ( hace 6 meses, 1 semana )
Nombres output.114468032.txt
Parametercollection.exe
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Opened service managers
Opened services
Hooking activity
Runtime DLLs
Additional details
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.