× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: d236046486fa0f5af488f701fb826ac4775886938d881c3690c1757047988e7f
Nombre: all.exe
Detecciones: 31 / 48
Fecha de análisis: 2013-10-02 17:05:07 UTC ( hace 4 años, 9 meses ) Ver el más reciente
Antivirus Resultado Actualización
AntiVir TR/Sinowal.A.10 20131002
Antiy-AVL Backdoor/Win32.Sinowal.gen 20131002
Avast Win32:Malware-gen 20131002
AVG Crypt2.BFEK 20131002
Baidu-International Trojan.Win32.Kryptik.BKSH 20131002
BitDefender Gen:Variant.Graftor.114864 20131002
Bkav HW32.CDB.5c80 20131002
ByteHero Virus.Win32.Heur.i 20130925
Commtouch W32/Backdoor.APHR-4020 20131002
Comodo UnclassifiedMalware 20131002
Emsisoft Gen:Variant.Graftor.114864 (B) 20131002
ESET-NOD32 a variant of Win32/Kryptik.BLRA 20131002
F-Secure Gen:Variant.Graftor.114864 20131002
Fortinet W32/Kelihos.BC!tr 20131002
GData Gen:Variant.Graftor.114864 20131002
Ikarus Backdoor.Win32.Sinowal 20131002
K7AntiVirus Riskware 20131002
K7GW Riskware 20131002
Kaspersky Backdoor.Win32.Sinowal.urx 20131002
Kingsoft Win32.Hack.Sinowal.u.(kcloud) 20130829
McAfee Artemis!388A55FBEFE5 20131002
McAfee-GW-Edition Artemis!388A55FBEFE5 20131002
eScan Gen:Variant.Graftor.114864 20131002
Norman Kelihos.TLA 20131002
Panda Trj/Genetic.gen 20131002
Sophos AV Mal/Generic-S 20131002
Symantec WS.Reputation.1 20131002
TrendMicro TROJ_GEN.F0C2C00IS13 20131002
TrendMicro-HouseCall TROJ_GEN.R0CBB01IS13 20131002
VBA32 Backdoor.Sinowal 20131002
VIPRE Trojan.Win32.Waledac.r (v) 20131002
Yandex 20131002
AhnLab-V3 20131002
CAT-QuickHeal 20131001
ClamAV 20131002
DrWeb 20131002
F-Prot 20131002
Jiangmin 20130903
Malwarebytes 20131002
Microsoft 20131002
NANO-Antivirus 20131002
nProtect 20131002
PCTools 20131002
Rising 20130930
SUPERAntiSpyware 20131002
TheHacker 20131001
TotalDefense 20131001
ViRobot 20131002
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Publisher Microsoft Corporation
Product Microsoft® Windows® Operating System
Version 10.0.6000.16386
Original name padrs404.lib
Internal name padrs404.lib
File version 10.0.6000.16386 (vista_rtm.061101-2205)
Description Microsoft IME
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-07-07 21:31:21
Entry Point 0x00005467
Number of sections 4
PE sections
PE imports
RegCreateKeyExW
GetTokenInformation
RegDeleteValueW
RegOpenKeyA
RegCloseKey
OpenProcessToken
RegQueryValueExA
DuplicateToken
RegOpenKeyExW
RevertToSelf
OpenThreadToken
GetFileSecurityW
RegCreateKeyExA
GetLengthSid
RegQueryValueExW
DeviceIoControl
InitializeCriticalSectionAndSpinCount
FileTimeToDosDateTime
LCMapStringW
lstrlenA
GetFileAttributesA
DefineDosDeviceW
WaitForSingleObject
FreeLibrary
QueryPerformanceCounter
HeapAlloc
OutputDebugStringA
InterlockedExchange
GetFileAttributesW
lstrlenW
DeleteCriticalSection
GetCurrentProcess
EnterCriticalSection
GetWindowsDirectoryA
SetThreadPriority
GetFileSize
lstrcatA
UnhandledExceptionFilter
ProcessIdToSessionId
DeleteFileA
CreateFileA
GetVolumeInformationW
CreateDirectoryW
lstrcatW
InterlockedCompareExchange
GetCurrentThread
GetTempFileNameW
CompareStringW
lstrcpyW
SetEndOfFile
CreateThread
GetOverlappedResult
SetFilePointer
ReadFile
SetNamedPipeHandleState
GetModuleHandleA
SetUnhandledExceptionFilter
WriteFile
InterlockedIncrement
CreateMutexW
ResetEvent
GetSystemTimeAsFileTime
FindFirstFileW
TerminateProcess
DuplicateHandle
GetDiskFreeSpaceA
WaitForMultipleObjects
SetFileAttributesA
SetEvent
LocalFree
GetLastError
CreateEventW
InitializeCriticalSection
OutputDebugStringW
CreateFileW
GetEnvironmentVariableW
CreateEventA
FindClose
InterlockedDecrement
Sleep
MoveFileW
SetFileAttributesW
ReadFileEx
CloseHandle
GetTickCount
GetCurrentThreadId
GetProcessHeap
lstrcmpW
GetCurrentProcessId
SetLastError
LeaveCriticalSection
wsprintfA
wvsprintfA
GetMenu
DefWindowProcW
MsgWaitForMultipleObjects
SetThreadDesktop
__p__fmode
malloc
realloc
wcschr
wcstok
strncpy
_cexit
?terminate@@YAXXZ
puts
wcslen
exit
_XcptFilter
__setusermatherr
wcsncpy
__p__commode
sprintf
_amsg_exit
_adjust_fdiv
free
__getmainargs
_controlfp
memmove
wcscpy
wcsstr
_initterm
_exit
__set_app_type
Number of PE resources by type
RT_STRING 7
RT_DIALOG 3
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
CHINESE TRADITIONAL 12
PE resources
File identification
MD5 388a55fbefe5f639bdef2769a807ec01
SHA1 3f2b46c07032491ae906ec0fdf79c707d2fcdaa8
SHA256 d236046486fa0f5af488f701fb826ac4775886938d881c3690c1757047988e7f
ssdeep
3072:KVyMvQEPkoPaav5Gz133wXWCvTvFcogMYLOy9c61YF1kj9wB5hU2SWigxd9J5L:K1vQqv8333CLclnJYF26alWl5L

Tamaño del fichero 221.8 KB ( 227160 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2013-09-19 01:00:54 UTC ( hace 4 años, 10 meses )
Last submission 2013-10-02 17:05:07 UTC ( hace 4 años, 9 meses )
Nombres all.exe
padrs404.lib
aa
oEf1IcJ1.xlsm
tUoMlbswTm.bin
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!