× کوکی ها غیر فعال هستند! لطفا برای کارکرد صحیح کوکی ها را فعال کنید
SHA256: 634b6279577da127935876ff45c0630639b4b40cf7826275edbe6a733ea64490
نام فایل: Taknimbuzz Add Flooder (no need ID).exe
نرخ کشف: 0 / 46
تاریخ تحلیل: 2013-08-05 07:01:03 UTC ( 5 سال، 9 ماه قبل ) آخرین نمایش
آنتی ویروس نتایج بروزرسانی
Yandex 20130804
AhnLab-V3 20130804
AntiVir 20130804
Antiy-AVL 20130802
Avast 20130805
AVG 20130804
BitDefender 20130805
ByteHero 20130724
CAT-QuickHeal 20130805
ClamAV 20130805
Commtouch 20130805
Comodo 20130805
DrWeb 20130805
Emsisoft 20130805
ESET-NOD32 20130804
F-Prot 20130805
F-Secure 20130805
Fortinet 20130805
GData 20130805
Ikarus 20130805
Jiangmin 20130805
K7AntiVirus 20130802
K7GW 20130802
Kaspersky 20130805
Kingsoft 20130723
Malwarebytes 20130805
McAfee 20130805
McAfee-GW-Edition 20130804
Microsoft 20130805
eScan 20130805
NANO-Antivirus 20130805
Norman 20130804
nProtect 20130805
Panda 20130804
PCTools 20130804
Rising 20130805
Sophos AV 20130805
SUPERAntiSpyware 20130804
Symantec 20130805
TheHacker 20130805
TotalDefense 20130804
TrendMicro 20130805
TrendMicro-HouseCall 20130805
VBA32 20130802
VIPRE 20130805
ViRobot 20130805
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2013 - Taknimbuzz TeaM

Product Project1
Original name Taknimbuzz Add Flooder (no need ID).exe
Internal name Taknimbuzz Add Flooder (no need ID)
File version 1.00
Comments by mahdi1375@n.c
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-09-12 19:19:17
Entry Point 0x0000135C
Number of sections 3
PE sections
PE imports
_adj_fdiv_m32
__vbaChkstk
Ord(712)
EVENT_SINK_Release
__vbaGenerateBoundsError
_allmul
__vbaStrMove
_adj_fdivr_m64
__vbaErase
_adj_fprem
EVENT_SINK_AddRef
_adj_fpatan
__vbaFreeObjList
__vbaInStr
_adj_fdiv_m32i
Ord(717)
Ord(600)
__vbaExceptHandler
__vbaFreeVarList
__vbaFPException
__vbaAryVar
__vbaStrVarMove
_adj_fdivr_m16i
__vbaUbound
__vbaCastObj
__vbaExitProc
Ord(100)
__vbaFreeVar
__vbaLbound
_adj_fdiv_r
_CItan
_adj_fdiv_m64
__vbaFreeObj
_CIsin
_CIsqrt
__vbaHresultCheckObj
Ord(711)
__vbaNew
__vbaAryLock
_CIcos
EVENT_SINK_QueryInterface
_adj_fptan
__vbaVarDup
__vbaI4Var
__vbaLateIdCall
__vbaAryUnlock
__vbaObjSet
_CIlog
_CIatan
__vbaI2I4
__vbaFreeStr
__vbaErrorOverflow
__vbaLateIdSt
__vbaLateIdCallLd
__vbaOnError
_adj_fdivr_m32i
__vbaAryDestruct
_CIexp
__vbaAryCopy
_adj_fprem1
_adj_fdivr_m32
__vbaStrCat
__vbaVar2Vec
__vbaFreeStrList
Ord(598)
_adj_fdiv_m16i
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 2
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
by mahdi1375@n.c

InitializedDataSize
16384

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

LinkerVersion
6.0

EntryPoint
0x135c

OriginalFileName
Taknimbuzz Add Flooder (no need ID).exe

MIMEType
application/octet-stream

LegalCopyright
2013 - Taknimbuzz TeaM

FileVersion
1.0

TimeStamp
2013:09:12 20:19:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Taknimbuzz Add Flooder (no need ID)

ProductVersion
1.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Taknimbuzz

CodeSize
28672

ProductName
Project1

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 2d69afc2214d6420c0349a3b4b19df7a
SHA1 c037a3a98e37bcd88c84b5d301f77530125cbd9e
SHA256 634b6279577da127935876ff45c0630639b4b40cf7826275edbe6a733ea64490
ssdeep
384:zJyzSv76B63sLLO2mmBd7xVRXsyp0YCO4nQ0E0S3faSv7:zczSjY6cX3mmB3VRcyCswQ06PaSj

authentihash a34fc1495c74a3c7f0ab3771bafb2f0f87aab432fd8bda8176d9ca6649d495b6
imphash 4631aed52902108c2845053876c99795
File size 48.0 KB ( 49152 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (68.2%)
Win64 Executable (generic) (22.9%)
Win32 Executable (generic) (3.7%)
OS/2 Executable (generic) (1.6%)
Generic Win/DOS Executable (1.6%)
Tags
peexe

VirusTotal metadata
First submission 2013-08-05 07:01:03 UTC ( 5 سال، 9 ماه قبل )
Last submission 2018-03-04 09:35:23 UTC ( 1 سال، 2 ماه قبل )
نام های فایل Taknimbuzz Add Flooder (no need ID)
Taknimbuzz Add Flooder (no need ID).exe
file-7141432_exe
TAKNIMBUZZ ADD FLOODER (NO NEED ID).EXE
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
بدون نظر. هیچ یک از اعضای انجمن ویروس توتال نظری در مورد این آیتم نداده است، بنابراین شما میتوانید اولین شخص باشید!

نظر بدهید...

?
ارسال نظر

شما هنوز وارد نشدید. تنها کاربران ثبت نام کرده می توانند نظر ارسال کنند، وارد شده و نظر بدهید.

بدون رای. هنوز شخصی برای این آیتم رای نداده است، شما اولین شخص باشید!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Hooking activity
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.