× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 0930ae78bea3c6b10bbafeef20c032f08c133b3796eb0e0171e32eab460690c1
Nom du fichier : B856.tmp
Ratio de détection : 4 / 55
Date d'analyse : 2015-10-30 16:15:47 UTC (il y a 3 ans, 4 mois) Voir les derniers
Antivirus Résultat Mise à jour
AhnLab-V3 Trojan/Win32.Agent 20151030
Bkav HW32.Packed.A86A 20151029
Malwarebytes Trojan.Agent.UKED 20151030
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.lc 20151030
Ad-Aware 20151030
AegisLab 20151030
Yandex 20151029
Alibaba 20151030
ALYac 20151030
Antiy-AVL 20151030
Arcabit 20151030
Avast 20151030
AVG 20151030
Avira (no cloud) 20151030
AVware 20151030
Baidu-International 20151030
BitDefender 20151030
ByteHero 20151030
CAT-QuickHeal 20151030
ClamAV 20151030
CMC 20151029
Comodo 20151030
Cyren 20151030
DrWeb 20151030
Emsisoft 20151030
ESET-NOD32 20151030
F-Prot 20151030
F-Secure 20151030
Fortinet 20151030
GData 20151030
Ikarus 20151030
Jiangmin 20151030
K7AntiVirus 20151030
K7GW 20151030
Kaspersky 20151030
McAfee 20151030
Microsoft 20151030
eScan 20151030
NANO-Antivirus 20151030
nProtect 20151030
Panda 20151030
Qihoo-360 20151030
Rising 20151029
Sophos AV 20151030
SUPERAntiSpyware 20151030
Symantec 20151029
Tencent 20151030
TheHacker 20151028
TrendMicro 20151030
TrendMicro-HouseCall 20151030
VBA32 20151030
VIPRE 20151030
ViRobot 20151030
Zillya 20151029
Zoner 20151030
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(C) 2011

Product test
Original name test.EXE
Internal name test
File version 1, 0, 0, 1
Description test Microsoft
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-10-20 19:07:43
Entry Point 0x00001BDF
Number of sections 4
PE sections
Overlays
MD5 5a33ab000147f229ffc99a2735b34622
File type data
Offset 28672
Size 52738
Entropy 7.98
PE imports
GetStartupInfoA
GetModuleHandleA
GetModuleFileNameW
CreateFileW
ExitProcess
CompareStringA
Ord(1775)
Ord(4080)
Ord(537)
Ord(4710)
Ord(3597)
Ord(755)
Ord(3136)
Ord(554)
Ord(1842)
Ord(5237)
Ord(4303)
Ord(3350)
Ord(6375)
Ord(5119)
Ord(3798)
Ord(6052)
Ord(3259)
Ord(1665)
Ord(2446)
Ord(807)
Ord(4163)
Ord(6625)
Ord(3742)
Ord(815)
Ord(2723)
Ord(366)
Ord(922)
Ord(641)
Ord(2494)
Ord(796)
Ord(5277)
Ord(2514)
Ord(4425)
Ord(4353)
Ord(4441)
Ord(1134)
Ord(4465)
Ord(5300)
Ord(4627)
Ord(1168)
Ord(3738)
Ord(4853)
Ord(2982)
Ord(4234)
Ord(825)
Ord(3081)
Ord(5199)
Ord(5307)
Ord(4242)
Ord(567)
Ord(4424)
Ord(540)
Ord(4078)
Ord(3059)
Ord(2554)
Ord(5252)
Ord(6376)
Ord(5282)
Ord(2117)
Ord(1727)
Ord(823)
Ord(2725)
Ord(4998)
Ord(5981)
Ord(5472)
Ord(4436)
Ord(4457)
Ord(800)
Ord(3749)
Ord(2512)
Ord(470)
Ord(4427)
Ord(4274)
Ord(5261)
Ord(4079)
Ord(4467)
Ord(3147)
Ord(2124)
Ord(2621)
Ord(4077)
Ord(3262)
Ord(674)
Ord(975)
Ord(1576)
Ord(5290)
Ord(4407)
Ord(4275)
Ord(6117)
Ord(3346)
Ord(858)
Ord(2396)
Ord(3831)
Ord(5100)
Ord(6374)
Ord(5280)
Ord(3825)
Ord(2976)
Ord(1089)
Ord(2985)
Ord(3922)
Ord(4151)
Ord(2649)
Ord(6877)
Ord(4376)
Ord(2626)
Ord(1776)
Ord(818)
Ord(6000)
Ord(324)
Ord(3830)
Ord(5103)
Ord(2385)
Ord(1233)
Ord(4278)
Ord(2878)
Ord(3079)
Ord(2055)
Ord(2627)
Ord(4837)
Ord(5241)
Ord(5012)
Ord(2648)
Ord(5714)
Ord(5289)
Ord(3403)
Ord(4622)
Ord(561)
Ord(2390)
Ord(2879)
Ord(4486)
Ord(529)
Ord(4698)
Ord(5163)
Ord(6055)
Ord(5265)
Ord(5302)
Ord(5731)
_except_handler3
__p__fmode
strtol
__CxxFrameHandler
_acmdln
_exit
_adjust_fdiv
__setusermatherr
_setmbcp
__dllonexit
_onexit
_controlfp
exit
_XcptFilter
__getmainargs
_initterm
__p__commode
__set_app_type
EnableWindow
LoadCursorA
Number of PE resources by type
RT_STRING 10
RT_DIALOG 1
Struct(241) 1
RT_MENU 1
RT_ACCELERATOR 1
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
CHINESE SIMPLIFIED 16
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2015:10:20 19:07:43+00:00

FileType
Win32 EXE

PEType
PE32

CodeSize
4096

LinkerVersion
1.0

FileTypeExtension
exe

InitializedDataSize
20480

SubsystemVersion
4.0

EntryPoint
0x1bdf

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 0b3de2a8d838883e10a1d824d20fe95c
SHA1 1c398236e280a5d6713edd729485632006017a8f
SHA256 0930ae78bea3c6b10bbafeef20c032f08c133b3796eb0e0171e32eab460690c1
ssdeep
1536:cnQiaDlTC4T6m+VztMtJlTK6D4/mJl8KMWhCWcIKH5FMS:cnIG7VztMtfTK60/mJjMWh2IKH5P

authentihash c78a5d383dedfbbbf12dcfc2a79cb1d3e451fc5b1b55af56050caffc586ecff5
imphash 95985918fde3c0042e7ce366a6dcefab
File size 79.5 KB ( 81410 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.7%)
Win32 Executable (generic) (10.0%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-10-30 16:15:47 UTC (il y a 3 ans, 4 mois)
Last submission 2018-04-30 23:34:35 UTC (il y a 10 mois, 3 semaines)
Noms du fichier test.EXE
aLCGpsB3W.bmp
VirusShare_0b3de2a8d838883e10a1d824d20fe95c
test
B856.tmp
134744328
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !