× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 0b1c74ff08db0b26d79270f60bf15d0c4fced388354a163092f874e57b209900
Nom du fichier : malekal_fc4fb9bedb0c3f57d4eb824308ea15ab
Ratio de détection : 0 / 46
Date d'analyse : 2013-08-20 08:31:29 UTC (il y a 4 ans, 10 mois) Voir les derniers
Antivirus Résultat Mise à jour
Yandex 20130819
AhnLab-V3 20130820
AntiVir 20130820
Antiy-AVL 20130820
Avast 20130820
AVG 20130819
BitDefender 20130820
ByteHero 20130820
CAT-QuickHeal 20130819
ClamAV 20130820
Commtouch 20130820
Comodo 20130820
DrWeb 20130820
Emsisoft 20130820
ESET-NOD32 20130820
F-Prot 20130820
F-Secure 20130820
Fortinet 20130820
GData 20130820
Ikarus 20130820
Jiangmin 20130820
K7AntiVirus 20130819
K7GW 20130819
Kaspersky 20130820
Kingsoft 20130723
Malwarebytes 20130820
McAfee 20130820
McAfee-GW-Edition 20130819
Microsoft 20130820
eScan 20130820
NANO-Antivirus 20130820
Norman 20130820
nProtect 20130820
Panda 20130819
PCTools 20130820
Rising 20130820
Sophos AV 20130820
SUPERAntiSpyware 20130820
Symantec 20130820
TheHacker 20130820
TotalDefense 20130819
TrendMicro 20130820
TrendMicro-HouseCall 20130820
VBA32 20130820
VIPRE 20130820
ViRobot 20130820
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2007-2013 - DigitalWay Software Group

Product DDO Controller COM Server
Original name ddoctcomsrv
Internal name DDO CtrlComSrv
File version 2.3.1.1
Description DDO Controller COM Server
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-08-19 20:36:23
Entry Point 0x00004D5A
Number of sections 6
PE sections
PE imports
GdiFlush
GetLastError
InitializeCriticalSection
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
LoadLibraryW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
IsProcessorFeaturePresent
DeleteCriticalSection
GetCurrentProcess
EnumSystemLocalesA
GetStartupInfoW
GetFileType
GetConsoleMode
GetLocaleInfoA
GetCurrentProcessId
GetModuleHandleW
GetCPInfo
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetCommandLineA
GetUserDefaultLCID
EncodePointer
GetLocaleInfoW
SetStdHandle
RaiseException
WideCharToMultiByte
GetModuleFileNameW
TlsFree
SetFilePointer
HeapSetInformation
ReadFile
SetUnhandledExceptionFilter
WriteFile
DecodePointer
CloseHandle
GetSystemTimeAsFileTime
IsValidLocale
GetACP
HeapReAlloc
GetStringTypeW
GetProcAddress
GetProcessHeap
TerminateProcess
IsValidCodePage
HeapCreate
CreateFileW
InterlockedDecrement
Sleep
SetLastError
SetEndOfFile
TlsSetValue
CreateFileA
HeapAlloc
GetCurrentThreadId
LeaveCriticalSection
ExitProcess
WriteConsoleW
InterlockedIncrement
StrTrimA
GetCursorPos
GetWindowLongA
LoadCursorA
GetParent
GetWindowRect
EnableWindow
SendDlgItemMessageW
IsWindow
SetDlgItemInt
WindowFromPoint
GetClientRect
GetDlgItem
GetWindow
GetWindowTextA
GetWindowInfo
GetSysColor
SetDlgItemTextW
GetFileVersionInfoSizeA
VerQueryValueA
Number of PE resources by type
RT_ICON 3
RT_GROUP_ICON 3
RT_DIALOG 1
RT_MANIFEST 1
RT_STRING 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
RUSSIAN 6
ITALIAN 4
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
87040

ImageVersion
0.0

ProductName
DDO Controller COM Server

FileVersionNumber
2.3.1.1

LanguageCode
Unknown (000A)

FileFlagsMask
0x003f

FileDescription
DDO Controller COM Server

CharacterSet
Unicode

LinkerVersion
10.0

FileTypeExtension
exe

OriginalFileName
ddoctcomsrv

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
2.3.1.1

TimeStamp
2013:08:19 21:36:23+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
DDO CtrlComSrv

ProductVersion
2.3.1.1

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Windows NT 32-bit

LegalCopyright
Copyright (C) 2007-2013 - DigitalWay Software Group

MachineType
Intel 386 or later, and compatibles

CompanyName
DigitalWay Software Group

CodeSize
248832

FileSubtype
0

ProductVersionNumber
2.3.1.1

EntryPoint
0x4d5a

ObjectFileType
Executable application

File identification
MD5 fc4fb9bedb0c3f57d4eb824308ea15ab
SHA1 196fedf582cf051ebe24be6db6e5afc1434afefb
SHA256 0b1c74ff08db0b26d79270f60bf15d0c4fced388354a163092f874e57b209900
ssdeep
6144:nBho2MB33dqKx5tpqZsdkEvVbw2Bh5QxK8Qnt/zuIxaoZPPza:nc2MB33dB5tpJbPBhcK1nZuIxaMa

authentihash b4376a4f6b794a8e213b7ab924502609f6eecf2fda4cbdd01a1e7c3fbff9bfc7
imphash 6851c60c2294989ece79ce24bb3e06ed
File size 329.0 KB ( 336896 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe via-tor

VirusTotal metadata
First submission 2013-08-20 08:31:29 UTC (il y a 4 ans, 10 mois)
Last submission 2018-05-17 17:12:47 UTC (il y a 1 mois)
Noms du fichier XpW1c.ps1
vnSFvNKJv5.exe
fc4fb9bedb0c3f57d4eb824308ea15ab
aa
DDO CtrlComSrv
ddoctcomsrv
196FEDF582CF051EBE24BE6DB6E5AFC1434AFEFB.exe
malekal_fc4fb9bedb0c3f57d4eb824308ea15ab
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications