× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 334261cfaaedfd30382aa7096fb783ab11d32159cb3e6fc3f7e777c80b858a52
Nom du fichier : winmgrcfg32
Ratio de détection : 50 / 69
Date d'analyse : 2019-02-15 05:29:56 UTC (il y a 1 semaine, 1 jour)
Antivirus Résultat Mise à jour
Ad-Aware Trojan.GenericKD.31500127 20190215
AhnLab-V3 Trojan/Win32.Dialer.C2917334 20190214
ALYac Trojan.Chapak.A 20190215
Antiy-AVL Trojan/Win32.AGeneric 20190215
Arcabit Trojan.Generic.D1E0A75F 20190214
Avast Win32:Trojan-gen 20190215
AVG Win32:Trojan-gen 20190215
Avira (no cloud) HEUR/AGEN.1038194 20190215
BitDefender Trojan.GenericKD.31500127 20190215
Bkav W32.KrwabwaE.Trojan 20190214
CAT-QuickHeal Trojan.Generic 20190214
ClamAV Win.Packed.Gandcrab-6841507-0 20190214
Comodo Malware@#3w14yo3pl2pid 20190215
CrowdStrike Falcon (ML) malicious_confidence_90% (W) 20181023
Cybereason malicious.cba8aa 20190109
Cylance Unsafe 20190215
DrWeb Trojan.Encoder.26913 20190215
Emsisoft Trojan.Miner (A) 20190215
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GOJJ 20190215
Fortinet W32/Generic.CVWG!tr 20190215
GData Trojan.GenericKD.31500127 20190215
Ikarus Trojan-Ransom.GandCrab 20190214
Jiangmin Trojan/Dialer.mou 20190215
K7AntiVirus Trojan ( 00543e471 ) 20190215
K7GW Trojan ( 00543e471 ) 20190215
Kaspersky HEUR:Trojan.Win32.Generic 20190215
Malwarebytes Trojan.MalPack.GS 20190215
McAfee Trojan-FPST!B82262BCBA8A 20190215
McAfee-GW-Edition BehavesLike.Win32.MultiDropper.th 20190215
Microsoft VirTool:Win32/CryptInject.YC!MTB 20190215
eScan Trojan.GenericKD.31500127 20190215
NANO-Antivirus Trojan.Win32.Kryptik.flvtjk 20190215
Palo Alto Networks (Known Signatures) generic.ml 20190215
Panda Trj/GdSda.A 20190214
Qihoo-360 HEUR/QVM10.2.628E.Malware.Gen 20190215
Rising Trojan.Generic!8.C3 (CLOUD) 20190215
SentinelOne (Static ML) static engine - malicious 20190203
Sophos AV Mal/Generic-S 20190215
Symantec Trojan Horse 20190215
Tencent Win32.Trojan.Inject.Auto 20190215
Trapmine malicious.high.ml.score 20190123
TrendMicro Trojan.Win32.GANDCRAB.AMI 20190215
TrendMicro-HouseCall Trojan.Win32.GANDCRAB.AMI 20190215
VBA32 BScope.Trojan.Chapak 20190214
ViRobot Trojan.Win32.Z.Highconfidence.1212416.A 20190215
Webroot W32.Trojan.Gen 20190215
Yandex Trojan.Agent!OIkys1tJMsw 20190215
Zillya Trojan.Generic.Win32.487186 20190214
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20190215
Acronis 20190213
AegisLab 20190215
Alibaba 20180921
Avast-Mobile 20190214
Babable 20180918
Baidu 20190215
CMC 20190214
Cyren 20190215
eGambit 20190215
F-Prot 20190215
F-Secure 20190215
Sophos ML 20181128
Kingsoft 20190215
MAX 20190215
SUPERAntiSpyware 20190213
Symantec Mobile Insight 20190207
TACHYON 20190215
TheHacker 20190212
TotalDefense 20190214
Trustlook 20190215
Zoner 20190215
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-09-14 08:15:39
Entry Point 0x0010A96D
Number of sections 7
PE sections
PE imports
GetNativeSystemInfo
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
FillConsoleOutputCharacterA
HeapDestroy
GetEnvironmentStringsW
DeleteCriticalSection
ExitProcess
SetProcessShutdownParameters
TlsAlloc
VirtualProtect
GetLocaleInfoW
LoadLibraryA
HeapSize
RtlUnwind
GetModuleFileNameA
FreeLibrary
HeapAlloc
HeapSetInformation
GetStartupInfoA
EnumSystemLocalesA
GetCurrentDirectoryW
GetLocaleInfoA
GetCurrentProcessId
AddAtomA
WideCharToMultiByte
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetStartupInfoW
GetFileInformationByHandle
IsDebuggerPresent
GetCommandLineA
GetUserDefaultLCID
AddAtomW
EncodePointer
GetCurrentThread
LeaveCriticalSection
RaiseException
GetCPInfo
GetModuleFileNameW
TlsFree
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetSystemTimeAdjustment
InterlockedExchange
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
IsProcessorFeaturePresent
IsValidLocale
GetACP
HeapReAlloc
DecodePointer
GetModuleHandleW
GetOEMCP
LocalFree
TerminateProcess
LoadLibraryW
QueryPerformanceCounter
IsValidCodePage
HeapCreate
GetStringTypeW
FatalAppExitA
TlsGetValue
Sleep
GetFileType
TlsSetValue
GetTickCount
GetCurrentThreadId
GetProcAddress
SetConsoleCtrlHandler
SetLastError
InterlockedIncrement
ValidateRect
PeekMessageA
Number of PE resources by type
RT_ICON 3
TUCO 1
Struct(241) 1
VUGELAVOMEJU 1
RT_STRING 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
SERBIAN DEFAULT 9
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
10.0

ImageVersion
0.0

FileVersionNumber
1.0.0.0

LanguageCode
Unknown (457A)

FileFlagsMask
0x004f

ImageFileCharacteristics
Executable, Large address aware, 32-bit

CharacterSet
Unknown (A56B)

InitializedDataSize
152576

EntryPoint
0x10a96d

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2018, kizaxewiregoha

FileVersion
4.4.4.55

TimeStamp
2017:09:14 10:15:39+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
hugik.exe

ProductVersion
4.4.4.55

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Unknown (0x40534)

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
1164800

FileSubtype
0

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 b82262bcba8aa1c99ddb3983fd084a7b
SHA1 7bc27b6d3bf5d4adfe6fa103184e578d6996b383
SHA256 334261cfaaedfd30382aa7096fb783ab11d32159cb3e6fc3f7e777c80b858a52
ssdeep
24576:U8s57P1ELWA1qDC/elQfH4IrmVc5YSngwIv5fK9UT5oY6Og:0T1GFSogDSuTGE

authentihash 6379f342c499d59dfc5cfe56978fa0a2b1e6a1b71ce1d75fdba87e22b61e8227
imphash 4efa7a05410365cf206b688c32fd50a9
File size 1.2 MB ( 1212416 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (40.0%)
Win64 Executable (generic) (35.4%)
Win32 Dynamic Link Library (generic) (8.4%)
Win32 Executable (generic) (5.7%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2019-01-07 10:39:44 UTC (il y a 1 mois, 2 semaines)
Last submission 2019-01-08 03:11:29 UTC (il y a 1 mois, 2 semaines)
Noms du fichier 2[1].exe
4211331531.exe
winmgrcfg32.exe
1424320951.exe
3479316768.exe
1393521963.exe
winmgrcfg32
1665713574.exe
2.exe
2556834471.exe
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Terminated processes
Created mutexes
Opened mutexes
Runtime DLLs