× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 59ef30e01b06143a7e701999f66781d554103458db55c24d5abe1e88c533fbe5
Nom du fichier : lightWallet.exe
Ratio de détection : 3 / 57
Date d'analyse : 2015-01-23 23:31:15 UTC (il y a 3 ans, 10 mois)
Antivirus Résultat Mise à jour
Jiangmin Trojan/Rozena.dyn 20150123
K7GW DoS-Trojan ( 20036d9f1 ) 20150124
NANO-Antivirus Trojan.Win32.Agent.djebgp 20150123
Ad-Aware 20150123
AegisLab 20150123
Yandex 20150124
AhnLab-V3 20150123
Alibaba 20150120
ALYac 20150123
Antiy-AVL 20150123
Avast 20150123
AVG 20150123
Avira (no cloud) 20150124
AVware 20150123
Baidu-International 20150123
BitDefender 20150123
Bkav 20150123
ByteHero 20150124
CAT-QuickHeal 20150123
ClamAV 20150123
CMC 20150120
Comodo 20150124
Cyren 20150123
DrWeb 20150123
Emsisoft 20150123
ESET-NOD32 20150123
F-Prot 20150123
F-Secure 20150123
Fortinet 20150121
GData 20150123
Ikarus 20150123
K7AntiVirus 20150123
Kaspersky 20150124
Kingsoft 20150124
Malwarebytes 20150123
McAfee 20150123
McAfee-GW-Edition 20150123
Microsoft 20150123
eScan 20150123
Norman 20150123
nProtect 20150123
Panda 20150123
Qihoo-360 20150124
Rising 20150123
Sophos AV 20150123
SUPERAntiSpyware 20150123
Symantec 20150123
Tencent 20150124
TheHacker 20150123
TotalDefense 20150123
TrendMicro 20150123
TrendMicro-HouseCall 20150123
VBA32 20150123
VIPRE 20150123
ViRobot 20150123
Zillya 20150122
Zoner 20150123
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-03-23 22:26:54
Entry Point 0x0000B2F7
Number of sections 4
PE sections
PE imports
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
GetStringTypeA
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetOEMCP
GetEnvironmentVariableA
FindClose
InterlockedDecrement
SetLastError
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
RemoveDirectoryA
LoadLibraryExA
SetConsoleCtrlHandler
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetModuleHandleA
SetUnhandledExceptionFilter
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
SetConsoleTextAttribute
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
CreateDirectoryA
DeleteFileA
GetStartupInfoW
GetProcAddress
GetProcessHeap
CompareStringW
FindFirstFileA
CompareStringA
FindNextFileA
ExpandEnvironmentStringsA
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LCMapStringW
GetShortPathNameW
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GetModuleFileNameA
CreateProcessW
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentProcessId
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
WideCharToMultiByte
IsValidCodePage
HeapCreate
WriteFile
VirtualFree
Sleep
VirtualAlloc
Number of PE resources by type
RT_ICON 7
RT_GROUP_ICON 2
Number of PE resources by language
NEUTRAL 9
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

TimeStamp
2013:03:23 23:26:54+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
105472

LinkerVersion
9.0

FileAccessDate
2015:01:24 00:31:22+01:00

EntryPoint
0xb2f7

InitializedDataSize
104448

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

FileCreateDate
2015:01:24 00:31:22+01:00

UninitializedDataSize
0

File identification
MD5 6e9aa82cd7388aaf5e408d4a8adb883e
SHA1 68cc8699dec31f2f3fbd963012d0f631e8cf77f8
SHA256 59ef30e01b06143a7e701999f66781d554103458db55c24d5abe1e88c533fbe5
ssdeep
393216:7bqAwxVs91ti25gAc6QAXMx386vyqCYfI1d/c/s9llTls:7bqjsPs+vMq6/xI1dkU9lX

authentihash 4c475195b10412abb103c81a7518b0922a255a6152665f0d3e984ff2267cce95
imphash b87afca7a1175b7eb49b7c1eb6d58adf
File size 17.3 MB ( 18159631 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2015-01-23 23:31:15 UTC (il y a 3 ans, 10 mois)
Last submission 2015-01-23 23:31:15 UTC (il y a 3 ans, 10 mois)
Noms du fichier lightWallet.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Opened mutexes
Runtime DLLs