× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: a6e259952a181a26a237f20293687fe365895f7a3cd8047675f09d49bd06851e
Nom du fichier : l3g33333.exe
Ratio de détection : 17 / 48
Date d'analyse : 2013-09-29 17:45:18 UTC (il y a 3 ans, 11 mois)
Antivirus Résultat Mise à jour
AhnLab-V3 Trojan/Win32.Fareit 20130929
AVG FakeAV_s.ANH 20130929
Emsisoft Gen:Variant.Graftor.116195 (B) 20130929
ESET-NOD32 Win32/AdWare.FakeAV.K 20130929
F-Secure Gen:Variant.Graftor.116195 20130929
Fortinet W32/Kryptik.BDPK!tr 20130929
GData Gen:Variant.Graftor.116195 20130929
Kingsoft Win32.Troj.Generic.a.(kcloud) 20130829
Malwarebytes Trojan.Agent.rfz 20130929
McAfee FakeAlert-FRG!96A8901B0FF0 20130929
McAfee-GW-Edition FakeAlert-FRG!96A8901B0FF0 20130928
Microsoft Rogue:Win32/Winwebsec 20130929
eScan Gen:Variant.Graftor.116195 20130929
Norman Urausy.RY 20130929
Sophos AV Troj/Zbot-GKZ 20130929
SUPERAntiSpyware Trojan.Agent/Gen-Winwebsec 20130929
VIPRE Trojan.Win32.Generic!BT 20130929
Yandex 20130929
AntiVir 20130929
Antiy-AVL 20130929
Avast 20130929
Baidu-International 20130929
BitDefender 20130929
Bkav 20130927
ByteHero 20130924
CAT-QuickHeal 20130929
ClamAV 20130929
Commtouch 20130929
Comodo 20130929
DrWeb 20130929
F-Prot 20130929
Ikarus 20130929
Jiangmin 20130903
K7AntiVirus 20130927
K7GW 20130927
Kaspersky 20130929
NANO-Antivirus 20130929
nProtect 20130929
Panda 20130929
PCTools 20130925
Rising 20130929
Symantec 20130929
TheHacker 20130929
TotalDefense 20130927
TrendMicro 20130929
TrendMicro-HouseCall 20130929
VBA32 20130927
ViRobot 20130929
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Publisher Ingenieursbureau Matrix B.V.
Signature verification Signed file, verified signature
Signing date 6:45 PM 9/29/2013
Signers
[+] Ingenieursbureau Matrix B.V.
Status Valid
Issuer None
Valid from 1:00 AM 10/24/2012
Valid to 12:59 AM 11/30/2013
Valid usage Code Signing
Algorithm SHA1
Thumbprint DB385F66E4FB78B879E5893AF8C57C4AC0610412
Serial number 62 1B F6 CB DE 0D 46 86 E2 82 4D BD E3 F3 BB 0A
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer None
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm SHA1
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer None
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm SHA1
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-04-18 11:23:51
Entry Point 0x00003A5C
Number of sections 4
PE sections
PE imports
GetFullPathNameA
SetConsoleTitleW
lstrlenA
GetNumberFormatA
FindNextVolumeW
GetCurrentProcess
GetModuleHandleA
GetModuleFileNameW
GetPrivateProfileIntA
CreateEventA
TlsGetValue
GetStartupInfoW
TlsAlloc
lstrcpynA
DeleteFileW
VirtualAlloc
SetCurrentDirectoryA
GetLocaleInfoW
??0CVssWriter@@QAE@XZ
VssFreeSnapshotProperties
??1CVssWriter@@UAE@XZ
IsVolumeSnapshotted
Number of PE resources by type
RT_ICON 3
RT_MANIFEST 1
RT_RCDATA 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 6
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2007:04:18 12:23:51+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
16112

LinkerVersion
7.56

EntryPoint
0x3a5c

InitializedDataSize
20480

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 96a8901b0ff0c49bbb7bf9b5221f1399
SHA1 1d84b52314fc8b0832a341ab48d0ab016cb35deb
SHA256 a6e259952a181a26a237f20293687fe365895f7a3cd8047675f09d49bd06851e
ssdeep
12288:G3Olr4MezCQl8f6GYzLIQqe1gvKg66HkCA5swcgj1pBJR:C9DT2f6G0Wu6HVA5swDT

File size 527.6 KB ( 540312 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.2%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe signed

VirusTotal metadata
First submission 2013-09-29 17:45:18 UTC (il y a 3 ans, 11 mois)
Last submission 2013-09-29 17:45:18 UTC (il y a 3 ans, 11 mois)
Noms du fichier l3g33333.exe
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !