× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: 238f09007cb347e03fc12395dca3b031eb46ccc1d2a4e372af1379a39158732c
ファイル名: webpos.exe
検出率: 6 / 61
分析日時: 2017-04-21 12:28:30 UTC (3 ヶ月前) 最新を表示
ウイルス対策ソフト 結果 更新日
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9990 20170421
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170130
Endgame malicious (high confidence) 20170419
Sophos ML worm.win32.dorkbot.i 20170413
Qihoo-360 HEUR/QVM10.1.A190.Malware.Gen 20170421
Webroot W32.Trojan.Gen 20170421
Ad-Aware 20170421
AegisLab 20170421
AhnLab-V3 20170421
Alibaba 20170421
ALYac 20170421
Antiy-AVL 20170421
Arcabit 20170421
Avast 20170421
AVG 20170421
Avira (no cloud) 20170421
AVware 20170421
BitDefender 20170421
Bkav 20170421
CAT-QuickHeal 20170421
ClamAV 20170421
CMC 20170421
Comodo 20170421
Cyren 20170421
DrWeb 20170421
Emsisoft 20170421
ESET-NOD32 20170421
F-Prot 20170421
F-Secure 20170421
Fortinet 20170421
GData 20170421
Ikarus 20170421
Jiangmin 20170421
K7AntiVirus 20170421
K7GW 20170421
Kaspersky 20170421
Kingsoft 20170421
Malwarebytes 20170421
McAfee 20170421
McAfee-GW-Edition 20170421
Microsoft 20170421
eScan 20170421
NANO-Antivirus 20170421
nProtect 20170421
Palo Alto Networks (Known Signatures) 20170421
Panda 20170421
Rising None
SentinelOne (Static ML) 20170330
Sophos AV 20170421
SUPERAntiSpyware 20170421
Symantec 20170421
Symantec Mobile Insight 20170420
Tencent 20170421
TheHacker 20170420
TrendMicro 20170421
TrendMicro-HouseCall 20170421
Trustlook 20170421
VBA32 20170421
VIPRE 20170421
ViRobot 20170421
WhiteArmor 20170409
Yandex 20170420
Zillya 20170421
ZoneAlarm by Check Point 20170421
Zoner 20170421
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Jdsfiugh sdfiguh adsfgiouhsd fgisudhfg

File version 1, 15, 0, 0
Comments KJSDbigjbd sfojksd guiydsgf8ysdf gousdgsdf
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-04-20 22:46:08
Entry Point 0x0000126C
Number of sections 4
PE sections
PE imports
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
lstrlenA
GetModuleFileNameW
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
LoadLibraryA
RtlUnwind
GetModuleFileNameA
IsProcessorFeaturePresent
HeapSetInformation
GetCurrentProcess
GetStringTypeW
GetCurrentProcessId
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetStartupInfoW
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
EncodePointer
HeapSize
WideCharToMultiByte
LoadLibraryW
TlsFree
GetModuleHandleA
DeleteCriticalSection
SetUnhandledExceptionFilter
WriteFile
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
DecodePointer
GetModuleHandleW
HeapAlloc
TerminateProcess
IsValidCodePage
HeapCreate
TlsGetValue
Sleep
GetFileType
TlsSetValue
GetTickCount
GetCurrentThreadId
LeaveCriticalSection
SetLastError
InterlockedIncrement
Number of PE resources by type
RT_ICON 8
RT_BITMAP 5
RT_GROUP_CURSOR 1
RT_ACCELERATOR 1
RT_CURSOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 14
ENGLISH US 4
PE resources
ExifTool file metadata
SpecialBuild
4651

UninitializedDataSize
0

Comments
KJSDbigjbd sfojksd guiydsgf8ysdf gousdgsdf

InitializedDataSize
186368

ImageVersion
0.0

FileVersionNumber
1.15.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0037

CharacterSet
Unicode

LinkerVersion
10.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1, 15, 0, 0

TimeStamp
2017:04:20 23:46:08+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1, 15, 0, 0

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

LegalCopyright
Jdsfiugh sdfiguh adsfgiouhsd fgisudhfg

MachineType
Intel 386 or later, and compatibles

CodeSize
18432

FileSubtype
0

ProductVersionNumber
1.15.0.0

EntryPoint
0x126c

ObjectFileType
Unknown

File identification
MD5 27c4ea044dc69aab2e881915a4ae6b71
SHA1 2e7fbad41605b14c8249194e606f99a8c01f0e0d
SHA256 238f09007cb347e03fc12395dca3b031eb46ccc1d2a4e372af1379a39158732c
ssdeep
6144:sqwAlaXA9Smicd0s68AUbaxIBaVEiFSVQHWpN5rTlDmHxao9+DHddI0:sqwAQXjcisDKCagpN5rTlD

authentihash e4455033bf5f2975faaa9b630eb59fd77566e9b20ddbf7dbfe7433defe7c543e
imphash 811a267592c92fccca97572293ebbd3a
File size 196.0 KB ( 200704 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2017-04-21 12:28:30 UTC (3 ヶ月前)
Last submission 2017-04-21 12:28:30 UTC (3 ヶ月前)
ファイル名 webpos.exe
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Created processes
Opened mutexes
Runtime DLLs
UDP communications