× Cookies zijn uitgeschakeld! Voor een goede werking van deze website moeten cookies zijn ingeschakeld
SHA256: c046c7f364b42388bb392874129da555d9c688dced3ac1d6a1c6b01df29ea7a8
Bestandsnaam: MicTray64.exe
Detectieverhouding: 27 / 67
Datum van analyse: 2017-10-19 18:43:23 UTC (2 dagen, 8 uur geleden)
Virusscanner Resultaat Versie
Ad-Aware Application.KeyLogger.MicTray.A 20171019
Antiy-AVL RiskWare[Monitor]/Win64.MicTrayLog 20171019
Arcabit Application.KeyLogger.MicTray.A 20171019
Avira (no cloud) SPR/KeyLogger.U 20171019
BitDefender Application.KeyLogger.MicTray.A 20171019
CAT-QuickHeal Monitor.Win64 20171019
Comodo ApplicUnwnt 20171019
Cyren W64/Application.TEYT-3139 20171019
Emsisoft Application.KeyLogger.MicTray.A (B) 20171019
ESET-NOD32 Win64/KeyLogger.Conexant.A potentially unsafe 20171019
F-Secure Application.KeyLogger.MicTray 20171019
Fortinet Riskware/MicTrayLog 20171019
GData Win32.Riskware.Keylogger.U 20171019
Jiangmin Monitor.MicTrayLog.b 20171019
Kaspersky not-a-virus:Monitor.Win64.MicTrayLog.a 20171019
Malwarebytes RiskWare.MicTray 20171019
MAX malware (ai score=76) 20171019
McAfee Artemis!179F32A85C41 20171019
McAfee-GW-Edition Artemis!PUP 20171019
Microsoft MonitoringTool:Win32/MicTrayDebugger 20171019
eScan Application.KeyLogger.MicTray.A 20171019
NANO-Antivirus Trojan.Win64.KeyLogger.etqktu 20171019
Sophos AV Conexant MicTray Keylogger (PUA) 20171019
Symantec SecurityRisk.Mtray 20171019
TrendMicro PUA_ADKeylogger 20171019
TrendMicro-HouseCall PUA_ADKeylogger 20171019
ZoneAlarm by Check Point not-a-virus:Monitor.Win64.MicTrayLog.a 20171019
AegisLab 20171019
AhnLab-V3 20171019
Alibaba 20170911
ALYac 20171019
Avast 20171019
Avast-Mobile 20171019
AVG 20171019
AVware 20171019
Baidu 20171019
Bkav 20171019
ClamAV 20171019
CMC 20171018
CrowdStrike Falcon (ML) 20170804
Cylance 20171019
DrWeb 20171019
eGambit 20171019
Endgame 20171016
F-Prot 20171019
Ikarus 20171019
Sophos ML 20170914
K7AntiVirus 20171019
K7GW 20171019
Kingsoft 20171019
nProtect 20171019
Palo Alto Networks (Known Signatures) 20171019
Panda 20171019
Qihoo-360 20171019
Rising 20171019
SentinelOne (Static ML) 20171019
SUPERAntiSpyware 20171019
Symantec Mobile Insight 20171011
Tencent 20171019
TheHacker 20171017
TotalDefense 20171019
Trustlook 20171019
VBA32 20171019
VIPRE 20171019
ViRobot 20171019
Webroot 20171019
WhiteArmor 20171016
Yandex 20171018
Zillya 20171019
Zoner 20171019
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (C) 2014

File version 1.0.0.46
Description mic tray icon
Signature verification Signed file, verified signature
Signing date 9:58 AM 10/11/2016
Signers
[+] Conexant Systems, Inc.
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 6/8/2015
Valid to 12:59 AM 7/3/2017
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 505507C3221B63E658D197E75EAEE0D3BC100F6C
Serial number 71 95 4B E4 1C 9E AC FC C5 C8 3E 6B 14 76 1D B9
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine x64
Compilation timestamp 2016-10-11 08:56:13
Entry Point 0x0018ED6C
Number of sections 6
PE sections
Overlays
MD5 733cd463cd1d0fac716aea4aab160289
File type data
Offset 2751488
Size 7768
Entropy 7.39
PE imports
RegCreateKeyExW
RegEnumValueW
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegDeleteValueW
RegQueryInfoKeyW
GetUserNameW
RegEnumKeyExW
RegEnumKeyW
RegOpenKeyExW
RegNotifyChangeKeyValue
RegQueryValueExW
RegQueryValueW
RegOpenKeyW
GetTextMetricsW
SetMapMode
GetWindowOrgEx
GetPaletteEntries
CombineRgn
GetViewportOrgEx
GetObjectType
GetBoundsRect
SetLayout
SetPixel
DeleteObject
IntersectClipRect
OffsetWindowOrgEx
CreateEllipticRgn
GetTextFaceW
CreatePalette
CreateDIBitmap
SetTextAlign
StretchBlt
Escape
ScaleViewportExtEx
SetWindowExtEx
SetBkColor
GetBkColor
SetRectRgn
GetTextCharsetInfo
TextOutW
CreateFontIndirectW
OffsetRgn
CreateRectRgnIndirect
LPtoDP
GetPixel
GetLayout
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
EnumFontFamiliesW
PtInRegion
BitBlt
FillRgn
FrameRgn
SelectPalette
PtVisible
ExtSelectClipRgn
ScaleWindowExtEx
SetROP2
GetNearestPaletteIndex
SetDIBColorTable
GetTextColor
SetPixelV
SetViewportExtEx
GetWindowExtEx
PatBlt
CreatePen
GetClipBox
Rectangle
GetDeviceCaps
LineTo
DeleteDC
GetSystemPaletteEntries
GetObjectW
CreateDCW
RealizePalette
CreateHatchBrush
CreatePatternBrush
ExtTextOutW
SetPaletteEntries
CreateBitmap
RectVisible
GetStockObject
SelectClipRgn
RoundRect
SetWindowOrgEx
GetViewportExtEx
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
GetRgnBox
SaveDC
RestoreDC
CreateDIBSection
SetTextColor
ExtFloodFill
MoveToEx
EnumFontFamiliesExW
SetViewportOrgEx
CreateRoundRectRgn
CreateCompatibleDC
CreateRectRgn
SelectObject
SetPolyFillMode
CopyMetaFileW
CreateCompatibleBitmap
CreateSolidBrush
Polyline
DPtoLP
Ellipse
HidD_GetAttributes
HidP_GetCaps
HidD_FreePreparsedData
HidD_GetInputReport
HidD_GetPreparsedData
HidD_GetHidGuid
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
GetProfileIntW
GetStdHandle
ReleaseMutex
InterlockedPopEntrySList
GetOverlappedResult
DeactivateActCtx
WaitForSingleObject
SetEndOfFile
HeapAlloc
EncodePointer
GetFileAttributesW
lstrcmpW
VerifyVersionInfoW
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
LocalAlloc
UnhandledExceptionFilter
SetErrorMode
FreeEnvironmentStringsW
InitializeSListHead
FileTimeToSystemTime
GetLocaleInfoW
SetStdHandle
GetFileTime
GetCPInfo
WriteFile
GetTimeZoneInformation
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
FindActCtxSectionStringW
FreeLibrary
LocalFree
LocalSize
ResumeThread
InterlockedPushEntrySList
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
GetFullPathNameW
OutputDebugStringA
GetCurrentThread
SetLastError
GetUserDefaultUILanguage
DeviceIoControl
GlobalFindAtomW
OutputDebugStringW
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
lstrcmpiW
VerSetConditionMask
CreateActCtxW
SetThreadPriority
GetUserDefaultLCID
ActivateActCtx
RtlVirtualUnwind
EnumSystemLocalesW
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
FlushInstructionCache
GetPrivateProfileStringW
GlobalAddAtomW
CreateThread
GetSystemDirectoryW
GetSystemDefaultUILanguage
SetUnhandledExceptionFilter
CreateMutexW
MulDiv
IsProcessorFeaturePresent
ExitThread
DecodePointer
SetEnvironmentVariableA
TerminateProcess
SearchPathW
GetModuleHandleExW
VirtualQuery
ReadConsoleW
GetVersion
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
GlobalGetAtomNameW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
InitializeCriticalSectionEx
CopyFileW
GlobalSize
UnlockFile
RtlPcToFileHeader
GetWindowsDirectoryW
GetFileSize
GlobalDeleteAtom
FormatMessageW
GetStartupInfoW
SetEvent
DeleteFileW
GetProcAddress
GetPrivateProfileIntW
GetProcessHeap
GetTempFileNameW
CompareStringW
lstrcpyW
GetFileSizeEx
GlobalReAlloc
lstrcmpA
RtlLookupFunctionEntry
ResetEvent
FindFirstFileW
IsValidLocale
DuplicateHandle
WaitForMultipleObjects
RtlUnwindEx
GlobalAlloc
GetTempPathW
CreateEventW
CreateFileW
GetFileType
TlsSetValue
GetCurrentThreadId
LeaveCriticalSection
GetLastError
LocalReAlloc
LCMapStringW
GetSystemInfo
GlobalFree
GetConsoleCP
GetVolumeInformationW
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCommandLineW
HeapQueryInformation
WideCharToMultiByte
HeapSize
QueryActCtxW
CancelIo
WritePrivateProfileStringW
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
RtlCaptureContext
CloseHandle
GetACP
GlobalLock
GetModuleHandleW
FreeResource
GetFileAttributesExW
FindResourceExW
IsValidCodePage
FindResourceW
VirtualFree
Sleep
VirtualAlloc
TransparentBlt
AlphaBlend
AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject
VarUI4FromStr
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SystemTimeToVariantTime
SysAllocStringLen
VarBstrFromDate
VariantClear
SysAllocString
VariantCopy
LoadTypeLib
SysFreeString
VariantInit
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
DragQueryFileW
DragFinish
Shell_NotifyIconW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetFileInfoW
SHGetDesktopFolder
SHBrowseForFolderW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathFindExtensionW
StrFormatKBSizeW
PathStripToRootW
RedrawWindow
GetForegroundWindow
SetWindowRgn
UnregisterHotKey
SetMenuItemBitmaps
DestroyWindow
SetWindowLongPtrW
SetRectEmpty
EnableScrollBar
DestroyMenu
PostQuitMessage
GetMessagePos
DrawStateW
SetWindowPos
SetScrollPos
IsWindow
GrayStringW
ClientToScreen
WindowFromPoint
IntersectRect
GetMessageTime
SetMenuItemInfoW
SendMessageW
SetActiveWindow
DispatchMessageW
GetAsyncKeyState
MapDialogRect
LoadBitmapW
GetMenu
GetMenuStringW
UnregisterClassW
GetClientRect
DefMDIChildProcW
DrawTextW
GetNextDlgTabItem
CallNextHookEx
IsClipboardFormatAvailable
LoadImageW
TrackPopupMenu
GetTopWindow
CopyAcceleratorTableW
RegisterHotKey
OpenClipboard
GetWindowTextW
LockWindowUpdate
GetWindowTextLengthW
LoadAcceleratorsW
ScrollWindow
GetKeyState
MapVirtualKeyW
DrawEdge
GetParent
UpdateWindow
GetPropW
EqualRect
GetMenuState
MapVirtualKeyExW
GetMessageW
ShowWindow
DrawFrameControl
GetNextDlgGroupItem
SetPropW
EnumDisplayMonitors
GetCursorPos
PeekMessageW
TranslateMDISysAccel
InsertMenuItemW
SetWindowPlacement
CharUpperW
GetClassInfoW
EnumDisplaySettingsW
TranslateMessage
IsWindowEnabled
GetWindow
GetMenuDefaultItem
RegisterClassW
GetMenuItemID
GetIconInfo
SetParent
SetClipboardData
IsZoomed
GetWindowPlacement
DrawMenuBar
IsCharLowerW
EnableMenuItem
InvertRect
DrawFocusRect
CreateMenu
GetActiveWindow
IsDialogMessageW
FillRect
MonitorFromPoint
CreateAcceleratorTableW
GetSysColorBrush
RealChildWindowFromPoint
CreateWindowExW
TabbedTextOutW
EndPaint
GetUpdateRect
PtInRect
IsChild
MapWindowPoints
RegisterWindowMessageW
GetMonitorInfoW
ReleaseCapture
IsIconic
SetClassLongPtrW
GetWindowLongPtrW
BeginPaint
OffsetRect
SetFocus
GetScrollPos
CopyIcon
KillTimer
TrackMouseEvent
GetComboBoxInfo
TranslateAcceleratorW
GetClassInfoExW
ToUnicodeEx
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
SetMenuDefaultItem
SetCapture
DrawIcon
DrawTextExW
RegisterDeviceNotificationW
PostMessageW
InvalidateRect
CheckDlgButton
WaitMessage
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetLastActivePopup
DrawIconEx
CharUpperBuffW
SetWindowTextW
SetTimer
GetDlgItem
RemovePropW
BringWindowToTop
ScreenToClient
GetScrollInfo
GetKeyboardState
PostThreadMessageW
GetMenuItemCount
GetClassLongPtrW
DestroyAcceleratorTable
ValidateRect
ShowOwnedPopups
LoadCursorW
GetSystemMenu
ReuseDDElParam
GetDC
InsertMenuW
SetForegroundWindow
NotifyWinEvent
GetMenuItemInfoW
EmptyClipboard
CreateDialogIndirectParamW
ReleaseDC
GetScrollRange
SetLayeredWindowAttributes
EndDialog
HideCaret
GetKeyboardLayout
CopyRect
GetCapture
GetDlgCtrlID
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
DeferWindowPos
ShowScrollBar
MessageBoxW
DefFrameProcW
RegisterClassExW
SetMenu
LoadIconW
MoveWindow
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
RegisterClipboardFormatW
SetScrollInfo
CopyImage
EndDeferWindowPos
GetWindowRgn
UpdateLayeredWindow
GetDoubleClickTime
DestroyIcon
GetWindowLongW
BeginDeferWindowPos
WinHelpW
DefWindowProcW
GetDesktopWindow
SubtractRect
UnpackDDElParam
SetCursorPos
SystemParametersInfoW
UnionRect
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
GetKeyNameTextW
CharNextW
CallWindowProcW
GetClassNameW
ModifyMenuW
SetWindowsHookExW
UnregisterDeviceNotification
IsRectEmpty
IsMenu
GetFocus
EnableWindow
CloseClipboard
IsWindowVisible
SetCursor
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
IsAppThemed
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
DrawThemeText
OpenThemeData
DrawThemeParentBackground
CloseThemeData
DrawThemeBackground
GetThemeColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
PlaySoundW
timeGetTime
ClosePrinter
DocumentPropertiesW
OpenPrinterW
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipGetImagePalette
GdipDisposeImage
GdipBitmapUnlockBits
GdiplusStartup
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipGetImageWidth
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipGetImagePaletteSize
GdipDrawImageI
GdipDrawImageRectI
GdipSetInterpolationMode
GdipFree
GdipGetImageHeight
GdipCloneImage
GdipGetImageGraphicsContext
OleLockRunning
CoUninitialize
OleTranslateAccelerator
OleDestroyMenuDescriptor
DoDragDrop
StringFromGUID2
CreateStreamOnHGlobal
RevokeDragDrop
ReleaseStgMedium
CoCreateGuid
RegisterDragDrop
StringFromCLSID
OleGetClipboard
OleDuplicateData
CLSIDFromString
CoInitialize
CoLockObjectExternal
CoTaskMemRealloc
CoCreateInstance
CoInitializeEx
CoTaskMemAlloc
OleCreateMenuDescriptor
IsAccelerator
CoDisconnectObject
PropVariantClear
CoTaskMemFree
Number of PE resources by type
RT_CURSOR 16
RT_GROUP_CURSOR 15
RT_STRING 14
RT_DIALOG 3
RT_ICON 2
RT_BITMAP 2
RT_GROUP_ICON 2
RT_MANIFEST 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 49
CHINESE TRADITIONAL 5
ENGLISH EIRE 3
PE resources
ExifTool file metadata
SubsystemVersion
6.0

LinkerVersion
12.0

ImageVersion
0.0

FileVersionNumber
1.0.0.46

UninitializedDataSize
0

LanguageCode
Chinese (Traditional)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
999936

EntryPoint
0x18ed6c

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.46

TimeStamp
2016:10:11 09:56:13+01:00

FileType
Win64 EXE

PEType
PE32+

ProductVersion
1.0.0.46

FileDescription
mic tray icon

OSVersion
6.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright (C) 2014

MachineType
AMD AMD64

CompanyName
Conexant

CodeSize
1824768

FileSubtype
0

ProductVersionNumber
1.0.0.46

FileTypeExtension
exe

ObjectFileType
Unknown

File identification
MD5 179f32a85c41c36563bc3569e5aac9cf
SHA1 1ae10144feb21b3357fd2d661e3b23fc20c0bfcf
SHA256 c046c7f364b42388bb392874129da555d9c688dced3ac1d6a1c6b01df29ea7a8
ssdeep
49152:4qr0xolkoXalAqiuqoxxjvC3TS29VsOaN53x4l:TklpJcS29raJY

authentihash b44d8317cf1fe69b822317c34f88250ef402221c24caaffd81c83ca9cfc6efe8
imphash 209c6c7290756c2bfd96b39c9e506000
Bestandsgrootte 2.6 MB ( 2759256 bytes )
Bestandstype Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI) Mono/.Net assembly

TrID Win64 Executable (generic) (87.3%)
Generic Win/DOS Executable (6.3%)
DOS Executable Generic (6.3%)
Tags
64bits peexe assembly signed overlay

VirusTotal metadata
First submission 2017-01-05 19:50:48 UTC (9 maanden, 2 weken geleden)
Last submission 2017-10-10 09:49:18 UTC (1 week, 4 dagen geleden)
Bestandsnamen mictray64.exe
MicTray64.exe
mictray64.exe
nav62e4.tmp
MicTray64.exe
mictray64.exe
navf45b.tmp
nav6e89.tmp
navf9.tmp
nava4c6.tmp
nav20.tmp
nav1347.tmp
navdfae.tmp
MicTray64.exe
nava5a8.tmp
Geen reactie. Er heeft nog geen VirusTotal-communitylid gereageerd op dit item. Wees de eerste!

Laat een reactie achter...

?
Reactie plaatsen

U bent niet ingelogd. Alleen geregistreerde gebruikers kunnen reacties plaatsen. Log in en discussieer mee!

Geen stemmen. Er heeft nog niemand gestemd op dit item. U kunt de eerste zijn!