× Obsługa plików cookie w przeglądarce jest wyłączona! Ta strona wymaga włączonej obsługi plików cookie, aby działać poprawnie
SHA256: 43e28fefbd95e0663da1680bf4562f61e6bc567e29f19cfcd3428c837daa00b9
Nazwa pliku: 7988772.exe
Współczynnik wykrycia: 6 / 56
Data analizy: 2014-12-10 15:24:24 UTC ( 3 lata, 6 miesięcy temu ) Zobacz najnowsze
Antywirus Wynik Uaktualnij
Avast Win32:Malware-gen 20141210
Bkav W32.ATVC_OnsurotLTL.Trojan 20141210
Kaspersky UDS:DangerousObject.Multi.Generic 20141210
Malwarebytes Trojan.Agent.ED 20141210
Norman Rovnix.EK 20141210
Rising PE:Malware.Obscure!1.9C59 20141209
Ad-Aware 20141210
AegisLab 20141210
Yandex 20141210
AhnLab-V3 20141210
ALYac 20141210
Antiy-AVL 20141210
AVG 20141210
Avira (no cloud) 20141210
AVware 20141209
Baidu-International 20141210
BitDefender 20141210
ByteHero 20141210
CAT-QuickHeal 20141210
ClamAV 20141210
CMC 20141208
Comodo 20141210
Cyren 20141210
DrWeb 20141210
Emsisoft 20141210
ESET-NOD32 20141210
F-Prot 20141210
F-Secure 20141210
Fortinet 20141210
GData 20141210
Ikarus 20141210
Jiangmin 20141209
K7AntiVirus 20141210
K7GW 20141210
Kingsoft 20141210
McAfee 20141210
McAfee-GW-Edition 20141210
Microsoft 20141210
eScan 20141210
NANO-Antivirus 20141210
nProtect 20141210
Panda 20141210
Qihoo-360 20141210
Sophos AV 20141210
SUPERAntiSpyware 20141210
Symantec 20141210
Tencent 20141210
TheHacker 20141208
TotalDefense 20141210
TrendMicro 20141210
TrendMicro-HouseCall 20141210
VBA32 20141210
VIPRE 20141210
ViRobot 20141210
Zillya 20141210
Zoner 20141210
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1970-09-16 18:50:41
Entry Point 0x0000BCD5
Number of sections 6
PE sections
Overlays
MD5 aa48efd57f3c557a11884744dfe9d2cd
File type data
Offset 303362
Size 42284
Entropy 7.98
PE imports
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegSetValueExW
GetWindowExtEx
SetMapMode
TextOutW
PatBlt
SaveDC
LPtoDP
GetClipBox
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
IntersectClipRect
BitBlt
RealizePalette
SetTextColor
DPtoLP
ExtTextOutW
GetObjectW
CreateBitmap
RectVisible
GetStockObject
CreateDIBitmap
SetViewportOrgEx
ScaleWindowExtEx
SetBkColor
ExtTextOutA
PtVisible
GetTextExtentPointA
CreateCompatibleDC
GetBkColor
ScaleViewportExtEx
SelectObject
GetMapMode
SetWindowExtEx
GetTextColor
CreateSolidBrush
SetViewportExtEx
Escape
GetViewportExtEx
DeleteObject
GetStdHandle
FileTimeToSystemTime
WaitForSingleObject
HeapDestroy
GetFileAttributesW
lstrcmpW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
GetVolumeInformationW
SetErrorMode
FreeEnvironmentStringsW
lstrcatW
SetStdHandle
GetFileTime
GetCPInfo
lstrcmpiA
GetStringTypeA
GetProcessVersion
WriteFile
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
FormatMessageW
ResumeThread
GetEnvironmentVariableA
LoadResource
GlobalHandle
FindClose
TlsGetValue
GetFullPathNameW
GetCurrentThread
SetLastError
InitializeCriticalSection
GlobalFindAtomW
SuspendThread
GetModuleFileNameW
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
LoadLibraryA
SetThreadPriority
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
GlobalAddAtomW
CreateThread
GlobalAddAtomA
SetUnhandledExceptionFilter
MulDiv
ExitThread
SetEnvironmentVariableA
TerminateProcess
CreateSemaphoreW
VirtualQuery
CreateEventW
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetOEMCP
GetTickCount
IsBadWritePtr
TlsAlloc
GetVersionExA
lstrcmpiW
RtlUnwind
FreeLibrary
GetStartupInfoA
UnlockFile
GetFileSize
GlobalDeleteAtom
OpenProcess
GetModuleHandleW
GetStartupInfoW
WaitForMultipleObjects
CompareStringW
lstrcpyW
GlobalReAlloc
lstrcmpA
FindNextFileW
GetProfileStringA
CompareStringA
FindFirstFileW
DuplicateHandle
GetProcAddress
GlobalAlloc
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GetLastError
LocalReAlloc
LCMapStringW
lstrlenA
GlobalFree
LCMapStringA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentProcessId
LockResource
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
WritePrivateProfileStringW
lstrcpynW
RaiseException
ReleaseSemaphore
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
GetACP
GlobalLock
GetVersion
SizeofResource
HeapCreate
FindResourceW
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
VirtualAlloc
ResetEvent
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
VariantClear
SysAllocString
VariantCopy
SysFreeString
Ord(253)
GetModuleFileNameExW
SetFocus
GetMessagePos
SetMenuItemBitmaps
LoadBitmapW
DestroyMenu
PostQuitMessage
GetForegroundWindow
SetWindowPos
IsWindow
GrayStringW
ClientToScreen
GetMessageTime
SetActiveWindow
GetDC
GetCursorPos
MapDialogRect
GetDlgCtrlID
GetClassInfoA
GetMenu
ReleaseDC
SendMessageA
UnregisterClassW
GetClassInfoW
DrawTextW
GetNextDlgTabItem
CallNextHookEx
GetWindowTextLengthA
GetClientRect
GetActiveWindow
GetWindowTextW
CopyAcceleratorTableW
GetTopWindow
GetWindowTextA
GetMenuItemID
DestroyWindow
GetParent
UpdateWindow
SetPropA
GetPropW
GetMenuState
CreateCaret
ExcludeUpdateRgn
GetMessageW
ShowWindow
GetPropA
GetNextDlgGroupItem
SetPropW
GetDesktopWindow
PeekMessageW
EnableWindow
CharUpperW
GetMenuCheckMarkDimensions
TranslateMessage
IsWindowEnabled
GetWindow
RegisterClassW
GetWindowPlacement
LoadStringW
EnableMenuItem
GetWindowLongA
IsDialogMessageW
SetWindowContextHelpId
GetSysColorBrush
IsWindowUnicode
CreateWindowExW
TabbedTextOutW
GetWindowLongW
CharNextW
IsChild
MapWindowPoints
RegisterWindowMessageW
IsIconic
BeginPaint
OffsetRect
DefWindowProcW
CharNextA
DefWindowProcA
DrawFocusRect
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
DrawIcon
SetWindowLongA
SendDlgItemMessageW
PostMessageW
RemovePropA
CheckMenuItem
GetSubMenu
GetLastActivePopup
PtInRect
SetWindowTextW
GetDlgItem
RemovePropW
ScreenToClient
SetWindowsHookExA
PostThreadMessageW
GetMenuItemCount
ValidateRect
SetWindowsHookExW
LoadCursorW
LoadIconW
DispatchMessageW
SetForegroundWindow
EndPaint
CreateDialogIndirectParamW
DrawTextA
IntersectRect
EndDialog
HideCaret
CopyRect
GetCapture
MessageBeep
ShowCaret
MessageBoxW
SendMessageW
UnhookWindowsHookEx
MoveWindow
GetWindowDC
AdjustWindowRectEx
GetSysColor
RegisterClipboardFormatW
GetKeyState
IsWindowVisible
WinHelpW
SystemParametersInfoW
SetRect
InvalidateRect
CallWindowProcW
GetClassNameW
DefDlgProcA
ModifyMenuW
CallWindowProcA
GetClassNameA
GetFocus
wsprintfW
CloseClipboard
SetCursor
waveOutReset
waveInOpen
waveOutOpen
waveOutClose
waveInAddBuffer
waveInPrepareHeader
waveOutUnprepareHeader
waveInUnprepareHeader
mmioDescend
waveOutPrepareHeader
mmioAscend
waveInStop
waveInStart
waveOutWrite
mmioClose
mmioRead
waveInClose
waveInReset
mmioWrite
ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetFileTitleW
OleUninitialize
CLSIDFromString
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
OleFlushClipboard
CoGetClassObject
CLSIDFromProgID
CoRevokeClassObject
CoFreeUnusedLibraries
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CoTaskMemFree
CreateILockBytesOnHGlobal
OleInitialize
OleUIBusyW
Number of PE resources by type
RT_STRING 12
RT_DIALOG 4
RT_BITMAP 4
RT_CURSOR 2
RT_GROUP_CURSOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 23
CHINESE SIMPLIFIED 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
1970:09:16 19:50:41+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
1543659520

LinkerVersion
6.0

EntryPoint
0xbcd5

InitializedDataSize
122896

SubsystemVersion
4.514

ImageVersion
0.0

OSVersion
1.257

UninitializedDataSize
0

PCAP parents
File identification
MD5 c045f9e399f3cfb0bfc513e99caa7a81
SHA1 bcc19014f8a75a2ff9792d3de9e718a7c561b21e
SHA256 43e28fefbd95e0663da1680bf4562f61e6bc567e29f19cfcd3428c837daa00b9
ssdeep
6144:tgzf1mQVX1Vah/uH9TJw8LAdu4Su0dLqVZxH9CMLAh1qk6KJk0078R:Or1mG3ah/uBJw8Ac8fHvLA3qpIOIR

authentihash 4236d430dcc7e36dbf61dbbaa711798efaa1a40037e40c587f4a90688c2c5e38
imphash 31e88bfb08dc1efd26690d8b1a73bd8b
File size 337.5 KB ( 345646 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
corrupt peexe overlay

VirusTotal metadata
First submission 2014-12-10 15:24:24 UTC ( 3 lata, 6 miesięcy temu )
Last submission 2014-12-10 20:47:00 UTC ( 3 lata, 6 miesięcy temu )
Nazwy plików 6138.jpg
7858.exe
35604159.exe
7988772.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Brak komentarzy. Żaden z członków społeczności VirusTotal nie skomentował tego. Bądź pierwszy, by to zrobić!

Skomentuj

?
Dodaj komentarz

Nie jesteś zalogowany. Tylko zarejestrowani użytkownicy mogą dodawać komentarze, zalogować się i mieć swój głos!

Brak ocen. Nikt jeszcze nie oddał swojego głosu, bądź pierwszy!