× Obsługa plików cookie w przeglądarce jest wyłączona! Ta strona wymaga włączonej obsługi plików cookie, aby działać poprawnie
SHA256: 4a25b5892f06fead3839dde107aeb659c4cd630bb467b17a69c142c45a5def31
Nazwa pliku: DSC03928984_obraz.jpg.exe
Współczynnik wykrycia: 30 / 51
Data analizy: 2014-06-04 14:53:11 UTC ( 4 lata, 10 miesięcy temu ) Zobacz najnowsze
Antywirus Wynik Uaktualnij
Ad-Aware Trojan.GenericKD.1702276 20140604
AhnLab-V3 Trojan/Win32.Ransom 20140604
AntiVir TR/Crypt.ZPACK.26289 20140604
Antiy-AVL Trojan/Win32.Weelsof 20140604
Avast Win32:Trojan-gen 20140604
AVG SHeur4.BWLS 20140604
Baidu-International Trojan.Win32.Agent.40 20140604
BitDefender Trojan.GenericKD.1702276 20140604
Commtouch W32/Trojan.PEJM-0292 20140604
DrWeb Trojan.Hottrend.based 20140604
Emsisoft Trojan.GenericKD.1702276 (B) 20140604
ESET-NOD32 Win32/Tinba.AX 20140604
F-Secure Trojan.GenericKD.1702276 20140604
Fortinet W32/Inject.NMTA!tr 20140604
GData Trojan.GenericKD.1702276 20140604
Ikarus Trojan-Spy.Agent 20140604
K7AntiVirus Trojan ( 00498d2e1 ) 20140604
K7GW Trojan ( 00498d2e1 ) 20140604
Kaspersky Trojan.Win32.Inject.nmta 20140604
Malwarebytes Spyware.Zbot.ED 20140604
McAfee-GW-Edition Heuristic.LooksLike.Win32.Suspicious.J 20140603
Microsoft Trojan:Win32/Tinba.A 20140604
eScan Trojan.GenericKD.1702276 20140604
Panda Trj/CI.A 20140604
Qihoo-360 Malware.QVM19.Gen 20140604
Sophos AV Mal/Generic-S 20140604
Symantec Trojan.Zbot 20140604
Tencent Win32.Trojan.Inject.Dxnf 20140604
TrendMicro-HouseCall TROJ_GEN.F0D1H00F214 20140604
VIPRE Trojan.Win32.Generic!BT 20140604
AegisLab 20140604
Yandex 20140602
Bkav 20140604
ByteHero 20140604
CAT-QuickHeal 20140604
ClamAV 20140603
CMC 20140604
Comodo 20140604
F-Prot 20140604
Kingsoft 20140604
McAfee 20140604
NANO-Antivirus 20140604
Norman 20140604
nProtect 20140604
Rising 20140603
SUPERAntiSpyware 20140604
TheHacker 20140602
TotalDefense 20140604
TrendMicro 20140604
VBA32 20140604
ViRobot 20140604
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright ? 2014

Product MyPen
Original name MyPen.exe
Internal name MyPen
File version 1, 0, 0, 1
Description MyPen
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-04-30 15:32:47
Entry Point 0x00002766
Number of sections 4
PE sections
PE imports
CreateSolidBrush
CreatePen
Ord(1775)
Ord(4080)
Ord(4710)
Ord(2414)
Ord(3597)
Ord(1641)
Ord(2120)
Ord(3136)
Ord(4524)
Ord(554)
Ord(1842)
Ord(5237)
Ord(5577)
Ord(3350)
Ord(6375)
Ord(3626)
Ord(4589)
Ord(3798)
Ord(2621)
Ord(3259)
Ord(1665)
Ord(2446)
Ord(5214)
Ord(5301)
Ord(807)
Ord(4163)
Ord(4964)
Ord(6215)
Ord(6625)
Ord(4529)
Ord(4531)
Ord(815)
Ord(2723)
Ord(366)
Ord(641)
Ord(5788)
Ord(2494)
Ord(5277)
Ord(2514)
Ord(4953)
Ord(4425)
Ord(3454)
Ord(5199)
Ord(4441)
Ord(1134)
Ord(4465)
Ord(4108)
Ord(5300)
Ord(2379)
Ord(6175)
Ord(338)
Ord(4627)
Ord(1168)
Ord(3738)
Ord(4853)
Ord(2982)
Ord(617)
Ord(3172)
Ord(2859)
Ord(4526)
Ord(4234)
Ord(825)
Ord(3081)
Ord(5307)
Ord(796)
Ord(4823)
Ord(2390)
Ord(2542)
Ord(4424)
Ord(4273)
Ord(5260)
Ord(5076)
Ord(4078)
Ord(3059)
Ord(2554)
Ord(4376)
Ord(1945)
Ord(6376)
Ord(5282)
Ord(4614)
Ord(472)
Ord(2117)
Ord(1727)
Ord(823)
Ord(3573)
Ord(813)
Ord(2725)
Ord(4998)
Ord(5472)
Ord(4436)
Ord(4457)
Ord(3749)
Ord(2512)
Ord(4427)
Ord(4274)
Ord(5261)
Ord(4696)
Ord(4079)
Ord(4467)
Ord(3058)
Ord(5100)
Ord(3147)
Ord(2124)
Ord(4615)
Ord(1726)
Ord(4242)
Ord(4077)
Ord(6336)
Ord(4890)
Ord(3262)
Ord(5653)
Ord(674)
Ord(975)
Ord(1576)
Ord(5243)
Ord(4353)
Ord(3748)
Ord(5065)
Ord(5290)
Ord(4407)
Ord(4426)
Ord(6117)
Ord(3663)
Ord(3346)
Ord(4303)
Ord(3693)
Ord(2396)
Ord(4159)
Ord(3831)
Ord(520)
Ord(6374)
Ord(5280)
Ord(986)
Ord(4612)
Ord(4486)
Ord(2976)
Ord(2535)
Ord(1089)
Ord(3198)
Ord(2985)
Ord(4297)
Ord(3922)
Ord(5240)
Ord(6080)
Ord(4151)
Ord(2649)
Ord(6052)
Ord(5252)
Ord(2626)
Ord(1776)
Ord(6000)
Ord(4623)
Ord(324)
Ord(5265)
Ord(4238)
Ord(2510)
Ord(3830)
Ord(5103)
Ord(2385)
Ord(4613)
Ord(4349)
Ord(2878)
Ord(3079)
Ord(4899)
Ord(652)
Ord(4387)
Ord(4723)
Ord(4420)
Ord(2055)
Ord(2627)
Ord(4837)
Ord(5241)
Ord(289)
Ord(2399)
Ord(5012)
Ord(2648)
Ord(3065)
Ord(5714)
Ord(5289)
Ord(4545)
Ord(3403)
Ord(4622)
Ord(561)
Ord(1746)
Ord(4543)
Ord(4133)
Ord(4610)
Ord(4961)
Ord(2879)
Ord(3825)
Ord(560)
Ord(4341)
Ord(529)
Ord(4698)
Ord(613)
Ord(5163)
Ord(6055)
Ord(296)
Ord(4858)
Ord(4432)
Ord(5740)
Ord(5302)
Ord(1825)
Ord(5731)
_acmdln
__CxxFrameHandler
__dllonexit
_setmbcp
_onexit
exit
_XcptFilter
__getmainargs
_exit
fopen
FillRect
GetDC
Number of PE resources by type
Struct(15) 2
Struct(241) 2
RT_ICON 1
RT_MENU 1
RT_ACCELERATOR 1
RT_BITMAP 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
CHINESE SIMPLIFIED 6
NEUTRAL 4
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
69632

ImageVersion
0.0

ProductName
MyPen

FileVersionNumber
1.0.0.1

UninitializedDataSize
0

LanguageCode
Hungarian

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
MyPen.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1, 0, 0, 1

TimeStamp
2014:04:30 16:32:47+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MyPen

ProductVersion
1, 0, 0, 1

FileDescription
MyPen

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright ? 2014

MachineType
Intel 386 or later, and compatibles

CodeSize
8192

FileSubtype
0

ProductVersionNumber
1.0.0.1

EntryPoint
0x2766

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 11bb0ae647f12d5f1c93daf26d1d13c0
SHA1 6fe44ffb758e0508f484f56466d7872f13ace049
SHA256 4a25b5892f06fead3839dde107aeb659c4cd630bb467b17a69c142c45a5def31
ssdeep
1536:Y5TBU5hF4TC4SvdNH9lZHCmpvMadQf/CaU4/MKK9dJuLLrALW:YDwh+TC4INHndCmlMKQCa1AAnsLW

authentihash 1a1762fd54e48033a3c5e1ba1c89b5670951d8f12f559dbb94347662b6ce4d55
imphash 36efd2f4c2084ec8a594607f93985df1
File size 80.0 KB ( 81920 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.7%)
Win32 Executable (generic) (10.0%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
peexe

VirusTotal metadata
First submission 2014-06-02 10:35:19 UTC ( 4 lata, 10 miesięcy temu )
Last submission 2018-08-10 20:05:03 UTC ( 8 miesięcy, 2 tygodnie temu )
Nazwy plików alg.exe
DSC03928984_obraz.jpg.exe
help.exe
DSC03928984_obraz.jpg.exe
MyPen.exe
11bb0ae647f12d5f1c93daf26d1d13c0.virobj
file-7065750_exe
alg.exe
11bb0ae647f12d5f1c93daf26d1d13c0
help.exe
DSC03928984_obraz.jpg.exe
11BB0AE647F12D5F1C93DAF26D1D13C0
MyPen
virussign.com_11bb0ae647f12d5f1c93daf26d1d13c0.vir
dropper.exe
DSC03928984_obraz.jpg.exe
008132484
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Brak komentarzy. Żaden z członków społeczności VirusTotal nie skomentował tego. Bądź pierwszy, by to zrobić!

Skomentuj

?
Dodaj komentarz

Nie jesteś zalogowany. Tylko zarejestrowani użytkownicy mogą dodawać komentarze, zalogować się i mieć swój głos!

Brak ocen. Nikt jeszcze nie oddał swojego głosu, bądź pierwszy!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
DNS requests