× Obsługa plików cookie w przeglądarce jest wyłączona! Ta strona wymaga włączonej obsługi plików cookie, aby działać poprawnie
SHA256: 4f36ba8f70dbfa599f6d37a6ff88a61cfb041e7d6ea7a77f764cc468b87e0a60
Nazwa pliku: STATEMNT-E_FF5039457304574230530914758303654534783458173204712-37...
Współczynnik wykrycia: 52 / 57
Data analizy: 2016-05-08 05:57:12 UTC ( 1 rok, 11 miesięcy temu )
Antywirus Wynik Uaktualnij
Ad-Aware Trojan.GenericKD.1491947 20160508
AegisLab Troj.W32.Gen.m0B4 20160508
AhnLab-V3 Spyware/Win32.Zbot 20160507
ALYac Trojan.GenericKD.1491947 20160507
Antiy-AVL Trojan/Win32.SGeneric 20160508
Arcabit Trojan.Generic.D16C3EB 20160508
Avast Win32:Agent-ASOL [Trj] 20160508
AVG Zbot.EVJ 20160508
Avira (no cloud) TR/Dldr.Small.berb 20160507
AVware Trojan.Win32.Fareit.if (v) 20160508
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160506
Baidu-International Adware.Win32.Agent.Elnx 20160507
BitDefender Trojan.GenericKD.1491947 20160508
CAT-QuickHeal TrojanPWS.Zbot.Gen 20160507
Comodo TrojWare.Win32.Injector.AUW 20160508
Cyren W32/Trojan.OWOE-4832 20160508
DrWeb Trojan.Packed.25410 20160508
Emsisoft Trojan.GenericKD.1491947 (B) 20160503
ESET-NOD32 Win32/PSW.Fareit.A 20160507
F-Prot W32/Trojan2.OARU 20160508
F-Secure Trojan.GenericKD.1491947 20160508
Fortinet W32/Injector.AUWY!tr 20160508
GData Trojan.GenericKD.1491947 20160508
Ikarus Trojan-Downloader.Agent 20160508
Jiangmin Backdoor/Androm.bvt 20160508
K7AntiVirus Riskware ( 0040eff71 ) 20160508
K7GW Riskware ( 0040eff71 ) 20160508
Kaspersky Trojan-PSW.Win32.Fareit.amzb 20160508
Malwarebytes Trojan.FakeBankDoc 20160507
McAfee PWS-Zbot.dx 20160508
McAfee-GW-Edition BehavesLike.Win32.ZBot.ch 20160508
Microsoft Trojan:Win32/Bagsu!rfn 20160508
eScan Trojan.GenericKD.1491947 20160508
NANO-Antivirus Trojan.Win32.Zbot.csnurd 20160508
nProtect Trojan-PWS/W32.Fareit.102400.B 20160504
Panda Trj/WLT.A 20160507
Qihoo-360 Win32/Trojan.PSW.9ca 20160508
Rising Trojan.Win32.Fareit.cu 20160508
Sophos AV Troj/DwnLdr-LGJ 20160508
SUPERAntiSpyware Trojan.Agent/Gen-CeeInject 20160508
Symantec Trojan.Zbot 20160508
Tencent Win32.Trojan-qqpass.Qqrob.Chp 20160508
TheHacker Trojan/Injector.auwy 20160507
TotalDefense Win32/Tnega.ESbMXI 20160508
TrendMicro TSPY_FAREIT.ABRL 20160508
TrendMicro-HouseCall TSPY_FAREIT.ABRL 20160508
VBA32 TrojanSpy.Zbot 20160505
VIPRE Trojan.Win32.Fareit.if (v) 20160508
ViRobot Dropper.Agent.102400.R[h] 20160508
Yandex Trojan.Injector!J99z3Y0lOVM 20160508
Zillya Trojan.Fareit.Win32.5377 20160507
Zoner Trojan.Fareit.A 20160508
Alibaba 20160506
Bkav 20160506
ClamAV 20160507
CMC 20160506
Kingsoft 20160508
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-01-06 09:49:41
Entry Point 0x00001FA0
Number of sections 5
PE sections
PE imports
GetModuleFileNameA
CreateFileW
Ord(3820)
Ord(4726)
Ord(4525)
Ord(5276)
Ord(2438)
Ord(5573)
Ord(4621)
Ord(1719)
Ord(4880)
Ord(527)
Ord(2980)
Ord(3386)
Ord(6371)
Ord(3907)
Ord(2486)
Ord(3394)
Ord(5237)
Ord(4891)
Ord(5208)
Ord(4073)
Ord(1089)
Ord(5996)
Ord(5278)
Ord(5006)
Ord(3733)
Ord(5736)
Ord(2244)
Ord(4934)
Ord(4523)
Ord(5247)
Ord(5727)
Ord(4362)
Ord(5303)
Ord(3744)
Ord(1822)
Ord(3449)
Ord(4616)
Ord(3167)
Ord(5298)
Ord(2873)
Ord(978)
Ord(3917)
Ord(4717)
Ord(2392)
Ord(1833)
Ord(4539)
Ord(6370)
Ord(815)
Ord(366)
Ord(3257)
Ord(2717)
Ord(5236)
Ord(4418)
Ord(6228)
Ord(2382)
Ord(2388)
Ord(5277)
Ord(5256)
Ord(6144)
Ord(6222)
Ord(6332)
Ord(4343)
Ord(2502)
Ord(6372)
Ord(3345)
Ord(4233)
Ord(1739)
Ord(4430)
Ord(3142)
Ord(3060)
Ord(3193)
Ord(5285)
Ord(4617)
Ord(2559)
Ord(6195)
Ord(4381)
Ord(338)
Ord(1724)
Ord(6264)
Ord(794)
Ord(4955)
Ord(561)
Ord(4526)
Ord(4234)
Ord(5473)
Ord(825)
Ord(4932)
Ord(4604)
Ord(5710)
Ord(641)
Ord(2390)
Ord(4146)
Ord(4401)
Ord(2242)
Ord(2874)
Ord(540)
Ord(6050)
Ord(3076)
Ord(2503)
Ord(1716)
Ord(4335)
Ord(4692)
Ord(4886)
Ord(1767)
Ord(384)
Ord(4831)
Ord(4480)
Ord(4229)
Ord(5055)
Ord(344)
Ord(823)
Ord(6267)
Ord(6048)
Ord(2047)
Ord(4537)
Ord(4954)
Ord(813)
Ord(2504)
Ord(5257)
Ord(800)
Ord(5157)
Ord(4852)
Ord(4298)
Ord(6051)
Ord(5261)
Ord(3074)
Ord(4334)
Ord(1934)
Ord(2613)
Ord(3592)
Ord(4609)
Ord(4884)
Ord(554)
Ord(3729)
Ord(324)
Ord(2619)
Ord(2575)
Ord(2977)
Ord(2116)
Ord(5233)
Ord(1718)
Ord(4714)
Ord(2641)
Ord(1834)
Ord(3053)
Ord(796)
Ord(4957)
Ord(674)
Ord(4527)
Ord(5070)
Ord(4236)
Ord(2746)
Ord(2618)
Ord(657)
Ord(4606)
Ord(3715)
Ord(6076)
Ord(2715)
Ord(4426)
Ord(3398)
Ord(784)
Ord(2535)
Ord(2560)
Ord(4414)
Ord(2410)
Ord(858)
Ord(4269)
Ord(4992)
Ord(5297)
Ord(4608)
Ord(4883)
Ord(5832)
Ord(4459)
Ord(4817)
Ord(686)
Ord(3476)
Ord(2377)
Ord(4893)
Ord(3825)
Ord(4419)
Ord(4074)
Ord(2857)
Ord(4397)
Ord(2640)
Ord(303)
Ord(2109)
Ord(3298)
Ord(4421)
Ord(6226)
Ord(807)
Ord(4520)
Ord(3254)
Ord(2506)
Ord(4947)
Ord(3341)
Ord(4237)
Ord(4434)
Ord(4451)
Ord(2421)
Ord(5193)
Ord(5273)
Ord(4582)
Ord(2878)
Ord(2534)
Ord(1817)
Ord(4347)
Ord(5248)
Ord(1658)
Ord(4623)
Ord(5249)
Ord(296)
Ord(2391)
Ord(5296)
Ord(4158)
Ord(4847)
Ord(1768)
Ord(4704)
Ord(3793)
Ord(5097)
Ord(3826)
Ord(3252)
Ord(2971)
Ord(5468)
Ord(1720)
Ord(4075)
Ord(652)
Ord(5255)
Ord(5094)
Ord(4420)
Ord(3220)
Ord(520)
Ord(4364)
Ord(4435)
Ord(1172)
Ord(4267)
Ord(4830)
Ord(4518)
Ord(6171)
Ord(2546)
Ord(4583)
Ord(3743)
Ord(6617)
Ord(2536)
Ord(986)
Ord(5813)
Ord(4239)
Ord(3054)
Ord(975)
Ord(6113)
Ord(4958)
Ord(3131)
Ord(4154)
Ord(364)
Ord(5059)
Ord(1841)
Ord(617)
Ord(6211)
Ord(4072)
Ord(4103)
Ord(529)
Ord(4370)
Ord(2083)
Ord(6220)
Ord(4607)
Ord(4341)
Ord(5649)
Ord(5239)
Ord(2251)
Ord(5847)
Ord(4885)
Ord(5286)
Ord(4690)
Ord(4580)
__CxxFrameHandler
malloc
fread
fseek
fclose
__dllonexit
_onexit
ftell
rewind
fopen
RedrawWindow
SetWindowLongW
SendMessageW
GetWindowRect
InflateRect
EnableWindow
UpdateWindow
GetWindowLongW
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2014:01:06 10:49:41+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
8192

LinkerVersion
6.0

FileTypeExtension
exe

InitializedDataSize
90112

SubsystemVersion
4.0

EntryPoint
0x1fa0

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 051dd6888c6c6611342965b7f11402f8
SHA1 50365a27c0a03113a6da6a29df52b52bd1adfd71
SHA256 4f36ba8f70dbfa599f6d37a6ff88a61cfb041e7d6ea7a77f764cc468b87e0a60
ssdeep
1536:mpa5J/LGBCimwO6IP2Fvn5K5UOiT1EPFyfLxnnutmqqfGVD90tpb:mc5lt1wdI4BTWt8VgmGVatpb

authentihash 9f60ebd3faa64982ed67d0c14f0feb96e91e7daa206453e04b6ee210414c5c3c
imphash 12a0954febc90a6e0d6e2102974ca2dc
File size 100.0 KB ( 102400 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe

VirusTotal metadata
First submission 2014-01-08 13:05:06 UTC ( 4 lata, 3 miesiące temu )
Last submission 2015-10-10 18:09:58 UTC ( 2 lata, 6 miesięcy temu )
Nazwy plików 051dd6888c6c6611342965b7f11402f8
bad.exe
Invoice-E_48F7B37FA8.pdf.exe
STATEMNT-E_FF5039457304574230530914758303654534783458173204712-37407658458674.pdf.exe_
ggg.exe
statemnt-e_ff5039457304574230530914758303654534783458173204712-37407658458674.pdf.exe
STATEMNT-E_.pdf.exe
007891589
4f36ba8f70dbfa599f6d37a6ff88a61cfb041e7d6ea7a77f764cc468b87e0a60.bin
STATEMNT-E_FF5039457304574230530914758303654534783458173204712-37407658458674.pdf.exe
f43bc61cf075a6379160e121243d4ed0fca2667c
c-b4dba-1261-1389186301
051dd6888c6c6611342965b7f11402f8.ex_
051dd6888c6c6611342965b7f11402f8.PE_
STATEMNT-E__pdf_exe
051dd6888c6c6611342965b7f11402f8.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
dll-injection

Brak komentarzy. Żaden z członków społeczności VirusTotal nie skomentował tego. Bądź pierwszy, by to zrobić!

Skomentuj

?
Dodaj komentarz

Nie jesteś zalogowany. Tylko zarejestrowani użytkownicy mogą dodawać komentarze, zalogować się i mieć swój głos!

Brak ocen. Nikt jeszcze nie oddał swojego głosu, bądź pierwszy!