× Obsługa plików cookie w przeglądarce jest wyłączona! Ta strona wymaga włączonej obsługi plików cookie, aby działać poprawnie
SHA256: 7ad8026384a0e660f811b954fcde67a21747f92141c9996efba678bace1b07d7
Nazwa pliku: installer.exe
Współczynnik wykrycia: 0 / 55
Data analizy: 2016-01-06 16:11:37 UTC ( 1 rok, 11 miesięcy temu ) Zobacz najnowsze
Antywirus Wynik Uaktualnij
Ad-Aware 20160106
AegisLab 20160105
Yandex 20160105
AhnLab-V3 20160105
Alibaba 20160106
ALYac 20160106
Antiy-AVL 20160106
Arcabit 20160106
Avast 20160106
AVG 20160106
Avira (no cloud) 20160106
AVware 20160106
Baidu-International 20160105
BitDefender 20160106
Bkav 20160105
ByteHero 20160106
CAT-QuickHeal 20160105
ClamAV 20160105
CMC 20160104
Comodo 20160106
Cyren 20160106
DrWeb 20160106
Emsisoft 20160106
ESET-NOD32 20160106
F-Prot 20160106
F-Secure 20160106
Fortinet 20160106
GData 20160106
Ikarus 20160106
Jiangmin 20160105
K7AntiVirus 20160105
K7GW 20160106
Kaspersky 20160106
Malwarebytes 20160106
McAfee 20160106
McAfee-GW-Edition 20160106
Microsoft 20160106
eScan 20160106
NANO-Antivirus 20160106
nProtect 20160105
Panda 20160105
Qihoo-360 20160106
Rising 20160124
Sophos AV 20160106
SUPERAntiSpyware 20160106
Symantec 20160105
Tencent 20160106
TheHacker 20160103
TrendMicro 20160106
TrendMicro-HouseCall 20160106
VBA32 20160105
VIPRE 20160106
ViRobot 20160106
Zillya 20160106
Zoner 20160106
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Internal name ElfBot NG Installer
File version 1.0.0.0
Description ElfBot NG Installer
Comments ElfBot NG Installer
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Entry Point 0x002683D0
Number of sections 7
PE sections
Overlays
MD5 98895bf869a32f29fdb78de324195fe4
File type ASCII text
Offset 3211776
Size 19
Entropy 3.51
PE imports
ImageList_GetImageCount
ImageList_BeginDrag
ImageList_Destroy
ImageList_AddMasked
InitCommonControls
ImageList_Replace
ImageList_DragLeave
ImageList_Remove
ImageList_DragShowNolock
ImageList_DrawIndirect
ImageList_DragMove
ImageList_Create
ImageList_DrawEx
ImageList_EndDrag
ImageList_Copy
ImageList_DragEnter
ImageList_Add
ImageList_SetImageCount
GetOpenFileNameW
ChooseFontW
GetSaveFileNameW
GetOpenFileNameA
ChooseColorA
CommDlgExtendedError
GetSaveFileNameA
ChooseFontA
GetCharABCWidthsW
SetMapMode
GetWindowOrgEx
GetTextMetricsA
GetCharABCWidthsA
CombineRgn
GetROP2
GetViewportOrgEx
GetObjectType
GetTextExtentPointA
SetPixel
IntersectClipRect
CreateEllipticRgn
EqualRgn
CreateDIBitmap
GetDIBits
ExtCreateRegion
SetTextAlign
GetDCOrgEx
StretchBlt
StretchDIBits
Pie
SetWindowExtEx
Arc
SetViewportExtEx
ExtCreatePen
SetBkColor
GetBkColor
SetRectRgn
TextOutW
CreateFontIndirectW
OffsetRgn
CreateFontIndirectA
LPtoDP
GetBitmapBits
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
RectInRegion
PtInRegion
GetRegionData
BitBlt
EnumFontFamiliesA
GetObjectA
FillRgn
CreateBrushIndirect
SelectPalette
CreatePenIndirect
ExtSelectClipRgn
SetROP2
GetTextColor
DeleteObject
CreateCompatibleDC
GetWindowExtEx
PatBlt
CreatePen
GetClipBox
Rectangle
GetDeviceCaps
PaintRgn
LineTo
DeleteDC
GetMapMode
GetObjectW
RealizePalette
CreatePatternBrush
ExtTextOutW
CreateBitmap
RectVisible
GetStockObject
ExtTextOutA
SelectClipRgn
RoundRect
GetTextAlign
GetTextExtentPoint32A
SetWindowOrgEx
SelectObject
GetViewportExtEx
SetTextCharacterExtra
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
GetRgnBox
SaveDC
MaskBlt
GetRandomRgn
GetTextExtentExPointA
RestoreDC
GetPixel
GetTextExtentExPointW
CreateDIBSection
SetTextColor
ExtFloodFill
GetCurrentObject
MoveToEx
EnumFontFamiliesExW
SetViewportOrgEx
SetArcDirection
CreateRoundRectRgn
EnumFontFamiliesExA
SetStretchBltMode
PolyBezier
Chord
SetBrushOrgEx
CreateRectRgn
GetClipRgn
SetPolyFillMode
CreateCompatibleBitmap
CreateSolidBrush
Polyline
DPtoLP
Ellipse
SetThreadLocale
GetStdHandle
FileTimeToDosDateTime
GetConsoleOutputCP
GetFileAttributesA
SetEvent
FindFirstFileW
GetFileAttributesW
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetErrorMode
FindResourceExA
WideCharToMultiByte
WriteFile
WaitForSingleObject
EnumResourceLanguagesA
ResumeThread
SetFileAttributesA
GetExitCodeProcess
LocalFree
MoveFileA
GetThreadPriority
GetLogicalDriveStringsA
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
MoveFileW
SetFileAttributesW
SetLastError
PeekNamedPipe
SuspendThread
GetModuleFileNameW
TryEnterCriticalSection
HeapAlloc
GetModuleFileNameA
EnumCalendarInfoA
SetThreadPriority
GetUserDefaultLCID
MultiByteToWideChar
FormatMessageA
SetFilePointer
CreateThread
GetExitCodeThread
GlobalAddAtomA
SetUnhandledExceptionFilter
MulDiv
ExitThread
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
SetCurrentDirectoryA
CloseHandle
HeapFree
EnterCriticalSection
TerminateThread
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
GetSystemDirectoryA
GlobalSize
GetStartupInfoA
GetDateFormatA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
ReadProcessMemory
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CompareStringW
GlobalReAlloc
RemoveDirectoryW
FindNextFileW
EnumResourceNamesA
CompareStringA
FindNextFileA
GlobalLock
CreateFileW
CreateEventA
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
DosDateTimeToFileTime
GlobalDeleteAtom
GetEnvironmentStringsA
GetThreadLocale
GlobalUnlock
VirtualQuery
RemoveDirectoryA
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
GetCurrentDirectoryA
GetCommandLineA
EnumResourceTypesA
QueryPerformanceFrequency
GetModuleHandleA
ReadFile
FindFirstFileA
GetACP
FreeResource
VirtualFree
Sleep
FindResourceA
ResetEvent
OleUninitialize
CoUninitialize
CoInitialize
OleInitialize
CoCreateInstance
GetErrorInfo
CoTaskMemFree
VariantCopy
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayPtrOfIndex
SysAllocStringLen
SafeArrayUnaccessData
VariantClear
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayRedim
SysFreeString
SafeArrayPutElement
VariantInit
VariantChangeTypeEx
DragQueryFileW
DragFinish
DragAcceptFiles
SHGetSpecialFolderLocation
DragQueryFileA
SHGetPathFromIDListA
ShellExecuteA
RedrawWindow
GetForegroundWindow
SetWindowRgn
DrawTextW
DrawStateA
EnableScrollBar
DestroyMenu
PostQuitMessage
DrawStateW
LoadBitmapA
SetWindowPos
WindowFromDC
IsWindow
SetTimer
DispatchMessageA
EndPaint
ScrollWindowEx
GetWindowLongA
SetMenuItemInfoA
CharUpperBuffA
WindowFromPoint
CharUpperBuffW
SetMenuItemInfoW
SetActiveWindow
GetDC
GetCursorPos
ChildWindowFromPointEx
GetClassInfoA
GetMenu
UnregisterClassA
IsClipboardFormatAvailable
SendMessageA
UnregisterClassW
GetClassInfoW
SetCaretPos
CharLowerBuffA
CallNextHookEx
GetWindowTextLengthA
CharUpperA
GetTopWindow
OpenClipboard
GetWindowTextW
EnumClipboardFormats
LoadImageA
GetWindowTextLengthW
MsgWaitForMultipleObjects
GetActiveWindow
GetWindowTextA
InvalidateRgn
GetKeyState
DestroyWindow
DrawEdge
GetParent
UpdateWindow
SetPropA
CreateCaret
ShowWindow
GetCaretPos
DrawFrameControl
GetClipboardFormatNameA
PeekMessageW
EnableWindow
SetWindowPlacement
ShowWindowAsync
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
DestroyCaret
SetClipboardData
InsertMenuItemA
GetIconInfo
SetParent
RegisterClassW
ScrollWindow
GetSystemMetrics
IsZoomed
GetWindowPlacement
SetWindowLongW
DrawMenuBar
EnableMenuItem
RegisterClassA
TrackPopupMenuEx
GetSubMenu
EnumPropsA
CreateWindowExA
OemToCharA
ShowOwnedPopups
FillRect
EnumThreadWindows
GetSysColorBrush
CreateWindowExW
ReleaseDC
CreateMenu
CharToOemA
MapWindowPoints
SetCapture
BeginPaint
OffsetRect
DefWindowProcW
KillTimer
GetMenuItemInfoA
DefWindowProcA
GetClipboardData
CharLowerA
IsIconic
GetWindowRect
InflateRect
PostMessageA
ReleaseCapture
SetWindowLongA
PostMessageW
RemovePropA
CreatePopupMenu
ShowCaret
DrawFocusRect
SetWindowTextW
GetDCEx
GetDlgItem
BringWindowToTop
ClientToScreen
LoadCursorA
LoadIconA
CountClipboardFormats
GetMenuItemCount
GetDesktopWindow
GetSystemMenu
DispatchMessageW
SetForegroundWindow
SetFocus
GetMenuItemInfoW
EmptyClipboard
CharLowerBuffW
IntersectRect
GetScrollInfo
HideCaret
CreateIconIndirect
GetCapture
ScreenToClient
SetWindowTextA
MessageBeep
SetClassLongA
RemoveMenu
GetWindowThreadProcessId
ShowScrollBar
MessageBoxW
SendMessageW
GetPropA
SetMenu
RegisterClipboardFormatA
IsRectEmpty
MessageBoxA
IsMenu
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
SetScrollInfo
CopyImage
SystemParametersInfoA
SetSysColors
GetDoubleClickTime
DestroyIcon
GetWindowLongW
IsWindowVisible
SetCursorPos
FrameRect
SetRect
DeleteMenu
InvalidateRect
CallWindowProcW
DrawTextA
GetClientRect
CallWindowProcA
GetClassNameA
GetFocus
InsertMenuItemW
CloseClipboard
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Number of PE resources by type
RT_RCDATA 39
RT_GROUP_CURSOR 12
RT_CURSOR 12
RT_DIALOG 1
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 61
ENGLISH US 7
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
ElfBot NG Installer

InitializedDataSize
605532

ImageVersion
1.0

FileVersionNumber
1.0.0.0

UninitializedDataSize
102548

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
2.64

FileTypeExtension
exe

MIMEType
application/octet-stream

FileVersion
1.0.0.0

TimeStamp
0000:00:00 00:00:00

FileType
Win32 EXE

PEType
PE32

InternalName
ElfBot NG Installer

FileDescription
ElfBot NG Installer

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
EverByte

CodeSize
2520064

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0x2683d0

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 e5d20a517621898e7a672c3d993bfa1f
SHA1 74444b9a99498cf38d028619afb84cae43e35207
SHA256 7ad8026384a0e660f811b954fcde67a21747f92141c9996efba678bace1b07d7
ssdeep
49152:aHnW4sd63DYpwRI6h12rzSv7jrae5AYeX7JbVkc3Twpk73L3ciaATa+9usGXt:KW4szwRH12qvd5AtX7JlB77yMM

authentihash 98a9f4a5d83b27200e75137dd9528d74552e5a3b86147e6e3a2fef5daeea9b25
imphash 7f1a2aeede671e988deab956a585feda
File size 3.1 MB ( 3211795 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.1%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-01-06 16:11:37 UTC ( 1 rok, 11 miesięcy temu )
Last submission 2017-09-22 06:52:38 UTC ( 2 miesiące, 3 tygodnie temu )
Nazwy plików ElfBot NG Installer
installer do elf a.exe
installer.exe
Brak komentarzy. Żaden z członków społeczności VirusTotal nie skomentował tego. Bądź pierwszy, by to zrobić!

Skomentuj

?
Dodaj komentarz

Nie jesteś zalogowany. Tylko zarejestrowani użytkownicy mogą dodawać komentarze, zalogować się i mieć swój głos!

Brak ocen. Nikt jeszcze nie oddał swojego głosu, bądź pierwszy!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs
UDP communications