× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: 099705ee87894a3b283248c9d30b2b5a798705ed1b6688484cd767191a7beb83
Nome do arquivo: ejzZTa8.exe
Taxa de detecção: 42 / 52
Data da análise: 2015-11-18 01:28:58 UTC ( 1 ano, 7 meses atrás )
Antivírus Resultado Atualização
Yandex Trojan.Battdil! 20151116
AhnLab-V3 Trojan/Win32.Upatre 20151116
ALYac Trojan.Agent.BLVH 20151117
Antiy-AVL Trojan/Win32.BTSGeneric 20151117
Arcabit Trojan.Agent.BLVH 20151118
Avast Win32:Malware-gen 20151117
AVG Ransomer.JQI 20151117
Avira (no cloud) TR/Dldr.Agent.456708 20151117
Baidu-International Trojan.Win32.Battdil.AK 20151117
BitDefender Trojan.Agent.BLVH 20151117
Bkav HW32.Packed.CFA4 20151117
CAT-QuickHeal TrjnDwnlder.Upatre.MUE.BC3 20151117
Comodo UnclassifiedMalware 20151117
Cyren W32/Trojan.QAJS-8367 20151117
DrWeb Trojan.Dyre.564 20151118
Emsisoft Trojan.Agent.BLVH (B) 20151117
ESET-NOD32 Win32/Battdil.AK 20151117
F-Secure Trojan.Agent.BLVH 20151117
Fortinet W32/Waski.F!tr 20151117
GData Trojan.Agent.BLVH 20151117
Ikarus Win32.Outbreak 20151117
Jiangmin TrojanDownloader.Upatre.aqzt 20151116
K7AntiVirus Trojan ( 004c9c7b1 ) 20151117
K7GW Trojan ( 004c9c7b1 ) 20151117
Kaspersky UDS:DangerousObject.Multi.Generic 20151117
Malwarebytes Trojan.Upatre 20151117
McAfee Upatre-FACE!F26FD37D2632 20151117
McAfee-GW-Edition BehavesLike.Win32.Miuref.gc 20151117
eScan Trojan.Agent.BLVH 20151117
NANO-Antivirus Trojan.Win32.Dyre.dvgnih 20151117
nProtect Trojan.Agent.BLVH 20151117
Panda Trj/Upatre.N 20151117
Qihoo-360 HEUR/QVM19.1.Malware.Gen 20151118
Sophos Troj/Upatre-LD 20151117
SUPERAntiSpyware Trojan.Agent/Gen-Malagent 20151117
Symantec Trojan.Gen.SMH 20151117
Tencent Win32.Trojan.Fakedoc.Auto 20151118
TrendMicro TROJ_UPATRE.SMX31 20151117
TrendMicro-HouseCall TROJ_UPATRE.SMX31 20151117
VIPRE Trojan.Win32.Generic!BT 20151117
ViRobot Trojan.Win32.U.Upatre.42500[h] 20151117
Zillya Trojan.Battdil.Win32.319 20151117
AegisLab 20151117
Alibaba 20151117
ByteHero 20151118
ClamAV 20151117
CMC 20151117
F-Prot 20151117
Rising 20151117
TheHacker 20151113
VBA32 20151117
Zoner 20151115
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-08-08 15:09:08
Entry Point 0x00001000
Number of sections 3
PE sections
Overlays
MD5 c9610eead53d158b3b5025c368ebd0d5
File type binary Computer Graphics Metafile
Offset 456704
Size 4
Entropy 2.00
PE imports
DeviceProblemTextA
DhcpDsGetAttribs
CMCreateProfile
CMCreateTransformExt
CMCreateProfileW
CMCreateTransform
TerminateThread
ReadFile
GetWindowsDirectoryA
GetTickCount
ReadConsoleW
CreateFileA
CryptCATCDFClose
CloseColorProfile
DMORegister
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2012:08:08 16:09:08+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
8192

LinkerVersion
3.1

EntryPoint
0x1000

InitializedDataSize
86016

SubsystemVersion
4.0

ImageVersion
4.0

OSVersion
4.1

UninitializedDataSize
438272

File identification
MD5 f26fd37d263289cb7ad002fec50922c7
SHA1 0689d308ebcc5a412cc681767659c0a93627ab51
SHA256 099705ee87894a3b283248c9d30b2b5a798705ed1b6688484cd767191a7beb83
ssdeep
12288:QnUBtPLR3mA2SoWNlW4VdEe+ypxDQmuH4n/sEU9g:AUBtjxmAIWbW2pxUm1nEEUK

authentihash a50a755fb5d3bf45ef5393f614f994e431849ba4c264d573a7acf6ebdb732d1b
imphash 1d445f35cd1144685c45e2f955c42c51
File size 446.0 KB ( 456708 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
Clipper DOS Executable (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-08-14 16:56:30 UTC ( 1 ano, 10 meses atrás )
Last submission 2015-11-18 01:28:58 UTC ( 1 ano, 7 meses atrás )
Nomes do arquivo HQINqGoEiVDnifg.exe
ejzZTa8.exe
MOOYuDlFfburcHr.exe
099705EE87894A3B283248C9D30B2B5A798705ED1B6688484CD767191A7BEB83.EXE
ejzZTa8.exe.2912.dr
Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files