× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: 0e6e1c6de87b5a999439e5639a9aaf36429d4c99941c470caa117a6164e70ce9
Nome do arquivo: 60df479901080da8444d4793eb24e630
Taxa de detecção: 39 / 57
Data da análise: 2016-03-14 03:09:09 UTC ( 3 anos, 2 meses atrás ) Visualizar últimos
Antivírus Resultado Atualização
Ad-Aware Trojan.GenericKD.3087620 20160314
AhnLab-V3 Trojan/Win32.Dridex 20160313
ALYac Trojan.GenericKD.3087620 20160314
Antiy-AVL Trojan/Win32.Waldek 20160314
Arcabit Trojan.Generic.D2F1D04 20160314
Avast Win32:Malware-gen 20160314
AVG Generic37.AQGM 20160314
Avira (no cloud) TR/Dridex.Y.768898 20160313
AVware Trojan.Win32.Generic!BT 20160314
BitDefender Trojan.GenericKD.3087620 20160314
Comodo UnclassifiedMalware 20160314
Cyren W32/Trojan.ZQEU-0710 20160314
DrWeb Trojan.Dridex.351 20160314
Emsisoft Trojan.GenericKD.3087620 (B) 20160314
ESET-NOD32 Win32/Dridex.AA 20160313
F-Prot W32/Trojan3.TYE 20160314
F-Secure Trojan.GenericKD.3087620 20160314
Fortinet W32/Kryptik.EQMA!tr 20160314
GData Trojan.GenericKD.3087620 20160314
Jiangmin Backdoor.Cridex.aq 20160313
K7AntiVirus Trojan ( 004e00021 ) 20160313
K7GW Trojan ( 004e00021 ) 20160313
Kaspersky Backdoor.Win32.Cridex.dq 20160314
Malwarebytes Trojan.MalPack 20160314
McAfee Artemis!60DF47990108 20160314
McAfee-GW-Edition BehavesLike.Win32.BadFile.dh 20160313
Microsoft Backdoor:Win32/Drixed 20160314
eScan Trojan.GenericKD.3087620 20160314
NANO-Antivirus Trojan.Win32.Cridex.eaxnwd 20160314
nProtect Trojan.GenericKD.3087620 20160311
Panda Trj/CI.A 20160313
Qihoo-360 HEUR/QVM07.1.Malware.Gen 20160314
Rising PE:Malware.Generic/QRS!1.9E2D [F] 20160313
Sophos AV Mal/Generic-S 20160314
Symantec Trojan.Cridex 20160310
Tencent Win32.Trojan.Kryptik.Woqh 20160314
TrendMicro TROJ_GEN.R011C0DCB16 20160314
VIPRE Trojan.Win32.Generic!BT 20160314
Zillya Trojan.Kryptik.Win32.867123 20160313
AegisLab 20160314
Yandex 20160313
Alibaba 20160312
Baidu 20160310
Baidu-International 20160313
Bkav 20160312
ByteHero 20160314
CAT-QuickHeal 20160312
ClamAV 20160311
CMC 20160307
Ikarus 20160314
SUPERAntiSpyware 20160313
TheHacker 20160313
TotalDefense 20160314
TrendMicro-HouseCall 20160314
VBA32 20160313
ViRobot 20160314
Zoner 20160314
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-03-28 18:22:15
Entry Point 0x00034E66
Number of sections 4
PE sections
Overlays
MD5 d3d9446802a44259755d38e6d163e820
File type ASCII text
Offset 286720
Size 2
Entropy 1.00
PE imports
GetModuleHandleA
GetAtomNameW
GetErrorInfo
SetErrorInfo
ExtractIconA
SHQueryRecycleBinW
SHBrowseForFolderW
DragQueryFileW
SHChangeNotify
Shell_NotifyIconW
DragQueryFileA
SHBrowseForFolderA
ExtractIconW
SHFileOperationA
SHGetFileInfoA
ShellAboutA
SHInvokePrinterCommandW
DuplicateIcon
SHGetPathFromIDListW
SHInvokePrinterCommandA
SHGetFileInfoW
SHFileOperationW
SHGetPathFromIDListA
SHGetMalloc
SHLoadInProc
Ord(180)
DragAcceptFiles
SHGetDesktopFolder
SHGetSpecialFolderPathA
Ord(179)
ShellExecuteExA
SHFreeNameMappings
SHGetDataFromIDListW
DragFinish
ExtractIconExA
DoEnvironmentSubstA
ShellExecuteW
ExtractIconExW
SHGetSpecialFolderLocation
SHGetDataFromIDListA
ShellExecuteA
FtpPutFileW
PrintDlgA
GetFileTitleA
ReplaceTextA
FindTextA
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
PageSetupDlgA
GetOpenFileNameA
FindTextW
ReplaceTextW
PrintDlgW
GetSaveFileNameA
ChooseFontA
CoRegisterPSClsid
StgIsStorageILockBytes
HGLOBAL_UserFree
CoUnmarshalHresult
CoTaskMemAlloc
OleCreateFromData
OleTranslateAccelerator
MonikerCommonPrefixWith
StgOpenStorageEx
HMENU_UserUnmarshal
CoGetStdMarshalEx
CoMarshalHresult
PropStgNameToFmtId
CLIPFORMAT_UserSize
OleCreateLink
OleCreateLinkToFileEx
CLIPFORMAT_UserUnmarshal
OleRegGetUserType
OleCreateEx
OleCreateLinkToFile
CreateClassMoniker
STGMEDIUM_UserFree
CreateItemMoniker
CoRegisterClassObject
HACCEL_UserUnmarshal
ReleaseStgMedium
CoCreateGuid
SetConvertStg
CoLockObjectExternal
OleConvertOLESTREAMToIStorageEx
OleCreateFromFile
HPALETTE_UserSize
RevokeDragDrop
OleSave
CoGetPSClsid
ReadFmtUserTypeStg
CoCreateFreeThreadedMarshaler
CoIsOle1Class
CLSIDFromString
CreateStreamOnHGlobal
OleDoAutoConvert
StgCreatePropSetStg
StgCreateStorageEx
CoSuspendClassObjects
CoInitialize
HACCEL_UserMarshal
HBITMAP_UserFree
OleCreateStaticFromData
CreateFileMoniker
OleCreateLinkFromDataEx
HBITMAP_UserUnmarshal
OleMetafilePictFromIconAndLabel
HACCEL_UserFree
OleQueryLinkFromData
OleRegEnumFormatEtc
CreateDataAdviseHolder
HGLOBAL_UserSize
CoRevokeClassObject
HMENU_UserSize
GetRunningObjectTable
CoFreeLibrary
OleFlushClipboard
StgCreatePropStg
MonikerRelativePathTo
CoGetCurrentProcess
HPALETTE_UserUnmarshal
GetHGlobalFromStream
CoDosDateTimeToFileTime
OleIsRunning
OleConvertOLESTREAMToIStorage
CoGetMalloc
OleSetContainedObject
HPALETTE_UserMarshal
CoTaskMemFree
CreateGenericComposite
CoMarshalInterface
Number of PE resources by type
RT_ACCELERATOR 2
RT_MENU 2
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
CHINESE MACAU 6
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
7.1

ImageVersion
0.0

FileVersionNumber
0.136.101.244

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
176128

EntryPoint
0x34e66

OriginalFileName
Outshines.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2017

FileVersion
14, 12, 25, 161

TimeStamp
2007:03:28 19:22:15+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Manor

ProductVersion
246, 185, 250, 180

FileDescription
Grittiest

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Logiciels & Services Duhem, Paris, France

CodeSize
217088

FileSubtype
0

ProductVersionNumber
0.252.154.256

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 60df479901080da8444d4793eb24e630
SHA1 df51712cda94804b5f19fee253f990cfce3cd810
SHA256 0e6e1c6de87b5a999439e5639a9aaf36429d4c99941c470caa117a6164e70ce9
ssdeep
6144:lRgd87PJQGy373sHqxi0FCi4b+99QgjUjlYqwvGuimQi:ledv378HX0nog9tjUhmp

authentihash 03add00daf70ed1dafb84a866644a965c1e5590687159dd28a7ae2e87ba197b9
imphash 76bb2a6d41de1efc3e6454900989c16c
File size 280.0 KB ( 286722 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-03-14 03:09:09 UTC ( 3 anos, 2 meses atrás )
Last submission 2016-03-14 03:09:09 UTC ( 3 anos, 2 meses atrás )
Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications