× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: 231b7a04ab898dc3b1595311d409caafc423b1aa23910f19df402abe627e8434
Nome do arquivo: iscsmcbu.exe
Taxa de detecção: 11 / 60
Data da análise: 2017-04-27 13:23:40 UTC ( 3 semanas, 6 dias atrás ) Visualizar últimos
Antivírus Resultado Atualização
AegisLab Ml.Attribute.Gen!c 20170427
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20170427
CrowdStrike Falcon (ML) malicious_confidence_64% (W) 20170130
Endgame malicious (high confidence) 20170419
Invincea virus.win32.sality.at 20170413
Kaspersky UDS:DangerousObject.Multi.Generic 20170427
Palo Alto Networks (Known Signatures) generic.ml 20170427
Symantec Trojan.Gen.8!cloud 20170427
VBA32 Malware-Cryptor.Limpopo 20170427
Webroot W32.Trojan.Gen 20170427
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20170427
Ad-Aware 20170427
AhnLab-V3 20170427
Alibaba 20170427
ALYac 20170427
Antiy-AVL 20170427
Arcabit 20170427
Avast 20170427
AVG 20170427
Avira (no cloud) 20170427
AVware 20170427
BitDefender 20170427
CAT-QuickHeal 20170426
ClamAV 20170427
CMC 20170427
Comodo 20170427
Cyren 20170427
DrWeb 20170427
Emsisoft 20170427
ESET-NOD32 20170427
F-Prot 20170427
F-Secure 20170427
Fortinet 20170427
GData 20170427
Ikarus 20170427
Jiangmin 20170427
K7AntiVirus 20170427
K7GW 20170426
Kingsoft 20170427
Malwarebytes 20170427
McAfee 20170427
McAfee-GW-Edition 20170427
Microsoft 20170427
eScan 20170427
NANO-Antivirus 20170427
nProtect 20170427
Panda 20170426
Qihoo-360 20170427
Rising None
SentinelOne (Static ML) 20170330
Sophos 20170427
SUPERAntiSpyware 20170427
Symantec Mobile Insight 20170427
Tencent 20170427
TheHacker 20170424
TrendMicro 20170427
TrendMicro-HouseCall 20170427
Trustlook 20170427
VIPRE 20170427
ViRobot 20170427
WhiteArmor 20170409
Yandex 20170426
Zillya 20170426
Zoner 20170427
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
ManiacTools (c). All rights reserved.

Product TurnpikeAttendant
Original name TurnpikeAttendant
Internal name TurnpikeAttendant
File version 4.6.26.8
Description Coaching Instances Megaflops Wap Love Technet
Comments Coaching Instances Megaflops Wap Love Technet
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-04-27 09:13:50
Entry Point 0x0000BBE7
Number of sections 4
PE sections
PE imports
CreateHalftonePalette
TextOutA
CreateFontIndirectA
GetTextMetricsA
CreateRectRgnIndirect
CombineRgn
GetPixel
GetGlyphOutlineA
GetDeviceCaps
PatBlt
SetTextColor
FillRgn
BitBlt
MoveToEx
GetStockObject
ExtTextOutA
SetTextAlign
CreateCompatibleDC
SetBrushOrgEx
CreateRectRgn
SelectObject
GetTextExtentPoint32A
SetBkColor
DeleteObject
CreateCompatibleBitmap
CreateFontA
gluOrtho2D
ImmGetDescriptionA
ImmGetConversionStatus
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext
ImmSetOpenStatus
ImmIsIME
NotifyAddrChange
GetStdHandle
FileTimeToSystemTime
EncodePointer
SystemTimeToTzSpecificLocalTime
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
lstrcatA
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
WideCharToMultiByte
FindResourceExW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
LoadResource
InterlockedDecrement
SetLastError
TlsGetValue
GetUserDefaultLangID
OutputDebugStringW
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
CreateThread
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
DecodePointer
TerminateProcess
GetModuleHandleExW
ReadConsoleW
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
OpenProcess
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
TlsAlloc
FlushFileBuffers
RtlUnwind
Process32Next
Process32First
GetStartupInfoW
GlobalLock
GetProcessHeap
lstrcpyW
GetProcAddress
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
LCMapStringW
lstrlenA
GetConsoleCP
GetProcessTimes
GetEnvironmentStringsW
SizeofResource
GetCurrentProcessId
GetCPInfo
HeapSize
GetCommandLineA
RaiseException
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetModuleHandleW
IsValidCodePage
HeapCreate
WriteFile
Sleep
FindResourceA
NetWkstaUserGetInfo
DsGetRdnW
VariantTimeToSystemTime
LoadTypeLibEx
glVertex2f
glMatrixMode
glColor3f
glDisable
glViewport
glClear
glBegin
glLoadIdentity
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SHGetFileInfoA
SHBindToParent
SHParseDisplayName
SHGetDesktopFolder
StrStrA
StrStrIW
StrToIntExA
StrChrW
MapWindowPoints
GetMessageA
UpdateWindow
BeginPaint
DestroyMenu
FindWindowA
ShowWindow
MessageBeep
DrawFocusRect
LoadBitmapA
SetWindowPos
RemoveMenu
GetSystemMetrics
GetWindowRect
DispatchMessageA
GetWindowLongA
MessageBoxA
ScrollDC
TranslateMessage
IsWindowEnabled
GetWindowDC
GetSysColor
GetDC
ReleaseDC
LoadMenuA
SendMessageW
UnregisterClassA
SendMessageA
DialogBoxParamA
GetClientRect
GetDlgItem
GetWindow
ScreenToClient
InvalidateRect
GetSubMenu
CreateWindowExA
LoadCursorA
GetKeyboardLayout
FillRect
CopyRect
GetSysColorBrush
IsRectEmpty
GetFocus
SetScrollInfo
ScrollWindow
GetAncestor
DestroyWindow
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
FtpSetCurrentDirectoryA
mmioSeek
gethostbyname
htons
socket
WSAGetLastError
CoInitializeEx
CoRegisterClassObject
CoInitialize
CoRevokeClassObject
CoLockObjectExternal
ReleaseStgMedium
RegisterDragDrop
CoCreateInstance
StringFromCLSID
CreateFileMoniker
BindMoniker
PdhCollectQueryData
Ord(203)
Ord(202)
PE exports
Number of PE resources by type
RT_DIALOG 12
RT_BITMAP 9
RT_ICON 6
RT_STRING 4
BINARY 2
Struct(700) 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 38
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
ManiacTools (c). All rights reserved.

SubsystemVersion
5.1

Comments
Coaching Instances Megaflops Wap Love Technet

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.6.26.8

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Coaching Instances Megaflops Wap Love Technet

CharacterSet
Unicode

InitializedDataSize
324608

EntryPoint
0xbbe7

OriginalFileName
TurnpikeAttendant

MIMEType
application/octet-stream

LegalCopyright
ManiacTools (c). All rights reserved.

FileVersion
4.6.26.8

TimeStamp
2017:04:27 10:13:50+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
TurnpikeAttendant

ProductVersion
4.6.26.8

UninitializedDataSize
0

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
ManiacTools

CodeSize
111616

ProductName
TurnpikeAttendant

ProductVersionNumber
4.6.26.8

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 671f202b066ea3f1aebba3ccc13cd7e1
SHA1 89f9989be94ddff9a1e9f132adaca87efe09bf0e
SHA256 231b7a04ab898dc3b1595311d409caafc423b1aa23910f19df402abe627e8434
ssdeep
6144:DilH8P0Nc/rAsK68LQVePxwPogZ5h55KL0rOdVjrHD5:DilHU0m/ssb8LQVeZyJ55u2Od3

authentihash 0f1b685afc7265e5c96de5d5140ee5e3300978d2c4a63a7227229c73e843a84d
imphash a90a4bb99be8084989c3eb39cc641339
File size 427.0 KB ( 437248 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (76.4%)
Win32 Executable (generic) (12.4%)
Generic Win/DOS Executable (5.5%)
DOS Executable Generic (5.5%)
Tags
peexe

VirusTotal metadata
First submission 2017-04-27 11:28:23 UTC ( 3 semanas, 6 dias atrás )
Last submission 2017-05-08 17:58:55 UTC ( 2 semanas, 2 dias atrás )
Nomes do arquivo google_gmail.exe
231b7a04ab898dc3b1595311d409caafc423b1aa23910f19df402abe627e8434.bin
localfile~
TurnpikeAttendant
iscsmcbu.exe
radE88EF.tmp.pif
Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Terminated processes
Opened mutexes
Searched windows
Runtime DLLs
UDP communications