× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: 8cca087c41f035777f36bfb6c59000fe69abe425c230895087a79ad073964a2c
Nome do arquivo: magebotv55_1078.exe
Taxa de detecção: 1 / 57
Data da análise: 2015-06-10 11:00:08 UTC ( 3 anos, 10 meses atrás ) Visualizar últimos
Antivírus Resultado Atualização
Symantec WS.Reputation.1 20150610
Ad-Aware 20150610
AegisLab 20150610
Yandex 20150609
AhnLab-V3 20150609
Alibaba 20150609
ALYac 20150610
Antiy-AVL 20150610
Arcabit 20150610
Avast 20150610
AVG 20150610
Avira (no cloud) 20150610
AVware 20150610
Baidu-International 20150610
BitDefender 20150610
Bkav 20150609
ByteHero 20150610
CAT-QuickHeal 20150610
ClamAV 20150610
CMC 20150610
Comodo 20150610
Cyren 20150610
DrWeb 20150610
Emsisoft 20150610
ESET-NOD32 20150610
F-Prot 20150610
F-Secure 20150610
Fortinet 20150610
GData 20150610
Ikarus 20150610
Jiangmin 20150609
K7AntiVirus 20150610
K7GW 20150610
Kaspersky 20150609
Kingsoft 20150610
Malwarebytes 20150610
McAfee 20150610
McAfee-GW-Edition 20150609
Microsoft 20150610
eScan 20150610
NANO-Antivirus 20150610
nProtect 20150610
Panda 20150610
Qihoo-360 20150610
Rising 20150610
Sophos AV 20150610
SUPERAntiSpyware 20150610
Tencent 20150610
TheHacker 20150609
TotalDefense 20150610
TrendMicro 20150610
TrendMicro-HouseCall 20150610
VBA32 20150609
VIPRE 20150610
ViRobot 20150610
Zillya 20150610
Zoner 20150609
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2007

Product wuioasd tibp
Original name tibp.exe
Internal name tibp
File version 1, 0, 0, 1
Description tibp
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-05-13 06:11:37
Entry Point 0x0004BE8F
Number of sections 6
PE sections
Overlays
MD5 83bfcbe18a02ffe1f7189f45698f392d
File type data
Offset 667648
Size 96
Entropy 4.93
PE imports
TextOutA
SetBkMode
GetStockObject
GetSystemTime
GetLastError
HeapFree
GetStdHandle
WriteProcessMemory
VirtualAllocEx
FileTimeToSystemTime
WaitForSingleObject
Beep
LCMapStringA
HeapDestroy
GetTickCount
IsBadWritePtr
FlushFileBuffers
GetEnvironmentStringsW
GlobalUnlock
LoadLibraryA
RtlUnwind
GetModuleFileNameA
GetLocalTime
CreateRemoteThread
VirtualFree
GetCurrentProcess
GetVolumeInformationA
FileTimeToLocalFileTime
GetEnvironmentStrings
SetConsoleCtrlHandler
LCMapStringW
OpenProcess
UnhandledExceptionFilter
SetFilePointer
DeleteFileA
GetCurrentDirectoryA
FreeEnvironmentStringsW
MultiByteToWideChar
HeapSize
ReadProcessMemory
GetCommandLineA
GlobalLock
VirtualProtectEx
GetFileType
SetStdHandle
CompareStringW
RaiseException
CreateFileA
FreeEnvironmentStringsA
GetCPInfo
GetStringTypeA
GetModuleHandleA
GetSystemTimeAsFileTime
ReadFile
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
FindFirstFileA
CloseHandle
FreeConsole
FindClose
FindNextFileA
GetACP
HeapReAlloc
CreateThread
GetProcAddress
ExitProcess
SetEnvironmentVariableA
SetPriorityClass
GetOEMCP
SetHandleCount
TerminateProcess
GetTimeZoneInformation
WriteConsoleA
WideCharToMultiByte
HeapCreate
GlobalAlloc
GetStringTypeW
AllocConsole
Sleep
IsBadReadPtr
SetEndOfFile
IsBadCodePtr
HeapAlloc
GetVersion
VirtualAlloc
CompareStringA
ShellExecuteA
GetCursorPos
GetForegroundWindow
EmptyClipboard
EndDialog
EnumWindows
FindWindowA
GetWindowThreadProcessId
GetWindowRect
EnableWindow
SetDlgItemTextA
PostMessageA
GetDlgItemTextA
MessageBoxA
mouse_event
DialogBoxParamA
GetDlgItemInt
CheckDlgButton
GetDC
GetAsyncKeyState
ReleaseDC
SetWindowTextA
SetClipboardData
SendMessageA
CloseClipboard
CreateWindowExA
SetCursorPos
SetTimer
IsDlgButtonChecked
SetDlgItemInt
GetWindowTextA
GetDlgItem
OpenClipboard
PlaySoundA
htons
socket
recv
send
ioctlsocket
WSAStartup
gethostbyname
connect
inet_ntoa
WSACleanup
closesocket
WSAGetLastError
GetOpenFileNameA
GetSaveFileNameA
lua_pushstring
lua_close
lua_pushcclosure
lua_pushnumber
luaL_checkinteger
luaL_loadfile
lua_getfield
lua_tolstring
luaL_checklstring
lua_setfield
lua_pcall
luaL_checknumber
luaL_newstate
lua_settop
lua_checkstack
lua_pushnil
luaL_openlibs
lua_gettop
Number of PE resources by type
RT_DIALOG 5
RT_ICON 1
RT_MENU 1
RT_BITMAP 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 10
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
166305792

ImageVersion
0.0

ProductName
wuioasd tibp

FileVersionNumber
1.0.0.1

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
tibp

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
tibp.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1, 0, 0, 1

TimeStamp
2015:05:13 07:11:37+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
tibp

ProductVersion
1, 0, 0, 1

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 2007

MachineType
Intel 386 or later, and compatibles

CompanyName
wuioasd

CodeSize
413696

FileSubtype
0

ProductVersionNumber
1.0.0.1

EntryPoint
0x4be8f

ObjectFileType
Executable application

File identification
MD5 7ee9b5c18f83018f85f330d5bf75c115
SHA1 355c40d186eadd8f8e9a5b5dccac7114543c1f97
SHA256 8cca087c41f035777f36bfb6c59000fe69abe425c230895087a79ad073964a2c
ssdeep
12288:Jij5nXiJTB86nviy1SF70VFRylo4wzpzQ:Jij5XetSFyFRycz6

authentihash 9c3c71010ed849684315c5a201cf49cc01879e657cac7267a0260a0d16cfeac4
imphash 586db38e98d76056624e1b0dba0c7772
File size 652.1 KB ( 667744 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (78.5%)
Win32 Executable (generic) (11.3%)
Generic Win/DOS Executable (5.0%)
DOS Executable Generic (5.0%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-06-02 17:41:09 UTC ( 3 anos, 10 meses atrás )
Last submission 2015-11-30 13:52:04 UTC ( 3 anos, 4 meses atrás )
Nomes do arquivo tibp.exe
tibp
magebotv55_1078.exe
magebotv55_1078.exe
magebotv55.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!