× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: a9b8a5ebdd8381635c150c56ca2c63ba718c81fecc615eae456f3f5be66189fc
Nome do arquivo: 2.bin
Taxa de detecção: 9 / 56
Data da análise: 2017-01-24 09:09:39 UTC ( 2 anos, 3 meses atrás )
Antivírus Resultado Atualização
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9944 20170124
CrowdStrike Falcon (ML) malicious_confidence_88% (D) 20161024
DrWeb Trojan.Kovter.297 20170124
ESET-NOD32 Win32/Kovter.C 20170124
Sophos ML trojan.win32.matsnu.o 20170111
Malwarebytes Trojan.Kovter 20170124
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20170124
Symantec ML.Attribute.VeryHighConfidence [Heur.AdvML.B] 20170123
Tencent Win32.Trojan.Inject.Auto 20170124
Ad-Aware 20170124
AegisLab 20170124
AhnLab-V3 20170124
Alibaba 20170122
ALYac 20170124
Antiy-AVL 20170124
Arcabit 20170124
Avast 20170124
AVG 20170124
Avira (no cloud) 20170123
AVware 20170124
BitDefender 20170124
CAT-QuickHeal 20170124
ClamAV 20170124
CMC 20170124
Comodo 20170124
Cyren 20170124
Emsisoft 20170124
F-Prot 20170124
F-Secure 20170124
Fortinet 20170124
GData 20170124
Ikarus 20170123
Jiangmin 20170124
K7AntiVirus 20170124
K7GW 20170124
Kaspersky 20170124
Kingsoft 20170124
McAfee 20170124
McAfee-GW-Edition 20170124
Microsoft 20170124
eScan 20170124
NANO-Antivirus 20170124
nProtect 20170124
Panda 20170123
Rising 20170124
Sophos AV 20170124
SUPERAntiSpyware 20170124
TheHacker 20170123
TotalDefense 20170124
TrendMicro 20170124
TrendMicro-HouseCall 20170124
Trustlook 20170124
VBA32 20170123
VIPRE 20170124
ViRobot 20170124
WhiteArmor 20170123
Yandex 20170123
Zillya 20170124
Zoner 20170124
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1991-2005 by Gougelet Pierre-e

Product XnView
Internal name XnView
File version 2.13
Description XnView SlideShow
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-06-05 06:15:09
Entry Point 0x00002A33
Number of sections 8
PE sections
Overlays
MD5 dca918207cf8bd3369aad3d31a7c7686
File type data
Offset 345600
Size 591
Entropy 7.67
PE imports
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExA
RegOpenKeyExA
RegQueryValueExW
AVIFileGetStream
AVIStreamLength
AVIFileOpenA
AVIStreamGetFrame
AVIStreamInfoA
AVIFileInit
AVIStreamRelease
AVIFileRelease
CreatePropertySheetPageA
PropertySheetA
CreatePropertySheetPageW
PropertySheetW
SetDIBits
ExtTextOutW
TextOutW
DeleteDC
GetTextExtentPoint32W
GetTextExtentPoint32A
TextOutA
ExtTextOutA
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteObject
GetStdHandle
GetConsoleOutputCP
GetFileAttributesA
WaitForSingleObject
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
GetCurrentProcess
GetConsoleMode
FreeEnvironmentStringsW
SetStdHandle
GetEnvironmentStringsA
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
SetEvent
MoveFileA
GetThreadPriority
InitializeCriticalSection
TlsGetValue
MoveFileW
SetFileAttributesW
SetLastError
CopyFileW
WriteProcessMemory
RemoveDirectoryW
CopyFileA
HeapAlloc
GetVersionExA
GetModuleFileNameA
LoadLibraryExA
SetThreadPriority
InterlockedDecrement
GetModuleHandleA
CreateDirectoryExW
CreateThread
MoveFileExW
SetUnhandledExceptionFilter
MulDiv
MoveFileExA
SetEnvironmentVariableA
CreateDirectoryExA
WriteConsoleA
GetVersion
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
CloseHandle
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
MoveFileWithProgressW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
MoveFileWithProgressA
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetDateFormatA
OpenProcess
CreateDirectoryA
DeleteFileA
GetDateFormatW
ReadProcessMemory
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
GetTimeFormatW
GetModuleFileNameW
FindFirstFileExA
FindNextFileW
GetTimeFormatA
FindNextFileA
FindFirstFileExW
WaitForMultipleObjects
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LCMapStringW
GetShortPathNameW
FindFirstChangeNotificationA
GetSystemInfo
GetConsoleCP
LCMapStringA
CompareStringW
GetEnvironmentStringsW
RemoveDirectoryA
GetShortPathNameA
FindFirstChangeNotificationW
VirtualFree
GetCurrentProcessId
CopyFileExA
GetCommandLineW
HeapSize
GetCommandLineA
CopyFileExW
InterlockedCompareExchange
GetCurrentThread
QueryPerformanceFrequency
CompareStringA
TlsFree
SetFilePointer
ReadFile
FindFirstFileA
GetACP
GetModuleHandleW
GetFileAttributesExW
GetLongPathNameW
CreateProcessA
IsValidCodePage
HeapCreate
CreateProcessW
GetLongPathNameA
Sleep
GetFileAttributesExA
OpenEventA
GetOEMCP
ResetEvent
ICSendMessage
ICClose
SysFreeString
SysAllocString
SHGetFileInfoA
DragQueryFileW
SHBrowseForFolderW
SHFileOperationW
Shell_NotifyIconW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderPathA
SHBrowseForFolderA
ShellExecuteExW
SHGetFileInfoW
DragQueryFileA
SHGetPathFromIDListA
SHGetSpecialFolderPathW
SHFileOperationA
ShellExecuteA
Shell_NotifyIconA
PeekMessageA
SetClassLongW
RegisterWindowMessageA
DefWindowProcA
SetWindowTextA
SetClassLongA
SetWindowLongW
AppendMenuA
SetDlgItemTextA
SetMenuItemInfoA
DialogBoxParamW
MessageBoxA
AppendMenuW
SetWindowLongA
DialogBoxParamA
SetMenuItemInfoW
SetDlgItemTextW
GetDC
InsertMenuItemA
CreateDialogParamW
ReleaseDC
GetClassInfoA
SendMessageW
UnregisterClassA
GetQueueStatus
wsprintfW
SendMessageA
UnregisterClassW
SetWindowTextW
CreateDialogParamA
RegisterClassA
GetWindowLongA
CreateWindowExA
CallWindowProcW
GetMenuItemInfoA
GetWindowTextW
CallWindowProcA
MsgWaitForMultipleObjects
GetWindowLongW
GetWindowTextA
GetMenuItemInfoW
PostThreadMessageA
DestroyWindow
timeKillEvent
mciGetErrorStringA
timeGetTime
mmioDescend
timeEndPeriod
mmioAscend
timeSetEvent
mmioOpenA
mmioClose
mciSendCommandA
mciSendStringA
timeBeginPeriod
GetOpenFileNameA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
CoInitializeEx
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoCreateInstance
CoFreeUnusedLibraries
CoTaskMemFree
CreateItemMoniker
Number of PE resources by type
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
FRENCH 3
CHINESE TRADITIONAL 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2007:06:05 07:15:09+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
69632

LinkerVersion
2.23

FileTypeExtension
exe

InitializedDataSize
275968

SubsystemVersion
4.0

EntryPoint
0x2a33

OSVersion
4.0

ImageVersion
1.0

UninitializedDataSize
16384

Compressed bundles
File identification
MD5 cdc58e02837a948ef32e670f0cba93ea
SHA1 39aeb74986cfa25d5f7540d7b8d90b144eeda92d
SHA256 a9b8a5ebdd8381635c150c56ca2c63ba718c81fecc615eae456f3f5be66189fc
ssdeep
6144:n/cB5+uj91VmdO9JweoHQOdbcqZrDYttZzTHhooDLeNVYzcnDnssqP/S:QnjPdJweYhbcq1ktjHHbDLen/nssL

authentihash 7a860698b7745a9cf7a93c0c26f3062e9d9440129aecec82e723b8eef0052c2f
imphash ba34b31eabc5c4fffd02c88846f79960
File size 338.1 KB ( 346191 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.1%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2017-01-24 09:09:39 UTC ( 2 anos, 3 meses atrás )
Last submission 2017-01-24 09:09:39 UTC ( 2 anos, 3 meses atrás )
Nomes do arquivo 2.bin
2.bin
XnView
Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Created processes
Terminated processes
Opened mutexes
Runtime DLLs