× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: c606f24ce2edd678bd24ccb71cb4793d0e70b96e04b504268fecb431668da28a
Nome do arquivo: 111.exe
Taxa de detecção: 17 / 53
Data da análise: 2016-07-02 15:42:08 UTC ( 2 anos, 10 meses atrás ) Visualizar últimos
Antivírus Resultado Atualização
Avast Win32:Crypt-SMH [Trj] 20160702
AVG Generic_s.IGC 20160702
Avira (no cloud) TR/Crypt.ZPACK.cblp 20160702
AVware Trojan.Win32.Generic!BT 20160702
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160701
Bkav HW32.Packed.AD92 20160702
ESET-NOD32 Win32/TrojanDownloader.Agent.CFH 20160702
GData Win32.Trojan.Agent.1S4VWA 20160702
Kaspersky UDS:DangerousObject.Multi.Generic 20160702
McAfee Artemis!FE2F17538FA7 20160702
McAfee-GW-Edition BehavesLike.Win32.Backdoor.cc 20160702
Microsoft TrojanDownloader:Win32/Talalpek.A 20160702
Qihoo-360 QVM20.1.Malware.Gen 20160702
Sophos AV Mal/Generic-S 20160702
Symantec Heur.AdvML.C 20160701
Tencent Win32.Trojan-downloader.Agent.Eehj 20160702
VIPRE Trojan.Win32.Generic!BT 20160702
Ad-Aware 20160702
AegisLab 20160702
AhnLab-V3 20160702
Alibaba 20160701
ALYac 20160702
Antiy-AVL 20160702
Arcabit 20160702
BitDefender 20160702
CAT-QuickHeal 20160701
ClamAV 20160702
CMC 20160630
Comodo 20160702
Cyren 20160702
DrWeb 20160702
Emsisoft 20160702
F-Prot 20160702
F-Secure 20160702
Fortinet 20160702
Ikarus 20160702
Jiangmin 20160702
K7AntiVirus 20160702
K7GW 20160702
Kingsoft 20160702
Malwarebytes 20160702
eScan 20160702
NANO-Antivirus 20160702
nProtect 20160701
Panda 20160702
SUPERAntiSpyware 20160702
TheHacker 20160702
TrendMicro 20160702
TrendMicro-HouseCall 20160702
VBA32 20160701
ViRobot 20160702
Zillya 20160702
Zoner 20160702
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-07-14 10:54:05
Entry Point 0x000173C7
Number of sections 4
PE sections
PE imports
CopyFileW
CreateWaitableTimerA
CompareStringW
GetTickCount
ReplaceFileW
RemoveDirectoryA
WaitForSingleObjectEx
GetSystemDirectoryA
GetDiskFreeSpaceA
GetDateFormatA
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CreateHardLinkA
MoveFileExW
GetModuleHandleA
ReadFile
WriteFile
GetStartupInfoA
CreateMutexW
lstrcpynA
FindNextFileA
GetACP
HeapReAlloc
lstrcatW
GetBinaryTypeA
MoveFileA
GetNumberFormatA
GetLogicalDriveStringsW
QueryDosDeviceW
CreateFileA
OpenEventA
WriteConsoleW
InterlockedIncrement
ResUtilGetBinaryValue
ClusWorkerStart
ClusWorkerTerminate
ResUtilDupString
ClusWorkerCreate
ExtractIconA
FindExecutableA
DragQueryFileW
SHChangeNotify
DragQueryPoint
SHFileOperationA
SHGetDiskFreeSpaceA
SHBindToObject
SHFree
StrChrA
SHGetDataFromIDListA
ShellMessageBoxA
ExtractAssociatedIconA
DllRegisterServer
SHGetMalloc
ShellAboutA
DragFinish
DrawThemeEdge
GetThemeColor
GetCurrentThemeName
GetThemeEnumValue
OpenThemeData
CloseThemeData
GetThemeSysSize
GetWindowTheme
GetThemeBool
SetWindowTheme
GetThemeTextMetrics
Number of PE resources by type
RT_RCDATA 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2012:07:14 11:54:05+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
96256

LinkerVersion
6.0

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

EntryPoint
0x173c7

InitializedDataSize
16384

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 fe2f17538fa70ef3bf4f2ec6974091e3
SHA1 6377515dddda499fcd4a963b2e76fcdeb5a2d4d0
SHA256 c606f24ce2edd678bd24ccb71cb4793d0e70b96e04b504268fecb431668da28a
ssdeep
3072:LT8bpPP3/WgD+tGr1Ki9td9Orbl3DeJsKXss:LoZXbS4oad9gblSL

authentihash 050f17a884375e7a7a10246df701731397c98f63745b723b5e4ccda1acb02496
imphash 3d180d56e2a9bb8834543a51f7fbf280
File size 111.0 KB ( 113664 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-07-01 15:53:26 UTC ( 2 anos, 10 meses atrás )
Last submission 2018-10-09 15:06:40 UTC ( 7 meses, 2 semanas atrás )
Nomes do arquivo 111.exe
658.tmp
Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!