× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: c646090c2efa362d4f543c94fb79caaf53d7b870aad8af4b79bea640228492d2
Nome do arquivo: Kit First V2.EXE
Taxa de detecção: 18 / 61
Data da análise: 2017-04-17 13:33:56 UTC ( 1 mês, 1 semana atrás ) Visualizar últimos
Antivírus Resultado Atualização
Antiy-AVL Trojan/Script.AGeneric 20170417
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170130
Cyren W32/Trojan.OHBI-7274 20170417
Emsisoft Riskware.Win32.GameHack (A) 20170417
Endgame malicious (high confidence) 20170413
ESET-NOD32 a variant of Win32/HackTool.CheatEngine.AF potentially unsafe 20170417
Fortinet W32/Generic.AC.17F472!tr 20170417
GData Win32.Riskware.Hacktool.D 20170417
Invincea trojan.win32.swrort.a 20170413
Jiangmin TrojanDropper.Injector.aqkx 20170417
K7AntiVirus Unwanted-Program ( 004ba1a41 ) 20170417
K7GW Unwanted-Program ( 004ba1a41 ) 20170417
McAfee-GW-Edition BehavesLike.Win32.PUPXAR.wc 20170417
Rising Malware.Heuristic!ET#95% (rdm+) 20170417
SentinelOne (Static ML) static engine - malicious 20170330
Symantec ML.Attribute.HighConfidence 20170416
Yandex HackTool.CheatEngine!h2lP7QG9eRI 20170417
Zoner Trojan.Cheatengine 20170417
Ad-Aware 20170417
AegisLab 20170417
AhnLab-V3 20170417
Alibaba 20170417
ALYac 20170417
Arcabit 20170417
Avast 20170417
AVG 20170417
Avira (no cloud) 20170417
AVware 20170417
Baidu 20170417
BitDefender 20170417
Bkav 20170415
CAT-QuickHeal 20170417
ClamAV 20170417
CMC 20170417
Comodo 20170417
DrWeb 20170417
F-Prot 20170417
F-Secure 20170417
Ikarus 20170417
Kaspersky 20170417
Kingsoft 20170417
Malwarebytes 20170417
McAfee 20170417
Microsoft 20170417
eScan 20170417
NANO-Antivirus 20170416
nProtect 20170417
Palo Alto Networks (Known Signatures) 20170417
Panda 20170417
Qihoo-360 20170417
Sophos 20170417
SUPERAntiSpyware 20170417
Symantec Mobile Insight 20170414
Tencent 20170417
TheHacker 20170416
TrendMicro 20170417
TrendMicro-HouseCall 20170417
Trustlook 20170417
VBA32 20170417
VIPRE 20170417
ViRobot 20170417
Webroot 20170417
WhiteArmor 20170409
Zillya 20170414
ZoneAlarm by Check Point 20170417
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-06-28 14:45:44
Entry Point 0x000015EB
Number of sections 5
PE sections
PE imports
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
SetStdHandle
SetHandleCount
LoadLibraryA
WaitForSingleObject
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
RemoveDirectoryA
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
SizeofResource
GetConsoleMode
GetLocaleInfoA
GetCurrentProcessId
GetConsoleOutputCP
WriteConsoleW
CreateDirectoryA
DeleteFileA
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetStringTypeA
GetConsoleCP
LeaveCriticalSection
LCMapStringW
SetFilePointer
GetTempPathA
WideCharToMultiByte
TlsFree
GetModuleHandleA
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
CloseHandle
GetTempFileNameA
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
HeapAlloc
TerminateProcess
GetEnvironmentStrings
CreateProcessA
LCMapStringA
WriteConsoleA
IsValidCodePage
LoadResource
VirtualFree
TlsGetValue
Sleep
GetFileType
TlsSetValue
CreateFileA
GetTickCount
GetCurrentThreadId
FindResourceA
VirtualAlloc
HeapCreate
SetLastError
InterlockedIncrement
PathRemoveFileSpecA
PathAddBackslashA
PathStripPathA
MessageBoxA
Number of PE resources by type
RT_RCDATA 2
RT_ICON 1
RT_GROUP_ICON 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 3
NEUTRAL 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2013:06:28 15:45:44+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
36352

LinkerVersion
9.0

EntryPoint
0x15eb

InitializedDataSize
4146176

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 8fec0e99a6f325ae8d2c2940748c33d1
SHA1 97dad8798b8c16836cc6fcc153f8a542fec928ee
SHA256 c646090c2efa362d4f543c94fb79caaf53d7b870aad8af4b79bea640228492d2
ssdeep
49152:xXi7D5eB4b4k+ARUtcHmae6fP+LC7GE1GdG+XB5Kf/53WZSfUW3k7QM45XiRSSy8:25B4ngjGabeUiy538SsneigSSM7b

authentihash db08945108e72319959c5eb89a5540f947ce0384ab78e8197934d3e2d83a4579
imphash 8d92fa1956a6a631c642190121740197
File size 4.0 MB ( 4183552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2017-04-17 13:33:56 UTC ( 1 mês, 1 semana atrás )
Last submission 2017-04-20 12:18:32 UTC ( 1 mês, 1 semana atrás )
Nomes do arquivo Kit First V2.EXE
Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files
Deleted files
Created processes
Runtime DLLs
UDP communications