× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: edd990951419a733f8d194430631590049cfefa33ac4a1a7c471cd0113739218
Nome do arquivo: Client Hack By LuaBatman And Spvic.exe
Taxa de detecção: 7 / 56
Data da análise: 2015-10-03 15:36:21 UTC ( 3 anos, 6 meses atrás )
Antivírus Resultado Atualização
Yandex HackTool.CheatEngine!h2lP7QG9eRI 20150930
Cyren W32/CheatEngine.B.gen!Eldorado 20151003
ESET-NOD32 a variant of Win32/HackTool.CheatEngine.AF potentially unsafe 20151003
F-Prot W32/CheatEngine.B.gen!Eldorado 20150929
Jiangmin TrojanDropper.Injector.bhlg 20151001
Malwarebytes HackTool.CheatEngine 20151003
Symantec SAPE.Heur.80100 20151002
Ad-Aware 20151003
AegisLab 20151003
AhnLab-V3 20151003
Alibaba 20150927
ALYac 20151003
Antiy-AVL 20151003
Arcabit 20151003
Avast 20151003
AVG 20151003
Avira (no cloud) 20151003
AVware 20151003
Baidu-International 20151003
BitDefender 20151003
Bkav 20151003
ByteHero 20151003
CAT-QuickHeal 20151003
ClamAV 20151002
CMC 20151002
Comodo 20151003
DrWeb 20151003
Emsisoft 20151003
F-Secure 20151003
Fortinet 20151003
GData 20151003
Ikarus 20151003
K7AntiVirus 20151003
K7GW 20151003
Kaspersky 20151003
Kingsoft 20151003
McAfee 20151003
McAfee-GW-Edition 20151002
Microsoft 20151003
eScan 20151003
NANO-Antivirus 20151003
nProtect 20151002
Panda 20151003
Qihoo-360 20151003
Rising 20151002
Sophos AV 20151003
SUPERAntiSpyware 20151003
Tencent 20151003
TheHacker 20151002
TrendMicro 20151003
TrendMicro-HouseCall 20151003
VBA32 20151003
VIPRE 20151003
ViRobot 20151003
Zillya 20151003
Zoner 20151003
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT RAR
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-12-17 16:14:10
Entry Point 0x0000B2EC
Number of sections 5
PE sections
Overlays
MD5 09f644ab514e5e778b72dd39b62f37c6
File type data
Offset 621568
Size 30578715
Entropy 8.00
PE imports
RegCreateKeyExW
RegCloseKey
OpenProcessToken
RegSetValueExW
RegOpenKeyExW
SetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
SetFileSecurityA
RegQueryValueExW
Ord(17)
InitCommonControlsEx
GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW
GetDeviceCaps
DeleteDC
SelectObject
StretchBlt
GetObjectW
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
SetFilePointer
GetSystemTime
GetLastError
HeapFree
GetStdHandle
DosDateTimeToFileTime
ReadFile
FileTimeToSystemTime
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
FindNextFileA
CompareStringW
HeapAlloc
SystemTimeToFileTime
IsDBCSLeadByte
GetCommandLineW
GetFileAttributesW
GetCurrentProcess
FileTimeToLocalFileTime
MoveFileW
OpenFileMappingW
SetFileAttributesA
GetDateFormatW
CreateDirectoryA
DeleteFileA
GetCPInfo
ExitProcess
MultiByteToWideChar
SetEnvironmentVariableW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CreateFileMappingW
GetTimeFormatW
WriteFile
SetFileAttributesW
CloseHandle
WideCharToMultiByte
MapViewOfFile
MoveFileExW
ExpandEnvironmentStringsW
FindNextFileW
SetEndOfFile
GetFileAttributesA
GetTempPathW
FindFirstFileA
FindFirstFileW
HeapReAlloc
GetModuleHandleW
GetFullPathNameA
GetCurrentDirectoryW
LoadLibraryW
SetCurrentDirectoryW
UnmapViewOfFile
FindResourceW
CreateFileW
GlobalAlloc
LocalFileTimeToFileTime
FindClose
Sleep
GetFileType
GetFullPathNameW
SetFileTime
CreateFileA
GetTickCount
GetLocaleInfoW
GetNumberFormatW
SetLastError
CompareStringA
VariantInit
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
SHAutoComplete
SetFocus
MapWindowPoints
GetParent
UpdateWindow
EndDialog
LoadBitmapW
DefWindowProcW
CopyRect
GetWindowTextW
GetMessageW
ShowWindow
GetSystemMetrics
SetWindowPos
wvsprintfW
CharToOemBuffA
SetWindowLongW
IsWindow
SendMessageW
GetWindowRect
RegisterClassExW
CharUpperW
DialogBoxParamW
CharToOemBuffW
wvsprintfA
SendDlgItemMessageW
GetDlgItemTextW
PostMessageW
GetSysColor
SetDlgItemTextW
GetDC
ReleaseDC
DestroyIcon
TranslateMessage
IsWindowVisible
LoadStringW
SetWindowTextW
GetDlgItem
GetWindow
MessageBoxW
DispatchMessageW
GetClassNameW
PeekMessageW
CharUpperA
OemToCharA
EnableWindow
GetClientRect
WaitForInputIdle
OemToCharBuffA
LoadCursorW
LoadIconW
FindWindowExW
CreateWindowExW
GetWindowLongW
SetForegroundWindow
DestroyWindow
CharToOemA
CreateStreamOnHGlobal
OleUninitialize
CoCreateInstance
OleInitialize
CLSIDFromString
Number of PE resources by type
RT_DIALOG 6
RT_STRING 5
RT_ICON 2
RT_MANIFEST 1
RT_BITMAP 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 13
NEUTRAL DEFAULT 3
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2010:12:17 17:14:10+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
71680

LinkerVersion
9.0

EntryPoint
0xb2ec

InitializedDataSize
548864

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 3bb745e2a33d810108e8e01a7511c876
SHA1 62f12d13ba15ed1cc1c117188f260197867e8078
SHA256 edd990951419a733f8d194430631590049cfefa33ac4a1a7c471cd0113739218
ssdeep
786432:4R1bmoyhM/O6fsoXQ96HetqlV5VDroltrvODpchNSU6DmjPC6V:wmoyhMG6cVOVDrol1v5o6PD

authentihash a78a839d382024f5d3e8fdcfa38806d70692b782b8168befac2c1334d0809317
imphash 93ff054b805e17efd7f7ae1730680391
File size 29.8 MB ( 31200283 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-10-03 15:36:21 UTC ( 3 anos, 6 meses atrás )
Last submission 2015-10-03 15:36:21 UTC ( 3 anos, 6 meses atrás )
Nomes do arquivo Client Hack By LuaBatman And Spvic.exe
Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!