× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 14a3ec3deb2732a5b0be1ff91b8d205fab795a3accc47dc82cd385485fa6232f
File name: Mercury.exe
Detection ratio: 4 / 57
Analysis date: 2016-03-27 19:38:56 UTC ( 3 ani, 1 lună ago ) View latest
Antivirus Result Update
Bkav HW32.Packed.3050 20160327
CMC Virus.Win32.Sality!O 20160322
Jiangmin Trojan.Blocker.bki 20160327
Qihoo-360 HEUR/QVM18.1.Malware.Gen 20160327
Ad-Aware 20160327
AegisLab 20160327
Yandex 20160316
AhnLab-V3 20160327
Alibaba 20160323
ALYac 20160327
Antiy-AVL 20160327
Arcabit 20160327
Avast 20160327
AVG 20160327
Avira (no cloud) 20160327
AVware 20160327
Baidu 20160325
Baidu-International 20160327
BitDefender 20160327
ByteHero 20160327
CAT-QuickHeal 20160326
ClamAV 20160326
Comodo 20160327
Cyren 20160327
DrWeb 20160327
Emsisoft 20160327
ESET-NOD32 20160327
F-Prot 20160327
F-Secure 20160327
Fortinet 20160327
GData 20160327
Ikarus 20160327
K7AntiVirus 20160327
K7GW 20160323
Kaspersky 20160327
Kingsoft 20160327
Malwarebytes 20160327
McAfee 20160327
McAfee-GW-Edition 20160327
Microsoft 20160327
eScan 20160327
NANO-Antivirus 20160327
nProtect 20160325
Panda 20160327
Rising 20160327
Sophos AV 20160327
SUPERAntiSpyware 20160327
Symantec 20160327
Tencent 20160327
TheHacker 20160325
TrendMicro 20160327
TrendMicro-HouseCall 20160327
VBA32 20160326
VIPRE 20160327
ViRobot 20160327
Zillya 20160326
Zoner 20160327
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
File version 1.1.23.01
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-01-24 01:38:44
Entry Point 0x001DE2CB
Number of sections 3
PE sections
PE imports
RegCloseKey
GetOpenFileNameA
BitBlt
GetProcAddress
GetModuleHandleA
SafeArrayGetLBound
GetModuleBaseNameA
DragFinish
VerQueryValueA
mixerOpen
WSACleanup
CoGetObject
Number of PE resources by type
RT_ICON 11
RT_GROUP_ICON 5
RT_DIALOG 1
RT_MANIFEST 1
RT_MENU 1
RT_RCDATA 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 22
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
10.0

ImageVersion
0.0

FileVersionNumber
1.1.23.1

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

CharacterSet
Unicode

InitializedDataSize
1310208

EntryPoint
0x1de2cb

MIMEType
application/octet-stream

FileVersion
1.1.23.01

TimeStamp
2016:01:24 02:38:44+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.1.23.01

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
607744

FileSubtype
0

ProductVersionNumber
1.1.23.1

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 51ef004cec3ef155bc80f8163ca8e7b6
SHA1 b0c3c5469db39eed5fc476d9d611e39a2eb0b27c
SHA256 14a3ec3deb2732a5b0be1ff91b8d205fab795a3accc47dc82cd385485fa6232f
ssdeep
12288:ou7qzQSSorIkAzPrWj0ED8w5Qr8BL4lmo:vGprIk/QM4B

authentihash 1b7c65e348e6638dfc335b355e50e0cb9f20c464c3d57feb02aa0e375583b37a
imphash 834e7dc9c58f47e31132608e12db226a
File size 430.5 KO ( 440832 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe

VirusTotal metadata
First submission 2016-03-27 12:27:07 UTC ( 3 ani, 1 lună ago )
Last submission 2016-03-27 19:38:56 UTC ( 3 ani, 1 lună ago )
File names Mercury.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs
UDP communications