× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 0fa1ed6c97b01c9932c9cd586b622e0bff0b8252a0c0592a5e29750e9963ba25
Имя файла: net19.exe
Показатель выявления: 19 / 51
Дата анализа: 2014-03-28 12:18:04 UTC (5 лет, 1 месяц назад) Показать последний анализ
Антивирус Результат Дата обновления
Ad-Aware Gen:Variant.Symmi.40037 20140328
Antiy-AVL Trojan/Win32.Cutwail 20140328
Avast Win32:Agent-ATBZ [Trj] 20140328
BitDefender Gen:Variant.Symmi.40037 20140328
CMC Packed.Win32.Katusha.1!O 20140328
DrWeb Trojan.DownLoader9.48272 20140328
Emsisoft Gen:Variant.Symmi.40037 (B) 20140328
ESET-NOD32 a variant of Win32/Injector.AZBY 20140328
F-Secure Gen:Variant.Symmi.40037 20140328
GData Gen:Variant.Symmi.40037 20140328
Kaspersky HEUR:Trojan.Win32.Generic 20140328
Kingsoft Win32.Troj.Generic.a.(kcloud) 20140328
Malwarebytes Spyware.Zbot.ED 20140328
McAfee PWSZbot-FTJ!BEFB64CBE1DB 20140328
McAfee-GW-Edition PWSZbot-FTJ!BEFB64CBE1DB 20140328
eScan Gen:Variant.Symmi.40037 20140328
NANO-Antivirus Trojan.Win32.Cutwail.cuodvy 20140328
Panda Trj/Genetic.gen 20140328
VBA32 Trojan.Cutwail 20140328
AegisLab 20140328
Yandex 20140327
AhnLab-V3 20140327
AntiVir 20140328
AVG 20140328
Baidu-International 20140328
Bkav 20140328
ByteHero 20140328
CAT-QuickHeal 20140328
ClamAV 20140327
Commtouch 20140328
Comodo 20140328
F-Prot 20140328
Fortinet 20140328
Ikarus 20140328
Jiangmin 20140328
K7AntiVirus 20140327
K7GW 20140328
Microsoft 20140328
Norman 20140327
nProtect 20140328
Qihoo-360 20140328
Rising 20140328
Sophos AV 20140328
SUPERAntiSpyware 20140328
Symantec 20140328
TheHacker 20140327
TotalDefense 20140328
TrendMicro 20140328
TrendMicro-HouseCall 20140328
VIPRE 20140328
ViRobot 20140328
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-03-05 09:32:09
Entry Point 0x000012CB
Number of sections 4
PE sections
PE imports
GetDeviceCaps
GetTextAlign
GetTextCharset
GetLayout
GetSystemTime
GetLastError
InterlockedDecrement
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
GetModuleFileNameA
RtlUnwind
LoadLibraryA
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetEnvironmentStrings
GetLocaleInfoA
GetCurrentProcessId
GetCPInfo
UnhandledExceptionFilter
SetErrorMode
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetCommandLineA
GetProcAddress
GetStringTypeA
QueryPerformanceFrequency
WideCharToMultiByte
TlsFree
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
HeapAlloc
TerminateProcess
LCMapStringA
IsValidCodePage
HeapCreate
VirtualFree
TlsGetValue
Sleep
GetFileType
GetTickCount
TlsSetValue
GetCurrentThreadId
GetVersion
LeaveCriticalSection
VirtualAlloc
SetLastError
InterlockedIncrement
GetSystemMetrics
GetParent
GetActiveWindow
GetDesktopWindow
EnumDisplaySettingsW
SystemParametersInfoW
EnumDisplayDevicesW
Number of PE resources by type
RT_BITMAP 2
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2014:03:05 10:32:09+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
28160

LinkerVersion
0.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x12cb

InitializedDataSize
87040

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 befb64cbe1dbd0d82dfbfe4d5ea6249a
SHA1 e7916ba2892338afa401a39907458a33a55a76ba
SHA256 0fa1ed6c97b01c9932c9cd586b622e0bff0b8252a0c0592a5e29750e9963ba25
ssdeep
3072:scxo4+aSf9a7woUaBhW8p8TSF5U/4Lbvo5TtM:4ewop6Sg/vhM

authentihash ce2898dd6fc64333e96fb25e85840deb2a86eb3e87429be5ed58a3b8d2de3dbd
imphash 52424672dc2f2d17b9b5030ed0545c6c
Размер файла 113.5 KБ ( 116224 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (39.9%)
Win64 Executable (generic) (35.4%)
Win32 Dynamic Link Library (generic) (8.4%)
Win32 Executable (generic) (5.7%)
Win16/32 Executable Delphi generic (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2014-03-28 12:18:04 UTC (5 лет, 1 месяц назад)
Last submission 2019-01-20 05:10:16 UTC (4 месяцев назад)
Имена файлов net19.exe
0fa1ed6c97b01c9932c9cd586b622e0bff0b8252a0c0592a5e29750e9963ba25.bin
file-6791137_exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Created processes
Code injections in the following processes
Opened mutexes
Runtime DLLs