× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 158f8334be4041e2bbf326dbd9b3edfa810b4ced788b9f5a86e61b3560eea30b
Имя файла: WOTOMatic.exe
Показатель выявления: 1 / 56
Дата анализа: 2014-11-27 06:50:10 UTC (2 лет, 4 месяцев назад) Показать последний анализ
Антивирус Результат Дата обновления
McAfee-GW-Edition BehavesLike.Win32.Generic.th 20141127
Ad-Aware 20141127
AegisLab 20141127
Yandex 20141126
AhnLab-V3 20141126
ALYac 20141127
Antiy-AVL 20141127
Avast 20141127
AVG 20141127
Avira (no cloud) 20141127
AVware 20141121
Baidu-International 20141126
BitDefender 20141127
Bkav 20141126
ByteHero 20141127
CAT-QuickHeal 20141127
ClamAV 20141127
CMC 20141126
Comodo 20141127
Cyren 20141127
DrWeb 20141127
Emsisoft 20141127
ESET-NOD32 20141127
F-Prot 20141126
F-Secure 20141127
Fortinet 20141127
GData 20141127
Ikarus 20141127
Jiangmin 20141126
K7AntiVirus 20141126
K7GW 20141126
Kaspersky 20141126
Kingsoft 20141127
Malwarebytes 20141127
McAfee 20141127
Microsoft 20141127
eScan 20141127
NANO-Antivirus 20141127
Norman 20141127
nProtect 20141126
Panda 20141126
Qihoo-360 20141127
Rising 20141126
Sophos 20141127
SUPERAntiSpyware 20141127
Symantec 20141127
Tencent 20141127
TheHacker 20141124
TotalDefense 20141126
TrendMicro 20141127
TrendMicro-HouseCall 20141127
VBA32 20141126
VIPRE 20141127
ViRobot 20141127
Zillya 20141126
Zoner 20141125
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Publisher Yury_SNEGOV
Product WOT-O-Matic
File version 1.0.0.0
Packers identified
PEiD BobSoft Mini Delphi -> BoB / BobSoft
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x000D31EC
Number of sections 8
PE sections
PE imports
RegFlushKey
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
ImageList_BeginDrag
ImageList_SetBkColor
InitCommonControls
ImageList_SetDragCursorImage
ImageList_Read
ImageList_GetDragImage
ImageList_Create
ImageList_DragMove
ImageList_DrawEx
ImageList_SetIconSize
ImageList_Write
ImageList_GetImageCount
ImageList_Destroy
ImageList_Draw
ImageList_GetIconSize
ImageList_DragLeave
ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_Add
ImageList_DragShowNolock
ImageList_Remove
ImageList_EndDrag
GetBrushOrgEx
GetDIBColorTable
GetEnhMetaFileDescriptionA
DeleteEnhMetaFile
SetMapMode
GetWindowOrgEx
PatBlt
GetClipBox
GetCurrentPositionEx
SaveDC
ResizePalette
CreateFontIndirectA
GetTextMetricsA
MaskBlt
CreateBrushIndirect
SetStretchBltMode
GetEnhMetaFilePaletteEntries
GetPixel
Rectangle
BitBlt
GetObjectA
ExcludeClipRect
LineTo
DeleteDC
RestoreDC
SetBkMode
GetSystemPaletteEntries
SetPixel
CreateSolidBrush
SetPaletteEntries
CreateHalftonePalette
CreateDIBSection
CopyEnhMetaFileA
RealizePalette
SetTextColor
GetDeviceCaps
MoveToEx
SetEnhMetaFileBits
IntersectClipRect
CreateBitmap
RectVisible
CreatePalette
GetStockObject
CreateDIBitmap
SetViewportOrgEx
SelectPalette
ExtTextOutA
UnrealizeObject
GetDIBits
CreateEnhMetaFileA
GetEnhMetaFileBits
SetBrushOrgEx
GetDCOrgEx
PlayEnhMetaFile
StretchBlt
StretchDIBits
GetBitmapBits
CreateCompatibleDC
CloseEnhMetaFile
SetROP2
SelectObject
GetTextExtentPoint32A
GetNearestPaletteIndex
GetWinMetaFileBits
SetDIBColorTable
GetEnhMetaFileHeader
GetPaletteEntries
SetWindowOrgEx
Polyline
ExtCreatePen
SetBkColor
SetWinMetaFileBits
DeleteObject
CreateCompatibleBitmap
CreatePenIndirect
LPtoDP
SetThreadLocale
GetStdHandle
FileTimeToDosDateTime
GetFileAttributesA
WaitForSingleObject
GetLocalTime
DeleteCriticalSection
GetLocaleInfoA
LocalAlloc
SetErrorMode
GetCPInfo
InterlockedExchange
WriteFile
GetDiskFreeSpaceA
GetFullPathNameA
SetEvent
LocalFree
MoveFileA
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
GetStringTypeExA
GlobalFindAtomA
ExitProcess
GetModuleFileNameA
EnumCalendarInfoA
LoadLibraryExA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
CreateThread
GlobalAddAtomA
MulDiv
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
EnterCriticalSection
FreeLibrary
GetTickCount
GetVersionExA
LoadLibraryA
RtlUnwind
GlobalSize
GetStartupInfoA
GetDateFormatA
GetFileSize
CreateDirectoryA
DeleteFileA
GetUserDefaultLCID
GlobalReAlloc
FindFirstFileA
lstrcpyA
ResetEvent
GetComputerNameA
FindNextFileA
IsValidLocale
GetProcAddress
GetTimeZoneInformation
CreateEventA
GetFileType
TlsSetValue
CreateFileA
LeaveCriticalSection
GetLastError
DosDateTimeToFileTime
GlobalDeleteAtom
GetSystemInfo
lstrlenA
GlobalFree
GetThreadLocale
GlobalUnlock
VirtualQuery
WinExec
FileTimeToLocalFileTime
SizeofResource
GetCurrentProcessId
LockResource
SetFileTime
WideCharToMultiByte
GetCommandLineA
RaiseException
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetACP
GlobalLock
GetVersion
FreeResource
VirtualFree
Sleep
FindResourceA
VirtualAlloc
CompareStringA
CreateStreamOnHGlobal
OleUninitialize
OleDraw
CoInitialize
OleInitialize
ProgIDFromCLSID
IsAccelerator
CoCreateInstance
StringFromCLSID
CoUninitialize
OleSetMenuDescriptor
IsEqualGUID
CoTaskMemFree
CoGetClassObject
CreateErrorInfo
VariantChangeType
SafeArrayGetLBound
SafeArrayPtrOfIndex
SysAllocStringLen
VariantCopyInd
VariantClear
GetActiveObject
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
SetErrorInfo
VariantCopy
GetErrorInfo
SysFreeString
VariantInit
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
RedrawWindow
GetForegroundWindow
EnableScrollBar
DestroyMenu
PostQuitMessage
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
SetMenuItemInfoA
CharUpperBuffA
WindowFromPoint
DrawIcon
GetMessageTime
SetActiveWindow
GetMenuItemID
GetCursorPos
ReleaseDC
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
CharLowerBuffA
SetScrollPos
CallNextHookEx
GetKeyboardState
ClientToScreen
GetTopWindow
ShowCursor
ScrollWindow
GetWindowTextA
GetKeyState
PtInRect
DrawEdge
GetParent
UpdateWindow
SetPropA
EqualRect
EnumWindows
DefMDIChildProcA
ShowWindow
SetClassLongA
GetPropA
GetDesktopWindow
TranslateMDISysAccel
EnableWindow
SetWindowPlacement
PeekMessageA
GetClipboardData
TranslateMessage
IsWindowEnabled
GetWindow
ActivateKeyboardLayout
InsertMenuItemA
CreatePopupMenu
GetIconInfo
LoadStringA
SetParent
CharLowerA
IsZoomed
GetWindowPlacement
GetKeyboardLayoutList
DrawMenuBar
IsIconic
RegisterClassA
GetMenuItemCount
GetWindowLongA
SetTimer
OemToCharA
GetActiveWindow
ShowOwnedPopups
FillRect
EnumThreadWindows
CharNextA
GetSysColorBrush
CreateMenu
DestroyWindow
IsChild
IsDialogMessageA
SetFocus
MapVirtualKeyA
SetCapture
BeginPaint
OffsetRect
GetScrollPos
KillTimer
RegisterWindowMessageA
DefWindowProcA
MapWindowPoints
GetSystemMetrics
EnableMenuItem
SetScrollRange
GetWindowRect
InflateRect
PostMessageA
ReleaseCapture
GetScrollRange
SetWindowLongA
RemovePropA
SetWindowTextA
CheckMenuItem
GetSubMenu
GetLastActivePopup
DrawIconEx
CreateWindowExA
ScreenToClient
InsertMenuA
FindWindowExA
LoadCursorA
LoadIconA
TrackPopupMenu
SetWindowsHookExA
GetMenuStringA
GetMenuState
GetKeyboardLayout
GetSystemMenu
GetDC
SetForegroundWindow
CharToOemA
DrawTextA
IntersectRect
GetScrollInfo
GetCapture
WaitMessage
FindWindowA
MessageBeep
RemoveMenu
GetWindowThreadProcessId
ShowScrollBar
DrawFrameControl
UnhookWindowsHookEx
RegisterClipboardFormatA
CallWindowProcA
MessageBoxA
GetClassNameA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
LoadKeyboardLayoutA
GetSysColor
SetScrollInfo
GetMenuItemInfoA
SystemParametersInfoA
DestroyIcon
GetKeyNameTextA
IsWindowVisible
GetDCEx
WinHelpA
FrameRect
SetRect
DeleteMenu
InvalidateRect
DefFrameProcA
CreateIcon
IsRectEmpty
GetCursor
GetFocus
GetKeyboardType
SetMenu
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
HttpSendRequestA
InternetOpenUrlA
HttpAddRequestHeadersA
InternetReadFile
InternetCloseHandle
InternetOpenA
HttpQueryInfoA
Number of PE resources by type
RT_STRING 20
RT_BITMAP 11
TEXT 9
RT_GROUP_CURSOR 7
RT_CURSOR 7
PNG 5
RT_RCDATA 4
RT_ICON 3
RT_DIALOG 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 49
RUSSIAN 20
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
477696

ImageVersion
0.0

ProductName
WOT-O-Matic

FileVersionNumber
1.0.0.0

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Windows, Cyrillic

LinkerVersion
2.25

MIMEType
application/octet-stream

FileVersion
1.0.0.0

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

FileAccessDate
2014:12:20 07:40:59+01:00

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileCreateDate
2014:12:20 07:40:59+01:00

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Yury_SNEGOV

CodeSize
861184

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0xd31ec

ObjectFileType
Executable application

File identification
MD5 2ee0c9795187dfb5ef97c54324e949f4
SHA1 3dca5c0a1a93552248d2a1fa2319b8f6d7bc6bcd
SHA256 158f8334be4041e2bbf326dbd9b3edfa810b4ced788b9f5a86e61b3560eea30b
ssdeep
24576:ChSa8+XjiWAwipoYYi/zaK/G0OZseWZOj3mEJqOTJ6JMvCvYmFB8:ChSa/jJ98bl/8ZseWZOjW4TJ6J

authentihash 16bf310fe8b18c7bbd3fa4e9a0b4dc25f84cd1d5c857d20afb312e51d5357934
imphash e87fe5c52c6ab842fe49b2ac3f488ad6
Размер файла 1.3 MБ ( 1339904 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Borland Delphi 7 (46.9%)
Win32 Executable Borland Delphi 5 (31.8%)
Win32 Executable Borland Delphi 6 (18.5%)
Win32 Executable Delphi generic (1.0%)
Windows Screen Saver (0.9%)
Tags
bobsoft peexe

VirusTotal metadata
First submission 2014-11-27 06:50:10 UTC (2 лет, 4 месяцев назад)
Last submission 2014-11-27 06:50:10 UTC (2 лет, 4 месяцев назад)
Имена файлов WOTOMatic.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.