× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 1f25ed95bb13545ca63dcb7d1ca6da3fb501fc9f510283d733344d8654be0720
Имя файла: AbilityCash.exe
Показатель выявления: 1 / 55
Дата анализа: 2016-12-31 10:23:37 UTC (2 лет, 4 месяцев назад) Показать последний анализ
Антивирус Результат Дата обновления
Comodo Application.Win32.Adware.ConvertAd.BA 20161231
Ad-Aware 20161231
AegisLab 20161231
AhnLab-V3 20161230
Alibaba 20161223
ALYac 20161231
Antiy-AVL 20161231
Arcabit 20161231
Avast 20161231
AVG 20161231
Avira (no cloud) 20161230
AVware 20161231
Baidu 20161207
BitDefender 20161231
CAT-QuickHeal 20161230
ClamAV 20161231
CMC 20161231
CrowdStrike Falcon (ML) 20161024
Cyren 20161231
DrWeb 20161231
Emsisoft 20161231
ESET-NOD32 20161231
F-Prot 20161231
F-Secure 20161231
Fortinet 20161231
GData 20161231
Ikarus 20161231
Sophos ML 20161216
Jiangmin 20161231
K7AntiVirus 20161231
K7GW 20161231
Kaspersky 20161231
Kingsoft 20161231
Malwarebytes 20161231
McAfee 20161231
McAfee-GW-Edition 20161231
Microsoft 20161231
eScan 20161231
NANO-Antivirus 20161231
nProtect 20161231
Panda 20161231
Qihoo-360 20161231
Rising 20161231
Sophos AV 20161231
SUPERAntiSpyware 20161231
Symantec 20161231
Tencent 20161231
TheHacker 20161229
TrendMicro 20161231
TrendMicro-HouseCall 20161231
Trustlook 20161231
VBA32 20161229
VIPRE 20161231
ViRobot 20161231
WhiteArmor 20161221
Yandex 20161230
Zillya 20161230
Zoner 20161231
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2001-2015

Product AbilityCash
Original name AbilityCash.exe
Internal name AbilityCash
File version 3.0.267
Description AbilityCash
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-07 12:30:46
Entry Point 0x0018D855
Number of sections 7
PE sections
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegOpenKeyExA
RegQueryValueExW
ImageList_Create
ImageList_Draw
InitCommonControlsEx
ImageList_Destroy
ImageList_AddMasked
GetOpenFileNameW
ChooseColorW
ChooseFontW
GetSaveFileNameW
PrintDlgW
PageSetupDlgW
GetTextMetricsW
Polygon
TextOutW
CreateFontIndirectW
PatBlt
OffsetRgn
CreatePen
GdiFlush
CreateRectRgnIndirect
StretchBlt
SelectObject
Rectangle
GetDeviceCaps
ExcludeClipRect
LineTo
DeleteDC
SetBkMode
RectInRegion
SetPixel
EndDoc
CreateSolidBrush
StartPage
GetRegionData
IntersectClipRect
BitBlt
CreateDIBSection
SetTextColor
GetTextExtentPointW
CreatePatternBrush
GetCurrentObject
GetObjectW
CreateBitmap
MoveToEx
GetStockObject
SetViewportOrgEx
SetTextAlign
SelectClipRgn
CreateCompatibleDC
StartDocW
DeleteObject
GetBkColor
SetROP2
EndPage
CreateRectRgn
LineDDA
GetTextExtentPoint32A
GetTextColor
SetWindowOrgEx
Polyline
GetClipRgn
SetBkColor
GetTextExtentPoint32W
CreateCompatibleBitmap
GetStdHandle
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
FindNextFileA
HeapDestroy
EncodePointer
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
HeapReAlloc
GetConsoleMode
lstrcatA
OpenFileMappingA
LoadLibraryExW
FreeEnvironmentStringsW
lstrcatW
InitializeSListHead
InterlockedPopEntrySList
GetLocaleInfoW
SetStdHandle
GetTempPathA
GetCPInfo
LoadLibraryW
GetDiskFreeSpaceW
WriteFile
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
GetStringTypeW
GetFullPathNameA
SetEvent
LocalFree
FormatMessageW
ResumeThread
InterlockedPushEntrySList
CreateEventW
OutputDebugStringW
FindClose
TlsGetValue
MoveFileW
GetFullPathNameW
OutputDebugStringA
FreeLibraryAndExitThread
SetLastError
GetSystemTime
InitializeCriticalSection
CopyFileW
LoadResource
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
FlushViewOfFile
lstrcmpiW
WritePrivateProfileStructW
LoadLibraryExA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetPrivateProfileStructW
SetFilePointerEx
FlushInstructionCache
GetPrivateProfileStringW
FormatMessageA
SetFilePointer
LockFileEx
CreateThread
MoveFileExW
GlobalAddAtomA
CreateSemaphoreW
GetCurrentProcess
CreateMutexW
MulDiv
IsProcessorFeaturePresent
ExitThread
DecodePointer
SetEnvironmentVariableA
TerminateProcess
SetUnhandledExceptionFilter
GetModuleHandleExW
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
CreateToolhelp32Snapshot
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
lstrcmpiA
GetVersionExW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
FreeLibrary
UnlockFile
GetFileSize
GlobalDeleteAtom
OpenProcess
DeleteFileA
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetPrivateProfileIntW
GetProcessHeap
CreateFileMappingW
CompareStringW
lstrcpyW
lstrcmpA
FindFirstFileExA
FindNextFileW
HeapValidate
ResetEvent
GetTempFileNameA
CreateFileMappingA
FindFirstFileW
lstrcmpW
GlobalLock
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
SystemTimeToFileTime
LCMapStringW
UnmapViewOfFile
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
FindResourceW
GetTimeFormatW
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
Process32NextW
CreateProcessW
HeapCompact
WaitForSingleObjectEx
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
Process32FirstW
WritePrivateProfileStringW
lstrcpynW
RaiseException
ReleaseSemaphore
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
UnlockFileEx
GetACP
GetModuleHandleW
GetFileAttributesExW
CreateProcessA
IsValidCodePage
HeapCreate
GetTempPathW
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
LoadRegTypeLib
OleCreateFontIndirect
SafeArrayAccessData
SysStringLen
SysAllocStringLen
SafeArrayUnaccessData
VariantClear
SysAllocString
SafeArrayDestroy
SafeArrayCreate
DispCallFunc
VariantCopy
SafeArrayGetVartype
LoadTypeLib
SysFreeString
SafeArrayCopy
VariantInit
VarUI4FromStr
GetModuleFileNameExW
DragQueryFileW
SHBrowseForFolderW
SHFileOperationW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetDesktopFolder
Shell_NotifyIconW
SHGetMalloc
CommandLineToArgvW
PathCompactPathW
PathAppendW
PathRemoveFileSpecW
PathIsUNCW
StrStrIW
PathIsUNCServerShareW
PathFindExtensionW
PathGetDriveNumberW
PathCanonicalizeW
PathStripToRootW
PathIsRelativeW
PathBuildRootW
PathRemoveExtensionW
RedrawWindow
SetMenuDefaultItem
MoveWindow
DestroyMenu
PostQuitMessage
SetWindowPos
IsWindow
EndPaint
WindowFromPoint
CharUpperBuffW
SetMenuItemInfoW
SendMessageW
SetActiveWindow
GetMenuItemID
GetAsyncKeyState
CharLowerBuffW
LoadBitmapW
GetMenu
UnregisterClassW
GetClientRect
DefWindowProcW
DrawTextW
SetScrollPos
LoadImageW
GetUpdateRgn
GetWindowTextW
CopyAcceleratorTableW
GetWindowTextLengthW
LoadAcceleratorsW
InvalidateRgn
PtInRect
DrawEdge
GetClassInfoExW
UpdateWindow
GetPropW
EnumWindows
GetMessageW
ShowWindow
DrawFrameControl
SetPropW
ValidateRect
EnableWindow
SetWindowPlacement
GetDC
TranslateMessage
IsWindowEnabled
GetWindow
GetDlgItemInt
GetIconInfo
SetParent
SetClipboardData
GetWindowPlacement
DestroyWindow
SetWindowLongW
DrawMenuBar
IsIconic
TrackPopupMenuEx
GetSubMenu
SetTimer
IsDialogMessageW
FillRect
EnumThreadWindows
CopyRect
GetSysColorBrush
CreateWindowExW
ReleaseDC
GetWindowLongW
GetMenuItemInfoW
IsChild
SetFocus
RegisterWindowMessageW
GetMonitorInfoW
EmptyClipboard
BeginPaint
OffsetRect
SetCaretPos
GetScrollPos
KillTimer
CheckMenuRadioItem
MapWindowPoints
GetParent
GetSystemMetrics
EnableMenuItem
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
SendDlgItemMessageW
PostMessageW
CheckDlgButton
CreatePopupMenu
ShowCaret
DrawFocusRect
GetLastActivePopup
SetWindowTextW
GetDlgItem
RemovePropW
ClientToScreen
InsertMenuA
TrackPopupMenu
GetMenuItemCount
IsDlgButtonChecked
DestroyAcceleratorTable
SetDlgItemInt
LoadCursorW
LoadIconW
DispatchMessageW
InsertMenuW
SetForegroundWindow
OpenClipboard
GetCursorPos
CreateDialogIndirectParamW
DrawTextA
GetScrollInfo
HideCaret
CreateAcceleratorTableW
GetCapture
ScreenToClient
MessageBeep
RemoveMenu
DeferWindowPos
BeginDeferWindowPos
MessageBoxW
AppendMenuA
RegisterClassExW
SetDlgItemTextA
SetRectEmpty
AppendMenuW
GetWindowDC
AdjustWindowRectEx
GetSysColor
SetDlgItemTextW
SetScrollInfo
EndDeferWindowPos
IsWindowVisible
GetDesktopWindow
SystemParametersInfoW
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
InvalidateRect
AnimateWindow
wsprintfA
CharNextW
CallWindowProcW
GetClassNameW
ModifyMenuW
IsRectEmpty
IsMenu
GetFocus
wsprintfW
CloseClipboard
CheckMenuItem
TranslateAcceleratorW
SetCursor
InternetOpenUrlA
InternetReadFileExA
InternetReadFile
InternetCloseHandle
InternetOpenA
InternetGetConnectedState
InternetSetStatusCallbackA
ProgIDFromCLSID
OleLockRunning
CoCreateInstance
IIDFromString
CoTaskMemAlloc
CreateStreamOnHGlobal
CoCreateGuid
StringFromIID
CLSIDFromProgID
CoTaskMemRealloc
StgOpenStorage
StringFromGUID2
RevokeDragDrop
OleUninitialize
CoGetMalloc
CoTaskMemFree
OleInitialize
CLSIDFromString
RegisterDragDrop
CoGetClassObject
Number of PE resources by type
RT_ICON 10
RT_GROUP_ICON 3
RT_MENU 2
RT_BITMAP 2
RT_HTML 1
RT_MANIFEST 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 18
RUSSIAN 2
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.0.267.0

LanguageCode
Neutral

FileFlagsMask
0x001f

FileDescription
AbilityCash

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
434176

EntryPoint
0x18d855

OriginalFileName
AbilityCash.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2001-2015

FileVersion
3.0.267

TimeStamp
2016:11:07 13:30:46+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
AbilityCash

ProductVersion
3.0.267

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
1762816

ProductName
AbilityCash

ProductVersionNumber
3.0.267.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 8b0647ef2f6d7ce37a5b824d8fd27dce
SHA1 eefb8238343f60a8110219b3a43b172ce4ab1d76
SHA256 1f25ed95bb13545ca63dcb7d1ca6da3fb501fc9f510283d733344d8654be0720
ssdeep
49152:ShzCiCA2R8rU4GImRqvb+9O2uPgi/XqwDpCrSw:e/T28rU4GIUqvb+9O2uPgi/XqwUr

authentihash cc67dcdc2318b50b780eedd71b977870edc3922891aa087add99401bae124259
imphash 01280fb4b7cfd8679ce26f970bb2c569
Размер файла 2.1 MБ ( 2192896 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Windows ActiveX control (69.0%)
Win32 EXE PECompact compressed (generic) (24.6%)
Win32 Executable (generic) (2.6%)
OS/2 Executable (generic) (1.2%)
Generic Win/DOS Executable (1.1%)
Tags
peexe

VirusTotal metadata
First submission 2016-11-14 15:12:37 UTC (2 лет, 6 месяцев назад)
Last submission 2018-04-16 12:48:53 UTC (1 год, 1 месяц назад)
Имена файлов AbilityCash.exe
AbilityCash.exe
AbilityCash.exe
AbilityCash.exe
AbilityCash
AbilityCash.exe
AbilityCash.exe
AbilityCash.exe
AbilityCash.exe
AbilityCash.exe
AbilityCash.exe
AbilityCash 3.0.267.exe
AbilityCash.exe
AbilityCash.exe
AbilityCash Updater.exe
AbilityCash Updater.exe
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Opened mutexes
Runtime DLLs
UDP communications