× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 220ede388efa022597093e4ef9886747b9648d86ced7422cf789baae0ee5030b
Имя файла: 3proxy.exe
Показатель выявления: 3 / 57
Дата анализа: 2016-09-22 22:36:58 UTC (2 лет, 1 месяц назад) Показать последний анализ
Антивирус Результат Дата обновления
ClamAV Win.Trojan.Dotconta-1 20160922
Cyren W32/SelfStarterInternetTrojan!M 20160922
F-Prot W32/SelfStarterInternetTrojan!M 20160922
Ad-Aware 20160922
AegisLab 20160922
AhnLab-V3 20160922
Alibaba 20160922
ALYac 20160922
Antiy-AVL 20160922
Arcabit 20160922
Avast 20160922
AVG 20160922
Avira (no cloud) 20160922
AVware 20160922
Baidu 20160922
BitDefender 20160922
Bkav 20160922
CAT-QuickHeal 20160922
CMC 20160921
Comodo 20160922
CrowdStrike Falcon (ML) 20160725
DrWeb 20160922
Emsisoft 20160922
ESET-NOD32 20160922
F-Secure 20160922
Fortinet 20160922
GData 20160922
Ikarus 20160922
Sophos ML 20160917
Jiangmin 20160922
K7AntiVirus 20160922
K7GW 20160922
Kaspersky 20160922
Kingsoft 20160922
Malwarebytes 20160922
McAfee 20160922
McAfee-GW-Edition 20160922
Microsoft 20160922
eScan 20160922
NANO-Antivirus 20160922
nProtect 20160922
Panda 20160922
Qihoo-360 20160922
Rising 20160922
Sophos AV 20160922
SUPERAntiSpyware 20160922
Symantec 20160922
Tencent 20160922
TheHacker 20160922
TrendMicro 20160922
TrendMicro-HouseCall 20160922
VBA32 20160922
VIPRE 20160922
ViRobot 20160922
Yandex 20160921
Zillya 20160922
Zoner 20160922
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2002-2016 Vladimir Dubrovin

Product 3proxy
Original name 3proxy.exe
Internal name 3proxy
File version 0.8.7
Description 3proxy - tiny proxy server
Comments 3proxy - tiny proxy server, http://3proxy.ru/
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-09-04 13:20:50
Entry Point 0x0001C6A0
Number of sections 5
PE sections
PE imports
StartServiceCtrlDispatcherA
OpenServiceA
SetServiceStatus
CreateServiceA
RegSetValueExA
StartServiceA
RegDeleteValueA
DeleteService
RegOpenKeyExA
OpenSCManagerA
RegisterServiceCtrlHandlerA
GetLastError
ReadConsoleInputA
GetStdHandle
DosDateTimeToFileTime
WriteConsoleA
ReadFile
LoadLibraryA
LocalFileTimeToFileTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
EnterCriticalSection
ExitProcess
TlsAlloc
GetVersionExA
FlushFileBuffers
GetModuleFileNameA
GetCommandLineW
GetACP
GetLocalTime
DeleteCriticalSection
FileTimeToDosDateTime
GetCurrentDirectoryA
GetConsoleMode
SetConsoleCtrlHandler
GetCurrentProcessId
DeleteFileA
CreateThread
UnhandledExceptionFilter
MultiByteToWideChar
GetCommandLineA
GetProcAddress
SetEnvironmentVariableA
GetFileType
SetStdHandle
SetFilePointer
GetCPInfo
GetModuleFileNameW
TlsFree
GetModuleHandleA
FindFirstFileA
SetUnhandledExceptionFilter
WriteFile
CloseHandle
FreeConsole
ExitThread
SearchPathA
GetVersion
FileTimeToLocalFileTime
GetFullPathNameA
GetExitCodeProcess
ResumeThread
CreateProcessA
GetTimeZoneInformation
WideCharToMultiByte
InitializeCriticalSection
SetConsoleMode
SetLastError
VirtualQuery
VirtualFree
CreateEventA
FindClose
TlsGetValue
Sleep
FormatMessageA
SetEndOfFile
TlsSetValue
CreateFileA
GetTickCount
GetCurrentThreadId
VirtualAlloc
GetOEMCP
LeaveCriticalSection
MessageBoxA
CharUpperA
WSASocketA
htonl
shutdown
accept
ioctlsocket
WSAStartup
connect
getsockname
htons
WSAGetLastError
gethostname
getsockopt
closesocket
ntohl
send
ntohs
select
listen
__WSAFDIsSet
gethostbyname
getpeername
recv
setsockopt
socket
bind
recvfrom
sendto
Number of PE resources by type
RT_ICON 4
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 6
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
3proxy - tiny proxy server, http://3proxy.ru/

LinkerVersion
2.18

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.8.7.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
3proxy - tiny proxy server

CharacterSet
Windows, Latin1

InitializedDataSize
30720

EntryPoint
0x1c6a0

OriginalFileName
3proxy.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2002-2016 Vladimir Dubrovin

FileVersion
0.8.7

TimeStamp
2016:09:04 14:20:50+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
3proxy

ProductVersion
0.8.7

UninitializedDataSize
0

OSVersion
1.11

FileOS
Unknown (0)

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Vladimir Dubrovin

CodeSize
159232

ProductName
3proxy

ProductVersionNumber
0.8.7.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 b0f5d44dc0a3e5e715f6f808107a88f4
SHA1 eab50b3dbf6dc051d95d3616d46c764832e40000
SHA256 220ede388efa022597093e4ef9886747b9648d86ced7422cf789baae0ee5030b
ssdeep
6144:B4If52hs3XRWr7HrpQX0hLEA/de0FdN6IU4c9+B5g:2A5FS7HdxL/bFX6Ew+B5g

authentihash 5bd12c95d24647135f83b780c4640a7d8f093d9a591b638bc81649fd7fc51335
imphash 1f2ffd7a7b2bacfa1895cb7e0dda85de
Размер файла 220.5 KБ ( 225792 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win16/32 Executable Delphi generic (34.1%)
Generic Win/DOS Executable (32.9%)
DOS Executable Generic (32.9%)
Tags
peexe

VirusTotal metadata
First submission 2016-09-17 13:31:04 UTC (2 лет, 2 месяцев назад)
Last submission 2016-12-27 06:34:35 UTC (1 год, 10 месяцев назад)
Имена файлов 3proxy.exe
3proxy
3proxy.exe
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
UDP communications