× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 8122f13a8dee5469dc3288c888c9e8cf1a38d4b9347dc426e909c8de1bb67948
Имя файла: METAFORA.exe
Показатель выявления: 2 / 55
Дата анализа: 2016-01-14 15:01:14 UTC (1 год, 8 месяцев назад)
Антивирус Результат Дата обновления
Ikarus Hoax.Win32.ArchSMS 20160114
McAfee-GW-Edition BehavesLike.Win32.Generic.vh 20160114
Ad-Aware 20160114
AegisLab 20160114
Yandex 20160113
AhnLab-V3 20160114
Alibaba 20160114
ALYac 20160114
Antiy-AVL 20160114
Arcabit 20160114
Avast 20160114
AVG 20160114
Avira (no cloud) 20160114
AVware 20160111
Baidu-International 20160114
BitDefender 20160114
Bkav 20160114
ByteHero 20160114
CAT-QuickHeal 20160114
ClamAV 20160113
CMC 20160111
Comodo 20160113
Cyren 20160114
DrWeb 20160114
Emsisoft 20160114
ESET-NOD32 20160114
F-Prot 20160114
F-Secure 20160114
Fortinet 20160114
GData 20160114
Jiangmin 20160114
K7AntiVirus 20160114
K7GW 20160114
Kaspersky 20160114
Malwarebytes 20160114
McAfee 20160114
Microsoft 20160114
eScan 20160114
NANO-Antivirus 20160114
nProtect 20160113
Panda 20160113
Qihoo-360 20160114
Rising 20160114
Sophos AV 20160114
SUPERAntiSpyware 20160114
Symantec 20160113
Tencent 20160114
TheHacker 20160114
TrendMicro 20160114
TrendMicro-HouseCall 20160114
VBA32 20160113
VIPRE 20160114
ViRobot 20160114
Zillya 20160114
Zoner 20160114
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-01-14 09:53:01
Entry Point 0x00001EF0
Number of sections 9
PE sections
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegRestoreKeyW
RegSetValueExW
RegUnLoadKeyW
RegQueryInfoKeyW
RegConnectRegistryW
RegEnumKeyExW
RegOpenKeyExW
RegSaveKeyW
RegFlushKey
RegReplaceKeyW
RegEnumValueW
RegDeleteKeyW
RegQueryValueExW
RegLoadKeyW
ImageList_BeginDrag
ImageList_SetBkColor
ImageList_GetImageInfo
FlatSB_SetScrollInfo
ImageList_SetImageCount
Ord(17)
FlatSB_GetScrollInfo
ImageList_DragMove
FlatSB_SetScrollProp
ImageList_Remove
ImageList_GetDragImage
ImageList_DrawEx
ImageList_SetIconSize
ImageList_Write
ImageList_GetImageCount
ImageList_Replace
ImageList_SetOverlayImage
ImageList_Destroy
_TrackMouseEvent
ImageList_Draw
ImageList_GetIconSize
ImageList_DragLeave
ImageList_GetBkColor
ImageList_GetIcon
FlatSB_SetScrollPos
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_Add
InitializeFlatSB
FlatSB_GetScrollPos
ImageList_DragShowNolock
ImageList_Create
ImageList_Read
ImageList_Copy
ImageList_LoadImageW
ImageList_EndDrag
ChooseFontW
GetSaveFileNameW
GetOpenFileNameW
PrintDlgW
ChooseColorW
SetDIBits
SetMetaRgn
GetTextMetricsW
SetMapMode
GetWindowOrgEx
ResizePalette
GetPaletteEntries
CombineRgn
CopyEnhMetaFileW
SetPixel
EndDoc
IntersectClipRect
AngleArc
GetTextExtentPointW
CreatePalette
CreateDIBitmap
GetDIBits
GetEnhMetaFileBits
StretchBlt
StretchDIBits
ArcTo
Pie
Arc
ExtCreatePen
SetBkColor
ResetDCW
GetDIBColorTable
DeleteEnhMetaFile
CreateFontIndirectW
SetStretchBltMode
EnumFontsW
GetCurrentPositionEx
LPtoDP
GetBitmapBits
GetBrushOrgEx
ExcludeClipRect
TranslateCharsetInfo
SetBkMode
BitBlt
CreateEnhMetaFileW
SetAbortProc
FrameRgn
CreateBrushIndirect
SelectPalette
SetWinMetaFileBits
StartDocW
CloseEnhMetaFile
SetROP2
EndPage
GetNearestPaletteIndex
SetDIBColorTable
EnumEnhMetaFile
DeleteObject
CreatePenIndirect
PatBlt
CreatePen
GetClipBox
Rectangle
GetDeviceCaps
LineTo
DeleteDC
SetEnhMetaFileBits
GetSystemPaletteEntries
StartPage
GetObjectW
CreateDCW
RealizePalette
CreateHatchBrush
ExtTextOutW
CreateBitmap
RectVisible
GetStockObject
PlayEnhMetaFile
ExtTextOutA
UnrealizeObject
GdiFlush
SelectClipRgn
RoundRect
GetWinMetaFileBits
GetEnhMetaFileDescriptionW
GetEnhMetaFileHeader
SetWindowOrgEx
SelectObject
GetTextExtentPoint32W
Polygon
CreateHalftonePalette
GetRgnBox
SaveDC
CreateICW
MaskBlt
GetEnhMetaFilePaletteEntries
GetTextExtentExPointA
RestoreDC
GetPixel
GetTextExtentExPointW
CreateDIBSection
SetTextColor
ExtFloodFill
MoveToEx
EnumFontFamiliesExW
SetViewportOrgEx
CreateRoundRectRgn
CreateCompatibleDC
PolyBezierTo
PolyBezier
Chord
SetBrushOrgEx
CreateRectRgn
GetClipRgn
CreateCompatibleBitmap
CreateSolidBrush
Polyline
AbortDoc
Ellipse
SetThreadLocale
GetStdHandle
FileTimeToDosDateTime
GetFileAttributesA
SetEvent
HeapAlloc
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
LocalAlloc
UnhandledExceptionFilter
SetErrorMode
GetLocaleInfoW
IsDBCSLeadByteEx
GetCPInfo
lstrcmpiA
GetStringTypeA
GetDiskFreeSpaceW
InterlockedExchange
GetTempPathW
WaitForSingleObject
GetStringTypeW
ResumeThread
GetOEMCP
LocalFree
FormatMessageW
GetThreadPriority
GetTimeZoneInformation
LoadResource
GetLogicalDriveStringsW
FindClose
InterlockedDecrement
QueryDosDeviceW
MoveFileW
GetFullPathNameW
VirtualQueryEx
WritePrivateProfileStringW
GetEnvironmentVariableW
SetLastError
GetUserDefaultUILanguage
InitializeCriticalSection
GlobalFindAtomW
lstrcpynW
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
ExitProcess
FlushFileBuffers
SwitchToThread
GetModuleFileNameA
InterlockedExchangeAdd
SetConsoleCtrlHandler
EnumSystemLocalesW
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetPrivateProfileStringW
SetFilePointer
SetFileAttributesW
GlobalAddAtomW
CreateThread
GetSystemDefaultUILanguage
GetExitCodeThread
MulDiv
ExitThread
WaitForMultipleObjectsEx
GlobalMemoryStatus
SetCurrentDirectoryW
GlobalAlloc
GetDiskFreeSpaceExW
SetEndOfFile
GetVersion
LeaveCriticalSection
SleepEx
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GlobalSize
GetStartupInfoA
UnlockFile
GetFileSize
GlobalDeleteAtom
DeleteFileA
GetDateFormatW
GetStartupInfoW
DeleteFileW
GetUserDefaultLCID
GetProcessHeap
GetTempFileNameW
GetComputerNameW
GetProfileStringW
CompareStringW
WriteFile
RemoveDirectoryW
FindNextFileW
CompareStringA
FindFirstFileW
IsValidLocale
lstrcmpW
GetProcAddress
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
GetCurrentThreadId
InterlockedIncrement
GetLastError
CreateFileMappingW
GetSystemInfo
GlobalFree
LCMapStringA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
IsDBCSLeadByte
LockFile
lstrlenW
GetCPInfoExW
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCommandLineW
WideCharToMultiByte
InterlockedCompareExchange
GetCurrentThread
SuspendThread
GetSystemDefaultLangID
RaiseException
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GlobalLock
GetModuleHandleW
FreeResource
FileTimeToLocalFileTime
TlsGetValue
UnmapViewOfFile
FindResourceW
VirtualQuery
VirtualFree
Sleep
SetThreadPriority
VirtualAlloc
ResetEvent
AlphaBlend
OleUninitialize
CLSIDFromProgID
CoInitialize
CoTaskMemAlloc
CoCreateGuid
CoCreateInstance
StringFromCLSID
CoUninitialize
IsEqualGUID
CoTaskMemFree
CLSIDFromString
OleInitialize
VariantChangeType
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayPtrOfIndex
SysAllocStringLen
SafeArrayUnaccessData
VariantCopyInd
VariantClear
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
SafeArrayRedim
GetErrorInfo
SysFreeString
SafeArrayPutElement
VariantInit
ShellExecuteW
RedrawWindow
GetForegroundWindow
SetWindowRgn
DrawTextW
EnableScrollBar
DestroyMenu
PostQuitMessage
GetMessagePos
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
ScrollWindowEx
CharUpperBuffA
WindowFromPoint
PeekMessageA
CharUpperBuffW
SetMenuItemInfoW
SendMessageW
SetActiveWindow
GetDC
GetCursorPos
CharLowerBuffW
LoadBitmapW
DefFrameProcW
EndMenu
SendMessageA
UnregisterClassW
GetClassInfoW
DefWindowProcW
CharLowerBuffA
SetScrollPos
CallNextHookEx
MsgWaitForMultipleObjectsEx
GetClientRect
TrackPopupMenu
GetActiveWindow
OpenClipboard
GetWindowTextW
MsgWaitForMultipleObjects
GetTopWindow
GetWindowTextA
GetMenuItemID
DestroyWindow
DrawEdge
GetParent
UpdateWindow
GetPropW
SetClassLongW
EnumWindows
ShowWindow
DrawFrameControl
SetPropW
EnumDisplayMonitors
PeekMessageW
SetWindowsHookExW
EnableWindow
SetWindowPlacement
CharUpperW
LoadIconW
ChildWindowFromPoint
TranslateMessage
IsWindowEnabled
GetWindow
ActivateKeyboardLayout
SetClipboardData
GetIconInfo
SetParent
RegisterClassW
ScrollWindow
IsZoomed
GetWindowPlacement
LoadStringW
SetWindowLongW
GetKeyboardLayoutList
DrawMenuBar
EnableMenuItem
DrawFocusRect
GetDCEx
GetKeyboardLayout
FillRect
EnumThreadWindows
MonitorFromPoint
CreateAcceleratorTableW
GetSysColorBrush
IsWindowUnicode
CreateWindowExW
GetWindowLongW
GetMenuItemInfoW
IsChild
IsDialogMessageA
MapWindowPoints
RegisterWindowMessageW
GetMonitorInfoW
ReleaseCapture
BeginPaint
OffsetRect
DefMDIChildProcW
GetScrollPos
CopyIcon
GetKeyboardLayoutNameW
KillTimer
MapVirtualKeyW
SetTimer
GetClipboardData
GetSystemMetrics
IsIconic
SetScrollRange
GetWindowRect
InflateRect
SetCapture
DrawIcon
EnumChildWindows
GetScrollRange
GetMessageExtraInfo
CharLowerW
ShowOwnedPopups
SendDlgItemMessageW
PostMessageW
InvalidateRect
WaitMessage
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetClassLongW
GetLastActivePopup
PtInRect
DrawIconEx
SetWindowTextW
CreateMenu
GetDlgItem
RemovePropW
ClientToScreen
GetKeyboardState
GetMenuItemCount
GetMenuState
IsDialogMessageW
LoadCursorW
GetSystemMenu
FindWindowExW
DispatchMessageW
InsertMenuW
SetForegroundWindow
SetFocus
GetMenuStringW
EmptyClipboard
ReleaseDC
DrawTextExW
GetScrollInfo
FindWindowW
GetCapture
ScreenToClient
MessageBeep
RemoveMenu
GetWindowThreadProcessId
ShowScrollBar
MessageBoxW
GetMenu
MonitorFromRect
SetMenu
MoveWindow
LoadKeyboardLayoutW
MessageBoxA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
RegisterClipboardFormatW
SetScrollInfo
GetKeyState
GetDoubleClickTime
DestroyIcon
IsWindowVisible
GetDesktopWindow
SetCursorPos
SystemParametersInfoW
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
GetKeyNameTextW
wsprintfA
CharNextW
CallWindowProcW
GetClassNameW
TranslateMDISysAccel
CreateIcon
GetCursor
GetFocus
InsertMenuItemW
CloseClipboard
UnhookWindowsHookEx
SetCursor
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
DeviceCapabilitiesW
EndPagePrinter
StartPagePrinter
DocumentPropertiesW
StartDocPrinterW
Ord(203)
EnumPrintersW
WritePrinter
EndDocPrinter
ClosePrinter
OpenPrinterW
PE exports
Number of PE resources by type
RT_STRING 38
RT_BITMAP 24
RT_RCDATA 15
RT_GROUP_CURSOR 10
RT_CURSOR 10
RT_ICON 5
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 54
ENGLISH US 35
RUSSIAN 15
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2016:01:14 10:53:01+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
4210688

LinkerVersion
5.0

EntryPoint
0x1ef0

InitializedDataSize
503808

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 afd916f9fd1aa26133de3c6f9df7de74
SHA1 499cf626b794788b1bb95feea428346e7841e612
SHA256 8122f13a8dee5469dc3288c888c9e8cf1a38d4b9347dc426e909c8de1bb67948
ssdeep
98304:gRHilmOXGCMon5LfTUI1Iu3x1PLkQeTzvQPjrKH:Xlj2Zaf4IJDu/GrKH

authentihash 35bf3f299c42a548c87684db382c75537f4e263799534e46c66b56fd4bae69a8
imphash 081f0523b8bb63fc06290935ff518751
Размер файла 6.3 MБ ( 6639104 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Windows screen saver (60.5%)
Win32 Executable (generic) (20.8%)
Generic Win/DOS Executable (9.2%)
DOS Executable Generic (9.2%)
VXD Driver (0.1%)
Tags
peexe

VirusTotal metadata
First submission 2016-01-14 15:01:14 UTC (1 год, 8 месяцев назад)
Last submission 2016-01-14 15:01:14 UTC (1 год, 8 месяцев назад)
Имена файлов METAFORA.exe
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Runtime DLLs
UDP communications