× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 9b22f22d3870c22f2196c6db449cee91e1e17c39563086a1b07ef047a908cfa6
Имя файла: btc_mpress.exe
Показатель выявления: 15 / 51
Дата анализа: 2014-06-07 19:47:02 UTC (4 лет назад) Показать последний анализ
Антивирус Результат Дата обновления
Ad-Aware Gen:Trojan.Heur.GM.0500050002 20140607
BitDefender Gen:Trojan.Heur.GM.0500050002 20140607
Bkav HW32.CDB.8fc8 20140606
ByteHero Virus.Win32.Heur.l 20140607
CMC Trojan.Win32.VBKrypt!O 20140607
Emsisoft Gen:Trojan.Heur.GM.0500050002 (B) 20140607
F-Secure Gen:Trojan.Heur.GM.0500050002 20140607
GData Gen:Trojan.Heur.GM.0500050002 20140607
K7AntiVirus Trojan ( 0040f5751 ) 20140606
K7GW Trojan ( 0040f5751 ) 20140606
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Suspicious-BAY.G 20140607
eScan Gen:Trojan.Heur.GM.0500050002 20140607
Qihoo-360 Malware.QVM18.Gen 20140607
TrendMicro PAK_Generic.001 20140607
TrendMicro-HouseCall PAK_Generic.001 20140607
AegisLab 20140607
Yandex 20140607
AhnLab-V3 20140607
AntiVir 20140607
Antiy-AVL 20140607
Avast 20140607
AVG 20140607
Baidu-International 20140607
CAT-QuickHeal 20140607
ClamAV 20140607
Commtouch 20140607
Comodo 20140607
DrWeb 20140607
ESET-NOD32 20140607
F-Prot 20140607
Fortinet 20140607
Ikarus 20140607
Kaspersky 20140607
Kingsoft 20140607
Malwarebytes 20140607
McAfee 20140607
Microsoft 20140607
NANO-Antivirus 20140607
Norman 20140607
nProtect 20140605
Panda 20140607
Rising 20140607
Sophos AV 20140607
SUPERAntiSpyware 20140607
Symantec 20140607
Tencent 20140607
TheHacker 20140606
TotalDefense 20140607
VBA32 20140607
VIPRE 20140607
ViRobot 20140607
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x0003A2EA
Number of sections 3
PE sections
PE imports
GetProcAddress
GetModuleHandleA
RegCloseKey
InitCommonControls
ChooseFontA
SaveDC
VariantClear
ShellExecuteA
LoadStringA
InternetOpenA
timeSetEvent
Number of PE resources by type
RT_ICON 2
RT_STRING 2
RT_RCDATA 2
Struct(100) 1
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
RUSSIAN 4
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
119296

LinkerVersion
2.25

EntryPoint
0x3a2ea

InitializedDataSize
91648

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
1.0

UninitializedDataSize
0

File identification
MD5 79b3342c1b62e8580a63aeefdb1404a2
SHA1 759e14bc48fc757c9c55faec64dc8facefc63e8e
SHA256 9b22f22d3870c22f2196c6db449cee91e1e17c39563086a1b07ef047a908cfa6
ssdeep
1536:8oLzFL+dCloUa6DqKcxgZs8kgHJxDRuMVoVdvfzoz6+KWT3LsZrGuwaAMs:xwnUaeqHGBxDRxoVdvfzozzgZrGuuM

authentihash bbcfa1ea224dcee9d49f2d8fb26f16a8d80599cc6f9015884a62901faf4aeb2c
imphash 96b0c36392630cb6f8c0a0ceee85987e
Размер файла 101.0 KБ ( 103424 bytes )
Тип файла Win32 EXE
Описание
MS-DOS executable, MZ for MS-DOS

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2014-06-07 19:47:02 UTC (4 лет назад)
Last submission 2015-03-03 01:25:54 UTC (3 лет, 3 месяцев назад)
Имена файлов 9B22F22D3870C22F2196C6DB449CEE91E1E17C39563086A1B07EF047A908CFA6
btc_mpress.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
HTTP requests
DNS requests
TCP connections