× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: f4f113bf79cfc98e23aff28afb6e255f00854f78c48366f0ff6d882106099827
Имя файла: LSSender.exe
Показатель выявления: 5 / 67
Дата анализа: 2018-02-28 15:14:22 UTC (1 год, 2 месяцев назад)
Антивирус Результат Дата обновления
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9915 20180227
Bkav HW32.Packed.7F15 20180228
CrowdStrike Falcon (ML) malicious_confidence_80% (W) 20170201
Cylance Unsafe 20180228
SentinelOne (Static ML) static engine - malicious 20180225
Ad-Aware 20180228
AegisLab 20180228
AhnLab-V3 20180228
Alibaba 20180228
ALYac 20180228
Antiy-AVL 20180228
Arcabit 20180228
Avast 20180228
Avast-Mobile 20180228
AVG 20180228
Avira (no cloud) 20180228
AVware 20180228
BitDefender 20180228
CAT-QuickHeal 20180228
ClamAV 20180227
CMC 20180228
Comodo 20180228
Cybereason 20180225
Cyren 20180228
DrWeb 20180228
eGambit 20180228
Emsisoft 20180228
Endgame 20180223
ESET-NOD32 20180228
F-Prot 20180228
F-Secure 20180228
Fortinet 20180228
GData 20180228
Ikarus 20180228
Sophos ML 20180121
Jiangmin 20180228
K7AntiVirus 20180228
K7GW 20180228
Kaspersky 20180228
Kingsoft 20180228
Malwarebytes 20180228
MAX 20180228
McAfee 20180228
McAfee-GW-Edition 20180228
Microsoft 20180228
eScan 20180228
NANO-Antivirus 20180228
nProtect 20180228
Palo Alto Networks (Known Signatures) 20180228
Panda 20180228
Qihoo-360 20180228
Rising 20180228
Sophos AV 20180228
SUPERAntiSpyware 20180228
Symantec 20180228
Symantec Mobile Insight 20180220
Tencent 20180228
TheHacker 20180225
TrendMicro 20180228
TrendMicro-HouseCall 20180228
Trustlook 20180228
VBA32 20180228
VIPRE 20180228
ViRobot 20180228
Webroot 20180228
WhiteArmor 20180223
Yandex 20180228
Zillya 20180228
ZoneAlarm by Check Point 20180228
Zoner 20180228
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product L.S.Sender
Original name LSSender.exe
File version 3.2.0.943
Description L.S.Sender - Программа для пиара в социальных сетях.
ReversingLabs Taggant packer details
Validity
Valid taggant block

Full file hash
Valid

PKI chain
Valid

Packer Enigma Protector (5.90.0)
User
Validity Valid
Serial Number 6B17FF8A414573EE4BF744F15A468E84
SPV
Validity Valid
Serial Number 25AD5AE68C38AD1021086F4FFC8BA470
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-02-24 20:05:53
Entry Point 0x042EEDC8
Number of sections 15
PE sections
PE imports
RegCloseKey
FlatSB_SetScrollInfo
ChooseFontW
CreateFontA
GetProcAddress
GetModuleHandleA
ExitProcess
LoadLibraryA
NetWkstaGetInfo
IsEqualGUID
LresultFromObject
SysFreeString
ShellExecuteA
MessageBoxA
GetFileVersionInfoA
sndPlaySoundW
DocumentPropertiesW
PE exports
Number of PE resources by type
RT_STRING 52
RT_BITMAP 33
RT_RCDATA 18
RT_ICON 9
RT_GROUP_CURSOR 8
RT_CURSOR 8
RT_DIALOG 2
MAD 2
RT_MANIFEST 1
VCLSTYLE 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 84
ENGLISH US 52
PE resources
ExifTool file metadata
SubsystemVersion
5.0

InitializedDataSize
22127486

ImageVersion
0.0

ProductName
L.S.Sender

FileVersionNumber
3.2.0.943

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
2.25

FileTypeExtension
exe

OriginalFileName
LSSender.exe

MIMEType
application/octet-stream

FileVersion
3.2.0.943

TimeStamp
2018:02:24 21:05:53+01:00

FileType
Win32 EXE

PEType
PE32

ProgramID
com.embarcadero.LSSender

ProductVersion
3.0.0.0

FileDescription
L.S.Sender - .

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Piaro

CodeSize
6673408

FileSubtype
0

ProductVersionNumber
3.0.0.0

EntryPoint
0x42eedc8

ObjectFileType
Executable application

File identification
MD5 d3e64aaf8370e69c6337420dfdb6a676
SHA1 466b6624ebf20aa00ab5b06ccabcae5931fc24f5
SHA256 f4f113bf79cfc98e23aff28afb6e255f00854f78c48366f0ff6d882106099827
ssdeep
393216:TWqhjKwF4NwG5Z5Hrj59cskBek5VPs3ZYZA+mJxGXx8uSZjf:TWseKG5ZJxaA6BsWD6xGXXSZL

authentihash 96e5076b28588ff14bd55049511ec046f48cab85a11e232dc1f3e43db827133a
imphash 460b70a9789e96fb63c5a19a6f8742a2
Размер файла 17.5 MБ ( 18350080 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2018-02-28 12:54:12 UTC (1 год, 2 месяцев назад)
Last submission 2018-02-28 15:14:22 UTC (1 год, 2 месяцев назад)
Имена файлов LSSender.exe
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Deleted files
Created mutexes
Searched windows
Hooking activity
Runtime DLLs
Additional details
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.