× Çerezler devre dışı bırakılmış! Bu sitenin düzgün bir şekilde çalışabilmesi için çerezlerin açık olması gerekir.
SHA256: 3861bf61bd90055da2977bec2dcdeb0a1946c8abca0b2ffbda6bc09020b7b7bd
Dosya adı: Wod-Hack Hacker Eğitim Setiv5.0.exe
Tespit edilme orani 2 / 54
Analiz tarihi: 2015-12-15 16:15:27 UTC ( 2 yıl, 11 ay önce) En sonuncusunu görüntüle
Antivirus Sonuç Güncelle
Ikarus Trojan.Win32.Veediem 20151215
Qihoo-360 HEUR/QVM41.1.Malware.Gen 20151215
Ad-Aware 20151215
AegisLab 20151215
Yandex 20151214
AhnLab-V3 20151215
Alibaba 20151208
ALYac 20151215
Antiy-AVL 20151215
Arcabit 20151215
Avast 20151215
AVG 20151215
AVware 20151215
Baidu-International 20151215
BitDefender 20151215
Bkav 20151215
ByteHero 20151215
CAT-QuickHeal 20151215
ClamAV 20151215
CMC 20151215
Comodo 20151215
Cyren 20151215
DrWeb 20151215
Emsisoft 20151215
ESET-NOD32 20151215
F-Prot 20151215
F-Secure 20151215
Fortinet 20151215
GData 20151215
Jiangmin 20151214
K7AntiVirus 20151215
K7GW 20151215
Kaspersky 20151215
Malwarebytes 20151215
McAfee 20151215
McAfee-GW-Edition 20151215
Microsoft 20151215
eScan 20151215
NANO-Antivirus 20151215
nProtect 20151215
Panda 20151213
Rising 20151215
Sophos AV 20151215
SUPERAntiSpyware 20151215
Symantec 20151215
Tencent 20151215
TheHacker 20151215
TrendMicro 20151215
TrendMicro-HouseCall 20151215
VBA32 20151215
VIPRE 20151215
ViRobot 20151215
Zillya 20151214
Zoner 20151215
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT RAR, UTF-8
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-08-27 16:40:54
Entry Point 0x0001D62B
Number of sections 4
PE sections
Overlays
MD5 711990a557c1615fc6fd5506cc73d267
File type data
Offset 211456
Size 2624743
Entropy 8.00
PE imports
RegCreateKeyExW
RegCloseKey
OpenProcessToken
RegSetValueExW
RegOpenKeyExW
SetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControlsEx
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
GetDeviceCaps
DeleteDC
SelectObject
StretchBlt
GetObjectW
CreateDIBSection
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
WaitForSingleObject
GetFileAttributesW
SystemTimeToTzSpecificLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
OpenFileMappingW
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
GetStringTypeA
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
InitializeCriticalSection
FindClose
InterlockedDecrement
MoveFileW
SetFileAttributesW
SetLastError
GetSystemTime
DeviceIoControl
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
SetThreadPriority
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
SetFilePointer
GetFullPathNameW
CreateThread
SetEnvironmentVariableW
MoveFileExW
SetUnhandledExceptionFilter
TzSpecificLocalTimeToSystemTime
TerminateProcess
CreateSemaphoreW
WriteConsoleA
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
GetNumberFormatW
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetVersionExW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
FreeLibrary
GetStartupInfoA
GetDateFormatW
SetEvent
DeleteFileW
GetProcAddress
CreateFileMappingW
CompareStringW
WriteFile
RemoveDirectoryW
ExpandEnvironmentStringsW
FindNextFileW
CreateDirectoryW
ResetEvent
FindFirstFileW
GetProcessAffinityMask
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
LCMapStringW
GetShortPathNameW
HeapCreate
GetConsoleCP
LCMapStringA
GetTimeFormatW
GetEnvironmentStringsW
IsDBCSLeadByte
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
RaiseException
ReleaseSemaphore
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetLongPathNameW
IsValidCodePage
UnmapViewOfFile
FindResourceW
VirtualFree
Sleep
VirtualAlloc
CreateHardLinkW
VariantInit
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
SHAutoComplete
MapWindowPoints
SetFocus
GetParent
UpdateWindow
EndDialog
LoadBitmapW
SetWindowTextW
DefWindowProcW
GetWindowTextW
GetMessageW
ShowWindow
SetWindowPos
wvsprintfW
GetSystemMetrics
SetWindowLongW
IsWindow
SendMessageW
GetWindowRect
EnableWindow
DialogBoxParamW
SendDlgItemMessageW
GetDlgItemTextW
PostMessageW
GetSysColor
SetDlgItemTextW
GetDC
GetWindowLongW
ReleaseDC
DestroyIcon
TranslateMessage
IsWindowVisible
LoadStringW
GetClientRect
GetDlgItem
GetWindow
MessageBoxW
DispatchMessageW
PeekMessageW
GetClassNameW
CopyRect
WaitForInputIdle
OemToCharBuffA
LoadCursorW
LoadIconW
FindWindowExW
CreateWindowExW
RegisterClassExW
SetForegroundWindow
DestroyWindow
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromString
OleInitialize
OleUninitialize
Number of PE resources by type
RT_STRING 9
RT_DIALOG 6
RT_ICON 4
RT_MANIFEST 1
RT_BITMAP 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 22
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

SubsystemVersion
5.0

MachineType
Intel 386 or later, and compatibles

TimeStamp
2014:08:27 17:40:54+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
165888

LinkerVersion
9.0

FileTypeExtension
exe

InitializedDataSize
176640

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x1d62b

OSVersion
5.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 44b9484957368a32a22c9ccaa358c8f0
SHA1 0937c6706e3a5ac928f2e46fa27d24dfcf9ce6ff
SHA256 3861bf61bd90055da2977bec2dcdeb0a1946c8abca0b2ffbda6bc09020b7b7bd
ssdeep
49152:qJKbYRd7QbdtJMByj+k9cIgF1HeUcqtYN9q5DaeyAjrYZoXTztv2B:Wn37QbdtJJhcPxcqWXq5DaeymYaS

authentihash 8a1beaad4f14bf7bf4ede064bff9a56c9e5dbd91d8e75896bc16f0b01d72cc22
imphash ffca4b8182ebb8822b4187a5e1e23e14
Dosya boyutu 2.7 MB ( 2836199 bytes )
Dosya türü Win32 EXE
Magic lafzı
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-12-15 16:15:27 UTC ( 2 yıl, 11 ay önce)
Last submission 2018-09-04 20:30:50 UTC ( 2 ay, 1 hafta önce)
Dosya isimleri Wod-Hack Hacker Eğitim Setiv5.0.exe
Wod-Hack Hacker Eğitim Setiv5.0.exe
EN6RT0hXK0Uuwo0EwyyOINzoFpeBzYQlowfAtyG0B_a7mfOPfn3jcVL8Aq-9EYZEvbfmXhIjcrbpjvkJ_070qg==
Yorum yok.. Henüz hiçbir VirusTotal Topluluğu üyesi bu öğeye yorum yapmadı.Bunu yapan ilk sen ol!

Yorum ekleyin...

?
Yorumu gönder.

Üye girişi yapmadınız..Sadece kayıtlı kullanıcılar yorum yapabilir.Sesinizi duyurmak için giriş yapın.

Oy yok.. Bu öğeyi daha önce hiç kimse oylamadı.Bunu yapan ilk sen ol!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs