× Çerezler devre dışı bırakılmış! Bu sitenin düzgün bir şekilde çalışabilmesi için çerezlerin açık olması gerekir.
SHA256: e47e1831c88aaead059c7254e5586dceba6db041b488ff531f972a40a31cf3c2
Dosya adı: eyup.exe
Tespit edilme orani 36 / 56
Analiz tarihi: 2015-09-11 17:47:13 UTC ( 2 yıl önce)
Antivirus Sonuç Güncelle
Ad-Aware Gen:Variant.Zusy.Elzob.8031 20150911
Yandex Trojan.Rosena.Gen.1 20150911
AhnLab-V3 Trojan/Win32.Shell 20150911
ALYac Gen:Variant.Zusy.Elzob.8031 20150911
Arcabit Trojan.Zusy.Elzob.D1F5F 20150911
Avast Win32:SwPatch [Wrm] 20150911
AVG Agent 20150911
Avira (no cloud) TR/Crypt.EPACK.Gen2 20150911
AVware Trojan.Win32.Swrort.B (v) 20150911
BitDefender Gen:Variant.Zusy.Elzob.8031 20150911
Comodo TrojWare.Win32.Rozena.A 20150911
Cyren W32/Swrort.A.gen!Eldorado 20150911
DrWeb Trojan.Swrort.1 20150911
Emsisoft Gen:Variant.Zusy.Elzob.8031 (B) 20150911
ESET-NOD32 a variant of Win32/Rozena.ED 20150911
F-Prot W32/Swrort.A.gen!Eldorado 20150911
F-Secure Gen:Variant.Zusy.Elzob.8031 20150911
Fortinet W32/Swrort.C!tr 20150911
GData Gen:Variant.Zusy.Elzob.8031 20150911
Ikarus Trojan.Win32.Swrort 20150911
K7AntiVirus Backdoor ( 04c53cce1 ) 20150911
K7GW Backdoor ( 04c53cce1 ) 20150911
Kaspersky HEUR:Trojan.Win32.Generic 20150911
Malwarebytes Backdoor.Bot.Gen 20150911
McAfee Swrort.i 20150911
McAfee-GW-Edition BehavesLike.Win32.Swrort.lh 20150911
Microsoft Trojan:Win32/Swrort.A 20150911
eScan Gen:Variant.Zusy.Elzob.8031 20150911
NANO-Antivirus Virus.Win32.Gen-Crypt.ccnc 20150911
Rising PE:HackTool.Swrort!1.6477[F1] 20150911
Sophos AV Mal/EncPk-ACE 20150911
SUPERAntiSpyware Trojan.Backdoor-PoisonIvy 20150911
Symantec Packed.Generic.347 20150911
TrendMicro BKDR_SWRORT.SM 20150911
TrendMicro-HouseCall BKDR_SWRORT.SM 20150911
VIPRE Trojan.Win32.Swrort.B (v) 20150911
AegisLab 20150911
Alibaba 20150911
Antiy-AVL 20150911
Baidu-International 20150911
Bkav 20150911
ByteHero 20150911
CAT-QuickHeal 20150911
ClamAV 20150911
CMC 20150910
Jiangmin 20150909
Kingsoft 20150911
nProtect 20150911
Panda 20150911
Qihoo-360 20150911
Tencent 20150911
TheHacker 20150910
VBA32 20150911
ViRobot 20150911
Zillya 20150911
Zoner 20150911
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 2009 The Apache Software Foundation.

Publisher Apache Software Foundation
Product Apache HTTP Server
Original name ab.exe
Internal name ab.exe
File version 2.2.14
Description ApacheBench command line utility
Comments Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-07-22 19:34:59
Entry Point 0x00001FB0
Number of sections 4
PE sections
Overlays
MD5 95eb479e8f470740aa86bcb86cb13966
File type data
Offset 73728
Size 74
Entropy 4.61
PE imports
FreeSid
AllocateAndInitializeSid
PeekNamedPipe
GetLastError
EnterCriticalSection
ReleaseMutex
FileTimeToSystemTime
GetOverlappedResult
GlobalFree
WaitForSingleObject
GetExitCodeProcess
SystemTimeToFileTime
TlsAlloc
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
SystemTimeToTzSpecificLocalTime
DeleteCriticalSection
GetCurrentProcess
FileTimeToLocalFileTime
GetCommandLineW
FreeEnvironmentStringsW
GetProcAddress
FormatMessageA
SetStdHandle
CreateMutexA
TlsFree
SetFilePointer
ReadFile
WriteFile
CloseHandle
GetSystemTimeAsFileTime
GetFileInformationByHandle
DuplicateHandle
SetHandleInformation
SetEvent
LocalFree
TerminateProcess
DeviceIoControl
GetTimeZoneInformation
InitializeCriticalSection
CreateFileW
CreateEventA
Sleep
GetFileType
CreateFileA
SetLastError
LeaveCriticalSection
strncmp
__p__fmode
malloc
__p__environ
realloc
fclose
__dllonexit
_controlfp
fprintf
printf
fflush
fopen
strncpy
_except_handler3
_errno
qsort
_onexit
wcslen
exit
_XcptFilter
_ftol
strrchr
__setusermatherr
__p__wenviron
_adjust_fdiv
_strdup
_close
strchr
_isctype
__p__commode
_pctype
free
__p___initenv
atoi
wcsncmp
__getmainargs
calloc
perror
_initterm
strstr
signal
strerror
wcscpy
strspn
modf
__mb_cur_max
_strnicmp
_exit
__set_app_type
_iob
WSARecv
WSASend
setsockopt
getsockopt
__WSAFDIsSet
ntohl
ioctlsocket
WSAStartup
gethostbyname
WSAGetLastError
connect
WSACleanup
inet_ntoa
htons
closesocket
select
socket
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

Comments
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.2.14.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ApacheBench command line utility

CharacterSet
Unicode

InitializedDataSize
40960

EntryPoint
0x1fb0

OriginalFileName
ab.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2009 The Apache Software Foundation.

FileVersion
2.2.14

TimeStamp
2009:07:22 20:34:59+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
ab.exe

ProductVersion
2.2.14

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Apache Software Foundation

CodeSize
45056

ProductName
Apache HTTP Server

ProductVersionNumber
2.2.14.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 3ff1c0324d6aacb4cac8156c089e2362
SHA1 87aea000f830cb5ec44a1f01b03e3bab417b2036
SHA256 e47e1831c88aaead059c7254e5586dceba6db041b488ff531f972a40a31cf3c2
ssdeep
1536:IdtDuybV02EB4DT1sOTj5SRwuBCaCBF3QGp7cXRMb+KR0Nc8QsJq39:0AybVZ/1sOpSKR53QdXRe0Nc8QsC9

authentihash de35917d40cb9e0199c4a606f2fc41a4750ef003874f1bc06a2966333c76b8d8
imphash 481f47bbb2c9c21e108d65f52b04c448
Dosya boyutu 72.1 KB ( 73802 bytes )
Dosya türü Win32 EXE
Magic lafzı
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-09-11 17:47:13 UTC ( 2 yıl önce)
Last submission 2015-09-11 17:47:13 UTC ( 2 yıl önce)
Dosya isimleri ab.exe
eyup.exe
Yorum yok.. Henüz hiçbir VirusTotal Topluluğu üyesi bu öğeye yorum yapmadı.Bunu yapan ilk sen ol!

Yorum ekleyin...

?
Yorumu gönder.

Üye girişi yapmadınız..Sadece kayıtlı kullanıcılar yorum yapabilir.Sesinizi duyurmak için giriş yapın.

Oy yok.. Bu öğeyi daha önce hiç kimse oylamadı.Bunu yapan ilk sen ol!