× Cookies đã bị vô hiệu! Trang này yêu cầu kích hoạt cookies để có thể làm việc bình thường
SHA256: 2e8e5ed8a0dbdd9a482aab2f6fc015ad3721bb8e60bc915cbf72efe780c69968
Tên tập tin: GGMiner.exe
Tỷ lệ phát hiện: 0 / 64
Ngày phân tích: 2017-08-29 11:22:52 UTC ( 1 tháng, 3 tuần trước ) Xem mới nhất
Chương trình Kết quả Cập nhật
Ad-Aware 20170829
AegisLab 20170829
AhnLab-V3 20170829
Alibaba 20170829
ALYac 20170829
Antiy-AVL 20170829
Arcabit 20170829
Avast 20170829
AVG 20170829
Avira (no cloud) 20170829
AVware 20170829
Baidu 20170829
BitDefender 20170829
Bkav 20170829
CAT-QuickHeal 20170829
ClamAV 20170829
CMC 20170828
Comodo 20170829
CrowdStrike Falcon (ML) 20170804
Cylance 20170829
Cyren 20170829
DrWeb 20170829
Emsisoft 20170829
Endgame 20170821
ESET-NOD32 20170829
F-Prot 20170829
F-Secure 20170829
Fortinet 20170829
GData 20170829
Ikarus 20170829
Sophos ML 20170822
Jiangmin 20170829
K7AntiVirus 20170829
K7GW 20170828
Kaspersky 20170829
Kingsoft 20170829
Malwarebytes 20170829
MAX 20170829
McAfee 20170826
McAfee-GW-Edition 20170828
Microsoft 20170829
eScan 20170829
NANO-Antivirus 20170829
nProtect 20170829
Palo Alto Networks (Known Signatures) 20170829
Panda 20170828
Qihoo-360 20170829
Rising 20170829
SentinelOne (Static ML) 20170806
Sophos AV 20170829
SUPERAntiSpyware 20170829
Symantec 20170829
Symantec Mobile Insight 20170829
Tencent 20170829
TheHacker 20170828
TrendMicro 20170829
TrendMicro-HouseCall 20170829
Trustlook 20170829
VBA32 20170829
VIPRE 20170829
ViRobot 20170829
Webroot 20170829
WhiteArmor 20170829
Yandex 20170828
Zillya 20170828
ZoneAlarm by Check Point 20170829
Zoner 20170829
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-08-29 07:44:41
Entry Point 0x0004F478
Number of sections 7
PE sections
PE imports
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
CryptGetHashParam
CryptGenRandom
CryptEncrypt
CryptDestroyHash
CryptHashData
CryptImportKey
CryptCreateHash
CertFreeCertificateContext
PeekNamedPipe
DeviceIoControl
GetStdHandle
EnterCriticalSection
AreFileApisANSI
VerifyVersionInfoA
RemoveDirectoryW
GetLastError
SetEvent
QueryPerformanceCounter
IsDebuggerPresent
FindNextFileW
GetFileAttributesW
LoadLibraryA
WaitForSingleObjectEx
InitializeCriticalSectionEx
VerSetConditionMask
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentProcessId
LCMapStringW
GetModuleHandleW
UnhandledExceptionFilter
MultiByteToWideChar
GetStartupInfoW
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
InitializeSListHead
GetFileType
GetTickCount64
WideCharToMultiByte
MoveFileExW
GetModuleHandleA
GetSystemTimeAsFileTime
ReadFile
SetUnhandledExceptionFilter
ResetEvent
IsProcessorFeaturePresent
FindFirstFileW
GetSystemDirectoryA
ExpandEnvironmentStringsA
FreeLibrary
LocalFree
TerminateProcess
GetModuleFileNameA
CreateEventW
CreateFileW
FindClose
Sleep
FormatMessageA
CloseHandle
GetCurrentThreadId
GetProcAddress
SleepEx
SetLastError
LeaveCriticalSection
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Incref@facet@locale@std@@UAEXXZ
??Bid@locale@std@@QAEIXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_BADOFF@std@@3_JB
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Locimp_Addfac@_Locimp@locale@std@@CAXPAV123@PAVfacet@23@I@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ
?_Xlength_error@std@@YAXPBD@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0_Lockit@std@@QAE@H@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1_Lockit@std@@QAE@XZ
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z
?_Xbad_function_call@std@@YAXXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Xbad_alloc@std@@YAXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Xout_of_range@std@@YAXPBD@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPA_W3AAPA_W@Z
IdnToAscii
ShellExecuteA
GetDesktopWindow
MessageBoxA
strchr
_purecall
__vcrt_InitializeCriticalSectionEx
strstr
memmove
__std_exception_copy
memset
__CxxFrameHandler3
_except_handler4_common
_CxxThrowException
strrchr
__std_terminate
__std_exception_destroy
memcpy
memchr
Ord(301)
Ord(50)
Ord(143)
Ord(79)
Ord(45)
Ord(41)
Ord(22)
Ord(46)
Ord(211)
Ord(30)
Ord(200)
Ord(33)
Ord(32)
Ord(26)
Ord(27)
Ord(35)
getaddrinfo
htonl
accept
ioctlsocket
WSAStartup
freeaddrinfo
connect
getsockname
htons
getpeername
select
gethostname
getsockopt
closesocket
ntohl
send
ntohs
WSAGetLastError
listen
__WSAFDIsSet
WSACleanup
WSASetLastError
recv
WSAIoctl
setsockopt
socket
bind
recvfrom
sendto
strtol
strtod
atoi
strtoul
strtoull
strtoll
_stat64
_lock_file
_fstat64
_unlock_file
malloc
_set_new_mode
realloc
free
calloc
_callnewh
_configthreadlocale
localeconv
_except1
__setusermatherr
_dtest
_get_narrow_winmain_command_line
__sys_nerr
_register_onexit_function
_set_app_type
terminate
_register_thread_local_exe_atexit_callback
_controlfp_s
_configure_narrow_argv
_invalid_parameter_noinfo
_cexit
_c_exit
_errno
_invalid_parameter_noinfo_noreturn
_getpid
_seh_filter_exe
exit
_initialize_narrow_environment
_initterm_e
_exit
strerror
_initialize_onexit_table
_beginthreadex
_wassert
_initterm
_crt_atexit
fgetpos
_get_stream_buffer_pointers
fgetc
fread
fclose
fgets
fflush
fopen
feof
__acrt_iob_func
fputc
fwrite
fseek
_open
fsetpos
fputs
fopen_s
__p__commode
_close
ferror
_fseeki64
__stdio_common_vsprintf
_write
_lseeki64
_read
_set_fmode
ungetc
__stdio_common_vsscanf
setvbuf
strncmp
tolower
isalnum
strpbrk
isxdigit
isdigit
isprint
isgraph
_strdup
islower
isalpha
isupper
isspace
strncpy
Number of PE resources by type
RT_ICON 4
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH UK 5
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2017:08:29 08:44:41+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
333824

LinkerVersion
14.0

EntryPoint
0x4f478

InitializedDataSize
111616

SubsystemVersion
6.0

ImageVersion
0.0

OSVersion
6.0

UninitializedDataSize
0

File identification
MD5 3fbeafe84fa94e4d5211d717b38ebb4c
SHA1 c2126ca99ebf3d96e204b4212e62ace3bde4ce8b
SHA256 2e8e5ed8a0dbdd9a482aab2f6fc015ad3721bb8e60bc915cbf72efe780c69968
ssdeep
12288:RnWy8cN+hdE4RnrXjtiWZ2Jvp0VveP/o2oLNK:gyp+9IWoJFP/LoBK

authentihash 86e0d176aa670d71449162309f3e49be73eab3163a7d28c755abfd29a017fd32
imphash 92441662fdd16ffc476fe3fa843593f3
File size 434.0 KB ( 444416 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.4%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2017-08-29 11:22:52 UTC ( 1 tháng, 3 tuần trước )
Last submission 2017-08-30 00:08:00 UTC ( 1 tháng, 3 tuần trước )
Tên tập tin GGMiner.exe
Chưa có ý kiến nào. Chưa có thành viên nào trong Cộng đồng VirusTotal bình luận về đối tượng này, hãy trở thành người đầu tiên đưa ra ý kiến!

Đưa ra ý kiến của bạn...

?
Gửi ý kiến

Bạn chưa đăng nhập.Chỉ có người dùng đã đăng ký mới có thể viết ý kiến, hãy đăng nhập và bắt đầu!

Chưa có đánh giá. Chưa có thành viên nào đánh giá về đối tượng này, hãy trở thành người đầu tiên đánh giá nó!