× Cookies被禁用! 本网站需要启用Cookie才能正常工作
SHA256: 3b2cc469e27aca58abc43a3eaa94dab4bee615c29f7995814e0b0a3d238f5408
检出率: 12 / 67
分析日期: 2018-01-16 15:37:27 UTC ( 1 年, 4 月 前 ) 查看最新
反病毒软件 结果 病毒库日期
Avast FileRepMalware 20180116
AVG FileRepMalware 20180116
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180116
CrowdStrike Falcon (ML) malicious_confidence_90% (W) 20171016
Cybereason malicious.9c6946 20171103
Cylance Unsafe 20180116
eGambit Unsafe.AI_Score_99% 20180116
Endgame malicious (high confidence) 20171130
Palo Alto Networks (Known Signatures) generic.ml 20180116
Tencent Suspicious.Heuristic.Gen.b.0 20180116
TrendMicro-HouseCall Suspicious_GEN.F47V0116 20180116
Webroot Trojan.Dropper.Gen 20180116
Ad-Aware 20180116
AegisLab 20180116
AhnLab-V3 20180116
Alibaba 20180116
ALYac 20180116
Antiy-AVL 20180116
Arcabit 20180116
Avast-Mobile 20180116
Avira (no cloud) 20180116
AVware 20180103
BitDefender 20180116
Bkav 20180116
CAT-QuickHeal 20180116
ClamAV 20180116
CMC 20180116
Comodo 20180116
Cyren 20180116
DrWeb 20180116
Emsisoft 20180116
ESET-NOD32 20180116
F-Prot 20180116
F-Secure 20180116
Fortinet 20180116
GData 20180116
Ikarus 20180116
Sophos ML 20170914
Jiangmin 20180116
K7AntiVirus 20180116
K7GW 20180116
Kaspersky 20180116
Kingsoft 20180116
Malwarebytes 20180116
MAX 20180116
McAfee 20180116
McAfee-GW-Edition 20180116
Microsoft 20180116
eScan 20180116
NANO-Antivirus 20180116
nProtect 20180116
Panda 20180116
Qihoo-360 20180116
Rising 20180116
SentinelOne (Static ML) 20180115
Sophos AV 20180116
SUPERAntiSpyware 20180116
Symantec 20180116
Symantec Mobile Insight 20180116
TheHacker 20180115
TrendMicro 20180116
Trustlook 20180116
VBA32 20180116
VIPRE 20180116
ViRobot 20180116
WhiteArmor 20180110
Yandex 20180112
Zillya 20180115
ZoneAlarm by Check Point 20180116
Zoner 20180116
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1999 - 2014 Amazon

Product Cubes
Original name Cubes.exe
Internal name Cubes
File version 6.6.86.2
Description Rmi Codified Memo
Comments Rmi Codified Memo
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-01-19 23:46:40
Entry Point 0x000147A7
Number of sections 5
PE sections
PE imports
Ord(17)
CreateStatusWindowW
TextOutW
GdiGradientFill
EndPath
CombineRgn
GetPixel
GetDeviceCaps
ExcludeClipRect
DeleteDC
SetBkMode
FillPath
BitBlt
CreateDIBSection
SetTextColor
CreatePatternBrush
GetObjectA
GetCurrentObject
CreateFontA
MoveToEx
GetStockObject
ExtTextOutA
SetTextAlign
SelectClipRgn
CreateCompatibleDC
GetTextAlign
SelectObject
CreateCompatibleBitmap
SetTextJustification
CreateSolidBrush
Polyline
BeginPath
DeleteObject
Ellipse
GetTcpStatistics
GetUdpStatistics
GetRTTAndHopCount
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
lstrlenA
LoadLibraryW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
LoadLibraryA
GetLocalTime
IsProcessorFeaturePresent
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
GetConsoleMode
DecodePointer
GetCurrentProcessId
lstrcatA
WideCharToMultiByte
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
GetStartupInfoW
SetFilePointerEx
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
EncodePointer
HeapSize
SetStdHandle
RaiseException
GetCPInfo
GetModuleFileNameW
TlsFree
GetModuleHandleA
EnumSystemLanguageGroupsA
SetUnhandledExceptionFilter
WriteFile
WaitForSingleObject
GetSystemTimeAsFileTime
lstrcpynA
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
GetProcessHeap
TerminateProcess
GetModuleHandleExW
IsValidCodePage
OutputDebugStringW
SetLastError
CreateFileW
CreateEventA
TlsGetValue
Sleep
GetFileType
TlsSetValue
HeapAlloc
GetCurrentThreadId
LeaveCriticalSection
LocalAlloc
WriteConsoleW
CloseHandle
WNetOpenEnumA
NetShareGetInfo
UuidToStringA
RpcStringBindingComposeA
RpcStringFreeA
UuidFromStringA
RpcBindingFromStringBindingA
SHGetMalloc
PathFindExtensionA
StrCSpnA
StrToIntA
StrCmpNIA
StrToIntExA
StrChrA
PathRemoveFileSpecA
ChrCmpIA
StrTrimA
SetFocus
MapWindowPoints
GetParent
UpdateWindow
BeginPaint
GetWindowRgn
OffsetRect
SendInput
PostQuitMessage
DefWindowProcA
DrawFrameControl
SetWindowPos
SetDlgItemInt
CharLowerA
GetWindowRect
EndPaint
SetMenu
GetWindowLongA
GetDC
CallWindowProcA
GetDlgItemTextA
AppendMenuW
GetWindowDC
SetWindowLongA
IsWindowEnabled
GetMenuItemID
InsertMenuItemA
GetCursorPos
ReleaseDC
CreatePopupMenu
SetScrollInfo
GetMenu
LoadStringA
GetSystemMetrics
SendMessageA
SetForegroundWindow
GetClientRect
GetDCEx
GetDlgItem
SetScrollPos
GetSubMenu
CreateMenu
FillRect
CopyRect
GetDesktopWindow
LoadImageA
wsprintfA
RedrawWindow
CreateWindowExW
GetMenuItemInfoA
GetWindowTextA
SetCursorPos
ScriptStringOut
ScriptStringAnalyse
ScriptStringFree
GetThemeBackgroundContentRect
IsThemeActive
OpenThemeData
DrawThemeParentBackground
CloseThemeData
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
ReleaseStgMedium
CoCreateInstance
StgOpenStorage
PdhAddCounterW
PdhBrowseCountersA
PdhCollectQueryData
Number of PE resources by type
RT_ICON 6
TXT 4
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
PE resources
Debug information
ExifTool file metadata
CodeSize
130560

SubsystemVersion
6.0

Comments
Rmi Codified Memo

Languages
English

InitializedDataSize
181248

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.6.86.2

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Rmi Codified Memo

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
12.0

PrivateBuild
6.6.86.2

EntryPoint
0x147a7

OriginalFileName
Cubes.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 1999 - 2014 Amazon

FileVersion
6.6.86.2

TimeStamp
2015:01:19 15:46:40-08:00

FileType
Win32 EXE

PEType
PE32

InternalName
Cubes

ProductVersion
6.6.86.2

UninitializedDataSize
0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Amazon

LegalTrademarks
Copyright 1999 - 2014 Amazon

ProductName
Cubes

ProductVersionNumber
6.6.86.2

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 8a57297844825b961282d40fdebc4879
SHA1 a077e179c69461bd702d60133ed0b7201661e82b
SHA256 3b2cc469e27aca58abc43a3eaa94dab4bee615c29f7995814e0b0a3d238f5408
ssdeep
3072:rVn8QOXmQaDIJEGp8Wtvv6j2KD+qmk5V4gzj1BuYH5V98YC/7K/XRlCHy:r9cQIvXtvE20LggDuYH5VCX++S

authentihash a88f4b2a4c8cb42670dae6018bec0ce027946d674f6ad4fc4418be9df5265e8d
imphash 4198f44ae3438d58a854d4d6e75c1891
File size 305.5 KB ( 312832 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-01-16 10:38:53 UTC ( 1 年, 4 月 前 )
Last submission 2018-05-18 17:47:57 UTC ( 1 年 前 )
文件名 Temp.exe
binary.exe
Cubes
webapps.exe
ffplug
profiles.exe
zeuspanda (2)
Cubes.exe
epygy.exe
2018-01-16-Zeus-Panda-Banker-binary.exe
2018-01-16-Zeus-Panda-Banker-binary.exe
28C8B86DEAB549A1.EXE
2018-01-16-Zeus-Panda-Banker-binary.exe
没有评论. 没有VirusTotal社区成员评论该项目,抢沙发!

发表评论

?
发表评论

您没有登录。只有注册用户可以发表评论,请登录后发表评论!

没有投票. 目前没有用户投票。