× Cookies被禁用! 本网站需要启用Cookie才能正常工作
SHA256: a938e5e415687b1b68ea9ff0612637d7e35e0f1d68119e1d0332c4b30be09381
文件名: eecd7bde0c7d70dc86e67be2a10af6a1
检出率: 28 / 56
分析日期: 2016-08-14 05:26:49 UTC ( 2 年, 9 月 前 )
反病毒软件 结果 病毒库日期
Ad-Aware Trojan.GenericKD.3462706 20160814
AegisLab Troj.W32.Inject!c 20160814
AhnLab-V3 Trojan/Win32.Inject.N2079730123 20160813
ALYac Gen:Variant.Midie.31605 20160814
Antiy-AVL Trojan/Win32.Inject 20160814
Arcabit Trojan.Generic.D34D632 20160814
Avast Win32:Dropper-gen [Drp] 20160814
AVG Downloader.VB.AJFH 20160814
Avira (no cloud) TR/Injector.keco 20160813
BitDefender Trojan.GenericKD.3462706 20160814
Cyren W32/Trojan.HHEQ-8846 20160814
DrWeb BackDoor.Bifrost.20608 20160814
Emsisoft Trojan.GenericKD.3462706 (B) 20160814
ESET-NOD32 Win32/TrojanDownloader.VB.QZI 20160813
F-Secure Trojan.GenericKD.3462706 20160814
Fortinet W32/Inject.AATGS!tr 20160814
GData Trojan.GenericKD.3462706 20160814
Jiangmin Trojan.Inject.ozh 20160814
K7GW Trojan-Downloader ( 004f4d571 ) 20160814
Kaspersky Trojan.Win32.Inject.aatgs 20160814
McAfee Artemis!EECD7BDE0C7D 20160814
McAfee-GW-Edition Artemis 20160814
Microsoft VirTool:Win32/Injector.gen!E 20160814
eScan Trojan.GenericKD.3462706 20160814
Panda Generic Suspicious 20160813
Qihoo-360 HEUR/QVM09.0.0000.Malware.Gen 20160814
Sophos AV Mal/Generic-S 20160814
VBA32 Malware-Cryptor.Inject.gen 20160812
Alibaba 20160812
AVware 20160814
Baidu 20160813
Bkav 20160813
CAT-QuickHeal 20160813
ClamAV 20160814
CMC 20160811
Comodo 20160814
F-Prot 20160814
Ikarus 20160813
K7AntiVirus 20160814
Kingsoft 20160814
Malwarebytes 20160814
NANO-Antivirus 20160814
nProtect 20160812
Rising 20160814
SUPERAntiSpyware 20160814
Symantec 20160814
Tencent 20160814
TheHacker 20160814
TotalDefense 20160814
TrendMicro 20160814
TrendMicro-HouseCall 20160814
VIPRE 20160814
ViRobot 20160814
Yandex 20160813
Zillya 20160813
Zoner 20160814
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
TODO: (c) <Company name>. All rights reserved.

Product TODO: <Product name>
Original name HelloWan.exe
Internal name HelloWan.exe
File version 1.0.0.1
Description TODO: <File description>
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-08-12 10:06:47
Entry Point 0x000125DA
Number of sections 4
PE sections
PE imports
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegQueryValueA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyA
InitCommonControlsEx
SetMapMode
SaveDC
TextOutA
GetClipBox
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetTextColor
GetObjectA
CreateBitmap
RectVisible
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
ExtTextOutA
PtVisible
ScaleViewportExtEx
SelectObject
SetWindowExtEx
SetViewportExtEx
Escape
SetBkColor
DeleteObject
GetStdHandle
GetConsoleOutputCP
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
lstrcatA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
EnumResourceLanguagesA
HeapReAlloc
GetStringTypeW
GetFullPathNameA
FreeLibrary
LocalFree
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
GetStringTypeExA
SetLastError
GetModuleFileNameW
GlobalFindAtomA
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
GetVolumeInformationA
GetPrivateProfileStringA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
GlobalAddAtomA
SetUnhandledExceptionFilter
ConvertDefaultLocale
MulDiv
TerminateProcess
WriteConsoleA
GlobalAlloc
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
GlobalDeleteAtom
GetPrivateProfileIntA
GlobalLock
GetProcessHeap
GlobalReAlloc
lstrcmpA
FindFirstFileA
lstrcpyA
CompareStringA
lstrcmpW
GetProcAddress
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LocalReAlloc
LCMapStringW
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GlobalGetAtomNameA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
GetEnvironmentStrings
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
GetACP
GetVersion
FreeResource
SizeofResource
WideCharToMultiByte
HeapCreate
VirtualFree
Sleep
FindResourceA
VirtualAlloc
VariantChangeType
VariantInit
VariantClear
PathFindFileNameA
PathFindExtensionA
PathIsUNCA
PathStripToRootA
SetFocus
GetForegroundWindow
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
GetMessagePos
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
GrayStringA
GetMessageTime
SetActiveWindow
GetDC
GetCursorPos
ReleaseDC
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
GetNextDlgTabItem
CallNextHookEx
GetActiveWindow
GetMenuStringA
GetWindowTextA
DestroyWindow
GetMessageA
GetParent
UpdateWindow
SetPropA
GetClassInfoExA
ShowWindow
GetPropA
ValidateRect
EnableWindow
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
GetWindowPlacement
EnableMenuItem
RegisterClassA
TabbedTextOutA
GetSubMenu
CreateWindowExA
CopyRect
GetSysColorBrush
PtInRect
IsDialogMessageA
MapWindowPoints
BeginPaint
RegisterWindowMessageA
DefWindowProcA
SendDlgItemMessageA
GetSystemMetrics
IsIconic
GetWindowRect
PostMessageA
SetWindowLongA
RemovePropA
SetWindowTextA
CheckMenuItem
GetWindowLongA
GetLastActivePopup
GetDlgItem
GetMenuCheckMarkDimensions
ClientToScreen
GetClassLongA
InsertMenuA
CreateDialogIndirectParamA
LoadCursorA
LoadIconA
SetWindowsHookExA
GetMenuItemCount
GetMenuState
GetMenuItemID
SetForegroundWindow
PostThreadMessageA
DrawTextA
EndDialog
GetCapture
DrawTextExA
GetWindowThreadProcessId
UnhookWindowsHookEx
RegisterClipboardFormatA
MessageBoxA
AdjustWindowRectEx
GetSysColor
GetKeyState
SystemParametersInfoA
GetTopWindow
IsWindowVisible
GetDesktopWindow
WinHelpA
DeleteMenu
CallWindowProcA
GetClassNameA
GetFocus
ModifyMenuA
SetCursor
OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetFileTitleA
OleUninitialize
OleInitialize
CoRevokeClassObject
OleFlushClipboard
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleIsCurrentClipboard
Number of PE resources by type
RT_STRING 27
RT_CURSOR 18
RT_GROUP_CURSOR 16
RT_DIALOG 5
RT_BITMAP 3
OMG 2
RT_MENU 2
RT_ACCELERATOR 2
Struct(241) 1
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
CHINESE SIMPLIFIED 75
NEUTRAL 2
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
81920

EntryPoint
0x125da

OriginalFileName
HelloWan.exe

MIMEType
application/octet-stream

LegalCopyright
TODO: (c) <Company name>. All rights reserved.

FileVersion
1.0.0.1

TimeStamp
2016:08:12 11:06:47+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
HelloWan.exe

ProductVersion
1.0.0.1

FileDescription
TODO: <File description>

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
TODO: <Company name>

CodeSize
143360

ProductName
TODO: <Product name>

ProductVersionNumber
1.0.0.1

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 eecd7bde0c7d70dc86e67be2a10af6a1
SHA1 f798330653f4c6d6008131a32a3e544b90e0ce8e
SHA256 a938e5e415687b1b68ea9ff0612637d7e35e0f1d68119e1d0332c4b30be09381
ssdeep
3072:Rj6viGzXed4lcVmGT9Eg/yBVJcnMpdwYZVS3BDoQel13tPvthGsVzqvvTtw:h6viGzwzbT9EeCVJc3OVQuH6sEC

authentihash be4a4554e6acbb31f823b7bb28c64e9f88f136ad8de577330ddbe22e6124c7ef
imphash 9aa7c30aa88a7b119c77652bb836ebbc
File size 224.0 KB ( 229376 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (48.1%)
Win32 Executable MS Visual C++ (generic) (34.9%)
Win32 Dynamic Link Library (generic) (7.3%)
Win32 Executable (generic) (5.0%)
Generic Win/DOS Executable (2.2%)
Tags
peexe

VirusTotal metadata
First submission 2016-08-14 05:26:49 UTC ( 2 年, 9 月 前 )
Last submission 2016-08-14 05:26:49 UTC ( 2 年, 9 月 前 )
文件名 HelloWan.exe
没有评论. 没有VirusTotal社区成员评论该项目,抢沙发!

发表评论

?
发表评论

您没有登录。只有注册用户可以发表评论,请登录后发表评论!

没有投票. 目前没有用户投票。