× Cookies被禁用! 本网站需要启用Cookie才能正常工作
SHA256: d39a52e8d806af5ca265236a4942b88ef4fc73b033a74d4ab96541f45b4bdb54
文件名: 7e3853875ebb25718b55598117ce3c57
检出率: 52 / 62
分析日期: 2017-04-04 07:12:56 UTC ( 2 年, 1 月 前 )
反病毒软件 结果 病毒库日期
Ad-Aware Trojan.GenericKD.4389928 20170404
AegisLab Troj.W32.Scar!c 20170404
AhnLab-V3 Trojan/Win32.Lethic.R195786 20170403
ALYac Trojan.GenericKD.4389928 20170404
Antiy-AVL Trojan/Win32.Scar 20170404
Arcabit Trojan.Generic.D42FC28 20170404
Avast Win32:Dorder-BH [Trj] 20170404
AVG Generic_r.RIC 20170404
Avira (no cloud) TR/Crypt.Xpack.bjfgf 20170404
AVware Trojan.Win32.Generic!BT 20170404
Baidu Win32.Trojan.Kryptik.bih 20170331
BitDefender Trojan.GenericKD.4389928 20170404
Bkav W32.FamVT.RazyNHmA.Trojan 20170404
CAT-QuickHeal Trojan.Dynamer 20170404
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170130
Cyren W32/S-e2e07e9d!Eldorado 20170404
DrWeb Trojan.Proxy2.164 20170404
Emsisoft Trojan.GenericKD.4389928 (B) 20170404
Endgame malicious (high confidence) wss1 20170403
ESET-NOD32 a variant of Win32/Kryptik.FOHJ 20170404
F-Prot W32/S-e2e07e9d!Eldorado 20170404
F-Secure Trojan.GenericKD.4389928 20170404
Fortinet W32/Injector.DKYI!tr 20170404
GData Trojan.GenericKD.4389928 20170404
Ikarus Trojan.Win32.Lethic 20170403
Sophos ML worm.win32.dorkbot.i 20170203
Jiangmin Trojan.Garrun.aed 20170404
K7AntiVirus Trojan ( 005053901 ) 20170404
K7GW Trojan ( 005053901 ) 20170404
Kaspersky HEUR:Trojan.Win32.Generic 20170404
Malwarebytes Backdoor.DorkBot 20170404
McAfee GenericRXAZ-DQ!7E3853875EBB 20170404
McAfee-GW-Edition GenericRXAZ-DQ!7E3853875EBB 20170404
Microsoft Trojan:Win32/Dynamer!ac 20170404
eScan Trojan.GenericKD.4389928 20170404
NANO-Antivirus Trojan.Win32.Scar.emfqsi 20170404
Palo Alto Networks (Known Signatures) generic.ml 20170404
Panda Trj/GdSda.A 20170403
Qihoo-360 Win32/Trojan.4c1 20170404
Rising Trojan.Kryptik!1.A8FB (cloud:YtZvwqVcFDN) 20170404
SentinelOne (Static ML) static engine - malicious 20170330
Sophos AV Mal/Generic-S 20170404
SUPERAntiSpyware Backdoor.Bot/Variant 20170404
Symantec Trojan.Gen 20170403
Tencent Win32.Trojan.Scar.Ajca 20170404
TrendMicro TROJ_GEN.R00XC0FC517 20170404
TrendMicro-HouseCall WORM_HPKASIDET.SMO 20170404
VBA32 Trojan.Scar 20170403
VIPRE Trojan.Win32.Generic!BT 20170404
ViRobot Trojan.Win32.Z.Agent.203264.QM[h] 20170403
Yandex Trojan.Kryptik!QR1M6G/Uw+I 20170327
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20170404
Alibaba 20170403
ClamAV 20170404
CMC 20170404
Comodo 20170404
Kingsoft 20170404
nProtect 20170404
Symantec Mobile Insight 20170404
TheHacker 20170403
TotalDefense 20170404
Trustlook 20170404
Webroot 20170404
WhiteArmor 20170327
Zillya 20170402
Zoner 20170404
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-02-14 09:23:26
Entry Point 0x00005977
Number of sections 4
PE sections
PE imports
RegDeleteKeyA
LookupPrivilegeValueA
RegCloseKey
OpenServiceA
RegQueryValueExA
RegSetValueA
AdjustTokenPrivileges
ControlService
RegCreateKeyExA
DeleteService
RegCreateKeyA
CloseServiceHandle
RegFlushKey
OpenProcessToken
RegQueryValueA
RegOpenKeyExA
RegDeleteValueA
GetTokenInformation
RegEnumKeyA
CreateServiceA
RegSetValueExA
StartServiceA
RegEnumValueA
OpenSCManagerA
ImageList_LoadImageA
ImageList_Create
Ord(17)
ImageList_Destroy
ImageList_AddMasked
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
Polygon
CreateFontIndirectW
CreatePen
TextOutA
CreateFontIndirectA
GetDeviceCaps
LineTo
DeleteDC
SetBkMode
ChoosePixelFormat
GetObjectW
BitBlt
SetTextColor
MoveToEx
CreateFontA
CreateBrushIndirect
SetPixelFormat
CreateCompatibleDC
SwapBuffers
SelectObject
CreateSolidBrush
SetBkColor
DeleteObject
CreateCompatibleBitmap
GetStdHandle
GetConsoleOutputCP
WaitForSingleObject
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
lstrcatA
FreeEnvironmentStringsW
SetStdHandle
WideCharToMultiByte
lstrcmpiA
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
GetStringTypeW
GetExitCodeProcess
InitializeCriticalSection
FindClose
TlsGetValue
FormatMessageA
SetLastError
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
LoadLibraryExA
GetPrivateProfileStringA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetPrivateProfileStringW
GetModuleHandleA
CreateThread
SetUnhandledExceptionFilter
MulDiv
GetSystemDirectoryA
TerminateProcess
WriteConsoleA
GlobalAlloc
GetVersion
LeaveCriticalSection
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
FreeLibrary
GetStartupInfoA
DeleteFileA
GetWindowsDirectoryA
DeleteFileW
GetProcAddress
GetProcessHeap
lstrcmpA
FindFirstFileA
GetTempFileNameA
FindNextFileA
ExpandEnvironmentStringsA
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
LCMapStringW
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
HeapReAlloc
GetEnvironmentStringsW
GlobalUnlock
RemoveDirectoryA
GetEnvironmentStrings
WritePrivateProfileStringA
GetCurrentProcessId
MapUserPhysicalPages
GetCPInfo
HeapSize
GetCommandLineA
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetACP
GlobalLock
GetCurrentThreadId
CreateProcessA
HeapCreate
VirtualFree
Sleep
VirtualAlloc
SHGetFileInfoA
SHBrowseForFolderW
SHChangeNotify
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderA
ShellExecuteExW
SHGetFileInfoW
SHGetPathFromIDListA
SHGetSpecialFolderPathW
SHGetMalloc
ShellExecuteA
SHFileOperationA
SetFocus
GetParent
EndDialog
SystemParametersInfoW
DefWindowProcW
KillTimer
ChangeDisplaySettingsA
ShowWindow
MessageBeep
SetWindowPos
wvsprintfW
GetSystemMetrics
SetWindowLongW
AppendMenuA
GetWindowRect
ScreenToClient
CharUpperW
MessageBoxA
LoadIconW
GetWindowDC
GetWindow
SetDlgItemTextW
GetDC
GetKeyState
ReleaseDC
BeginPaint
SendMessageW
wsprintfW
DrawIconEx
GetClientRect
CloseWindow
GetDlgItem
CreateDialogParamA
DrawTextW
LoadImageW
EnableMenuItem
ClientToScreen
SetRect
wsprintfA
SetTimer
CallWindowProcW
DialogBoxIndirectParamW
SetWindowTextW
GetWindowTextW
GetSystemMenu
GetWindowTextLengthW
GetWindowLongW
Number of PE resources by type
RT_DIALOG 4
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 2
FRENCH 2
ENGLISH TRINIDAD 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2017:02:14 10:23:26+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
77824

LinkerVersion
9.0

EntryPoint
0x5977

InitializedDataSize
168960

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 7e3853875ebb25718b55598117ce3c57
SHA1 898a9078567687e13cb5b9d4ceddc489c411d700
SHA256 d39a52e8d806af5ca265236a4942b88ef4fc73b033a74d4ab96541f45b4bdb54
ssdeep
3072:GEGteDcpUEl3QUrhpaL+cgl7XMDnMdz9uhmjDHyB/W5CW1Ez5icaeG:Wfxl3Zva/YMbW4hmjWBKK5ica

authentihash 95069fa12a49e69074e88279d2bb12bb497946273f5e0928b2533cf947c8e68b
imphash 989955b52223a700613db8c57ca968b1
File size 198.5 KB ( 203264 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2017-03-05 11:37:42 UTC ( 2 年, 2 月 前 )
Last submission 2017-03-05 11:37:42 UTC ( 2 年, 2 月 前 )
没有评论. 没有VirusTotal社区成员评论该项目,抢沙发!

发表评论

?
发表评论

您没有登录。只有注册用户可以发表评论,请登录后发表评论!

没有投票. 目前没有用户投票。
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Runtime DLLs
UDP communications