× Cookies被禁用! 本网站需要启用Cookie才能正常工作
SHA256: f083699cf82cc8f8d76ccd22d2cb6b48335a054ed2924fa21c774719cf21c9be
文件名: 人权行动小额资助项目列表‮slx.scr
检出率: 14 / 56
分析日期: 2014-12-10 02:51:22 UTC ( 3 年, 6 月 前 ) 查看最新
反病毒软件 结果 病毒库日期
Ad-Aware Gen:Variant.Strictor.31153 20141210
ALYac Gen:Variant.Strictor.31153 20141210
AVG Generic_r.EGQ 20141210
BitDefender Gen:Variant.Strictor.31153 20141210
Comodo UnclassifiedMalware 20141210
DrWeb Trojan.Hosts.33462 20141210
Emsisoft Gen:Variant.Strictor.31153 (B) 20141210
ESET-NOD32 a variant of Win32/Kryptik.CQPK 20141210
F-Secure Gen:Variant.Strictor.31153 20141210
GData Gen:Variant.Strictor.31153 20141210
eScan Gen:Variant.Strictor.31153 20141210
Norman Startpage.ALTD 20141209
Qihoo-360 HEUR/QVM41.1.Malware.Gen 20141210
Rising PE:Malware.FakeXLS@CV!1.6AC3 20141209
AegisLab 20141210
Yandex 20141209
AhnLab-V3 20141209
Antiy-AVL 20141209
Avast 20141210
Avira (no cloud) 20141209
AVware 20141209
Baidu-International 20141209
Bkav 20141209
ByteHero 20141210
CAT-QuickHeal 20141209
ClamAV 20141209
CMC 20141208
Cyren 20141210
F-Prot 20141210
Fortinet 20141210
Ikarus 20141210
Jiangmin 20141209
K7AntiVirus 20141209
K7GW 20141209
Kaspersky 20141210
Kingsoft 20141210
Malwarebytes 20141210
McAfee 20141210
McAfee-GW-Edition 20141208
Microsoft 20141210
NANO-Antivirus 20141210
nProtect 20141209
Panda 20141209
Sophos AV 20141210
SUPERAntiSpyware 20141210
Symantec 20141210
Tencent 20141210
TheHacker 20141208
TotalDefense 20141209
TrendMicro 20141210
TrendMicro-HouseCall 20141210
VBA32 20141209
VIPRE 20141210
ViRobot 20141208
Zillya 20141209
Zoner 20141208
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
???? (C) 2011

Internal name update
File version 1, 0, 0, 1
Description Microsoft Corporation.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-09-01 13:22:18
Entry Point 0x00002260
Number of sections 4
PE sections
PE imports
RegSetValueExA
RegCloseKey
RegCreateKeyA
InterlockedExchange
GetLastError
GetStartupInfoA
RaiseException
ReleaseMutex
lstrcatA
LocalAlloc
GetModuleHandleA
LoadResource
CreateMutexA
CreateDirectoryA
FreeLibrary
GetTickCount
CloseHandle
CreateFileA
Sleep
LoadLibraryA
FindResourceA
GetCurrentThreadId
GetProcAddress
Ord(6197)
Ord(1775)
Ord(4080)
Ord(4710)
Ord(3597)
Ord(939)
Ord(3136)
Ord(6375)
Ord(755)
Ord(3798)
Ord(2621)
Ord(3259)
Ord(2446)
Ord(2915)
Ord(815)
Ord(641)
Ord(5277)
Ord(2514)
Ord(4425)
Ord(5199)
Ord(4441)
Ord(1134)
Ord(941)
Ord(4465)
Ord(5300)
Ord(4627)
Ord(1168)
Ord(3738)
Ord(4853)
Ord(2982)
Ord(4234)
Ord(825)
Ord(3081)
Ord(5307)
Ord(4424)
Ord(540)
Ord(4078)
Ord(2554)
Ord(6376)
Ord(1727)
Ord(2379)
Ord(2725)
Ord(4998)
Ord(800)
Ord(3749)
Ord(2512)
Ord(470)
Ord(4274)
Ord(5261)
Ord(4079)
Ord(1146)
Ord(3147)
Ord(2124)
Ord(6052)
Ord(3262)
Ord(1576)
Ord(4353)
Ord(5065)
Ord(4407)
Ord(3346)
Ord(2396)
Ord(3831)
Ord(6374)
Ord(5280)
Ord(3825)
Ord(2976)
Ord(1089)
Ord(2985)
Ord(3922)
Ord(2818)
Ord(4376)
Ord(324)
Ord(3830)
Ord(2385)
Ord(3079)
Ord(2055)
Ord(4837)
Ord(5241)
Ord(2648)
Ord(5714)
Ord(5289)
Ord(4622)
Ord(561)
Ord(4486)
Ord(4698)
Ord(5163)
Ord(6199)
Ord(5265)
Ord(4673)
Ord(5302)
Ord(5731)
_except_handler3
__p__fmode
malloc
__CxxFrameHandler
_acmdln
free
_exit
__p__commode
srand
_setmbcp
__dllonexit
_onexit
_controlfp
exit
_XcptFilter
__getmainargs
_initterm
__setusermatherr
rand
_adjust_fdiv
__set_app_type
Number of PE resources by type
RT_ICON 8
BIN 2
RT_DIALOG 2
RT_STRING 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
CHINESE SIMPLIFIED 13
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileVersionNumber
1.0.0.1

UninitializedDataSize
0

LanguageCode
Chinese (Simplified)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
61440

EntryPoint
0x2260

MIMEType
application/octet-stream

LegalCopyright
(C) 2011

FileVersion
1, 0, 0, 1

TimeStamp
2014:09:01 14:22:18+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
update

ProductVersion
1, 0, 0, 1

FileDescription
Microsoft Corporation.

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
6656

FileSubtype
0

ProductVersionNumber
1.0.0.1

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 d6d628968d7a36431f04b43db8416231
SHA1 4a2468f551300d379fb453b4c8b09d3e7de1447f
SHA256 f083699cf82cc8f8d76ccd22d2cb6b48335a054ed2924fa21c774719cf21c9be
ssdeep
768:0OH387KthNkgNCl1FsGxxUx7eHpvAfu/QZp92vOp9MZ:T3KDkuOGxx9vVST2v1Z

authentihash 098d576e4502d119867b938d4a75db3a53bc478e723f9d3011712c26b6f6fbe4
imphash e62a6db28fe066d348e1e2dcd14d72b7
File size 67.5 KB ( 69120 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2014-12-08 15:50:07 UTC ( 3 年, 6 月 前 )
Last submission 2014-12-10 02:51:22 UTC ( 3 年, 6 月 前 )
文件名 人权行动小额资助项目列表‮slx.scr
?????????????slx.scr
update
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
没有评论. 没有VirusTotal社区成员评论该项目,抢沙发!

发表评论

?
发表评论

您没有登录。只有注册用户可以发表评论,请登录后发表评论!

没有投票. 目前没有用户投票。
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.