× Cookies 已停用! 本網站需要啟用 Cookies 才能正常工作
SHA256: cd8fdbf57e6e63d2a5df39fdac721492a7808910e65975ee8eba3a5121e4bb51
檔案名稱: 1905214692746872240.exe
偵測率: 21 / 48
分析日期: 2013-09-29 13:03:32 UTC ( 3 年, 9 月 前 )
防毒 結果 更新
AhnLab-V3 Trojan/Win32.Tepfer 20130929
AntiVir TR/Crypt.ZPACK.7186 20130929
AVG Win32/Cryptor 20130929
BitDefender Gen:Variant.Kazy.252405 20130929
Bkav HW32.CDB.5ae4 20130927
Emsisoft Gen:Variant.Kazy.252405 (B) 20130929
ESET-NOD32 a variant of Win32/Kryptik.BLIJ 20130929
F-Secure Gen:Variant.Kazy.252328 20130929
Fortinet W32/Kryptik.BHHU!tr 20130929
GData Gen:Variant.Kazy.252405 20130929
Kaspersky HEUR:Trojan.Win32.Generic 20130929
McAfee Artemis!93018C83ADF8 20130929
McAfee-GW-Edition Artemis!93018C83ADF8 20130928
Microsoft PWS:Win32/Fareit 20130929
eScan Gen:Variant.Kazy.252405 20130929
Norman ZBot.NNAQ 20130929
Panda Trj/Genetic.gen 20130929
Sophos AV Mal/Generic-S 20130929
SUPERAntiSpyware Trojan.Agent/Gen-Kazy 20130929
TrendMicro-HouseCall TROJ_GEN.R0CBH0AIS13 20130929
VIPRE Trojan.Win32.Generic!BT 20130929
Yandex 20130928
Antiy-AVL 20130929
Avast 20130929
Baidu-International 20130929
ByteHero 20130924
CAT-QuickHeal 20130928
ClamAV 20130929
Commtouch 20130929
Comodo 20130929
DrWeb 20130929
F-Prot 20130929
Ikarus 20130929
Jiangmin 20130903
K7AntiVirus 20130927
K7GW 20130927
Kingsoft 20130829
Malwarebytes 20130929
NANO-Antivirus 20130929
nProtect 20130929
PCTools 20130925
Rising 20130929
Symantec 20130929
TheHacker 20130929
TotalDefense 20130927
TrendMicro 20130929
VBA32 20130927
ViRobot 20130928
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-09-17 07:31:07
Entry Point 0x00009D30
Number of sections 4
PE sections
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW
CAUpdateCA
CAGetCertTypeFlags
CAGetCertTypeExtensions
CAFreeCertTypeProperty
CAFreeCAProperty
CAFindByName
CAUpdateCertType
CASetCertTypeKeySpec
CACloseCA
CAEnumCertTypes
CASetCertTypeFlags
CACertTypeSetSecurity
CACreateCertType
CAEnumNextCertType
CASetCertTypeProperty
CARemoveCACertificateType
CACloseCertType
CAAddCACertificateType
CAFreeCertTypeExtensions
CAFindCertTypeByName
CAGetCAProperty
CAGetCertTypeProperty
CAGetCertTypeKeySpec
CAEnumCertTypesForCA
CAGetCertTypePropertyEx
CACertTypeGetSecurity
CASetCertTypeExtension
CreatePropertySheetPageW
PropertySheetW
GetDeviceCaps
DeleteObject
CreateFontIndirectW
GetLastError
IsValidCodePage
LocalReAlloc
FileTimeToSystemTime
LoadLibraryW
GlobalFree
GetEnvironmentStringsA
QueryPerformanceCounter
GetSystemWindowsDirectoryW
GetEnvironmentStringsW
GlobalUnlock
lstrcmpiW
lstrlenW
GetProcessId
DeleteCriticalSection
GetCurrentProcess
FileTimeToLocalFileTime
GetDateFormatW
GlobalLock
GetComputerNameW
GetModuleFileNameW
lstrcpyW
WideCharToMultiByte
RemoveDirectoryW
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
CloseHandle
GetSystemTimeAsFileTime
GetACP
LocalFree
FormatMessageW
InitializeCriticalSection
OutputDebugStringW
CreateFileW
GlobalAlloc
InterlockedDecrement
IsBadReadPtr
GetTickCount
OutputDebugStringA
SetLastError
InterlockedIncrement
_purecall
malloc
_wcsupr
??1type_info@@UAE@XZ
wcstoul
wcschr
__dllonexit
__RTDynamicCast
_except_handler3
?terminate@@YAXXZ
??2@YAPAXI@Z
_onexit
wcslen
wcscmp
mbstowcs
wcsrchr
_wcsicmp
_adjust_fdiv
??3@YAXPAX@Z
free
wcscat
vswprintf
memmove
wcscpy
wcsstr
_initterm
SetFocus
GetParent
EndDialog
LoadBitmapW
SetWindowLongW
MessageBoxW
InsertMenuItemW
DialogBoxParamW
GetDlgItemTextA
SendDlgItemMessageW
PostMessageW
SetDlgItemTextW
GetDC
ReleaseDC
SendMessageW
GetWindowLongW
WinHelpW
LoadStringW
SetWindowTextW
GetDlgItem
SystemParametersInfoW
LoadImageW
EnableWindow
RegisterClipboardFormatW
LoadCursorW
LoadIconW
wsprintfW
SetCursor
Number of PE resources by type
RT_ICON 6
RT_STRING 2
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
ENGLISH NZ 1
ENGLISH UK 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2010:09:17 08:31:07+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
44544

LinkerVersion
12.0

EntryPoint
0x9d30

InitializedDataSize
142848

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 93018c83adf8b4ea6067e791a33f82e4
SHA1 a1043ebb540aad7cdc6e6e0532e69743337835ec
SHA256 cd8fdbf57e6e63d2a5df39fdac721492a7808910e65975ee8eba3a5121e4bb51
ssdeep
1536:q05r1c25AHWEeS2DUTXuO8NmHkKj7+orF1w/bFKv2JnvRxVf9d3ByqbdFc:qZ2EpXJ80HD+oyJvFVdAqb7

File size 98.0 KB ( 100352 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2013-09-29 13:03:32 UTC ( 3 年, 9 月 前 )
Last submission 2013-09-29 13:03:32 UTC ( 3 年, 9 月 前 )
檔案名稱 1905214692746872240.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
沒有評論. 尚未有 VirusTotal 社群成員評論此項目,您將是第一個這樣做!

留下您的評論...

?
張貼評論

您尚未登入。 只有註冊的使用者才可以發表評論、登入!

沒有投票. 尚未有人對此項目投票,您將是第一個這樣做!