× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1da2be79c9ffd1edfcfce054f1913bc59c6337ca62370f095172768c07c23f9e
File name: Yahoo! Singer
Detection ratio: 49 / 57
Analysis date: 2016-12-13 23:02:43 UTC ( 9 months, 1 week ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Barys.54891 20161213
AegisLab Troj.Ransom.W32.Locky!c 20161213
AhnLab-V3 Win-Trojan/Lockycrypt.Gen 20161213
ALYac Gen:Variant.Barys.54891 20161213
Antiy-AVL Trojan/Win32.BTSGeneric 20161213
Arcabit Trojan.Barys.DD66B 20161213
Avast Win32:Malware-gen 20161213
AVG Crypt_r.CCZ 20161213
Avira (no cloud) TR/Crypt.ZPACK.akrz 20161213
AVware Trojan.Win32.Generic!BT 20161213
Baidu Win32.Trojan.Kryptik.aod 20161207
BitDefender Gen:Variant.Barys.54891 20161213
CAT-QuickHeal Ransomware.Locky.WR5 20161213
ClamAV Win.Ransomware.Locky-31470 20161213
Comodo TrojWare.Win32.CryptoLocker.spm 20161213
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20161024
Cyren W32/Locky.BE.gen!Eldorado 20161213
Emsisoft Gen:Variant.Barys.54891 (B) 20161213
ESET-NOD32 a variant of Win32/Kryptik.FDGP 20161213
F-Prot W32/Locky.BE.gen!Eldorado 20161213
F-Secure Gen:Variant.Barys.54891 20161213
Fortinet W32/Kryptik.FDGP!tr 20161213
GData Gen:Variant.Barys.54891 20161213
Ikarus Trojan.Win32.Crypt 20161213
Sophos ML trojan.win32.skeeyah.a!rfn 20161202
Jiangmin Trojan.Locky.bbd 20161213
K7AntiVirus Trojan ( 004f4bd41 ) 20161213
K7GW Trojan ( 004f4bd41 ) 20161213
Kaspersky Trojan-Ransom.Win32.Locky.bdc 20161213
Malwarebytes Ransom.Locky 20161213
McAfee Ransomware-FQN!8687357B8351 20161213
McAfee-GW-Edition BehavesLike.Win32.MultiPlug.cc 20161213
Microsoft Ransom:Win32/Locky!rfn 20161213
eScan Gen:Variant.Barys.54891 20161213
nProtect Ransom/W32.Locky.138240.F 20161213
Panda Trj/Genetic.gen 20161213
Qihoo-360 Trojan.Generic 20161214
Rising Malware.Generic!zvHCVHx6nEK@5 (thunder) 20161213
Sophos AV Troj/Ransom-CZH 20161213
Symantec Ransom.Locky 20161213
Tencent Win32.Trojan.Raasj.Auto 20161214
TheHacker Trojan/Kryptik.fdgp 20161212
TrendMicro Ransom_LOCKY.F116H1 20161213
TrendMicro-HouseCall Ransom_LOCKY.F116H1 20161213
VBA32 Heur.Trojan.Hlux 20161213
VIPRE Trojan.Win32.Generic!BT 20161213
ViRobot Trojan.Win32.Z.Locky.138240.S[h] 20161213
Yandex Trojan.Locky! 20161213
Zillya Trojan.Kryptik.Win32.954615 20161213
Alibaba 20161213
Bkav 20161213
CMC 20161213
DrWeb 20161213
Kingsoft 20161214
NANO-Antivirus 20161213
SUPERAntiSpyware 20161213
TotalDefense 20161213
Trustlook 20161214
WhiteArmor 20161212
Zoner 20161213
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2004-2008 Yahoo! Inc.

Product Yahoo! Widget
Original name YahooSingerEngine.ocx
Internal name Yahoo! Singer
File version 2.1.3
Description Yahoo! Widgets
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-07-28 07:24:35
Entry Point 0x00005FD6
Number of sections 5
PE sections
PE imports
RegCreateKeyExW
CryptDestroyKey
RegCloseKey
RegRestoreKeyW
RegQueryValueExA
RegCreateKeyW
AdjustTokenPrivileges
CryptVerifySignatureW
LookupPrivilegeValueW
RegEnumKeyW
RegDeleteKeyW
CryptHashData
RegQueryValueExW
CryptCreateHash
RegOpenKeyA
OpenProcessToken
RegOpenKeyExW
RegOpenKeyW
RegOpenKeyExA
RegQueryValueW
CryptReleaseContext
CryptGetUserKey
RegQueryInfoKeyW
RegEnumKeyExW
OpenThreadToken
GetUserNameA
CryptDestroyHash
CryptAcquireContextW
RegDeleteValueW
RegSetValueExW
GetSaveFileNameW
CommDlgExtendedError
GetFileTitleW
SetGraphicsMode
Polygon
TextOutW
CreateFontIndirectW
GetTextExtentPoint32W
CreatePen
SaveDC
SetTextAlign
GetTextMetricsA
GetBkColor
CombineRgn
GetClipBox
ModifyWorldTransform
GetPixel
Rectangle
SetMapMode
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
GetCharacterPlacementW
SetWorldTransform
SetPixelV
SelectObject
DeleteObject
GetObjectW
CreateDCW
CreateDIBSection
RealizePalette
SetTextColor
CreatePatternBrush
GetBrushOrgEx
GetGlyphOutlineW
ExtTextOutW
GetOutlineTextMetricsA
CreateBitmap
BitBlt
CreatePalette
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
GetFontData
PtVisible
GetDIBits
EnumFontFamiliesExW
ExtCreateRegion
GdiFlush
ScaleViewportExtEx
SelectClipRgn
CreateCompatibleDC
CreateFontW
SelectPalette
SetBrushOrgEx
CreateRectRgn
GetClipRgn
SetPolyFillMode
CreateCompatibleBitmap
SetWindowExtEx
CreateSolidBrush
Escape
SetBkColor
SetViewportExtEx
Ellipse
RectVisible
ImmReleaseContext
ImmGetContext
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
WaitForSingleObject
GetDriveTypeA
HeapDestroy
EnumUILanguagesW
GetFileAttributesW
DuplicateHandle
GetLocalTime
FreeEnvironmentStringsA
CreatePipe
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
UnhandledExceptionFilter
GetFileInformationByHandle
SetErrorMode
GetLogicalDrives
FreeEnvironmentStringsW
GetLocaleInfoW
EnumResourceLanguagesW
GetFileTime
GetCPInfo
GetStringTypeA
InterlockedExchange
GetTempPathW
GetProfileIntW
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
HeapReAlloc
GetStringTypeW
GetOEMCP
LocalFree
FormatMessageW
LocalLock
GetExitCodeProcess
GetTimeZoneInformation
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
MoveFileW
SetFileAttributesW
GetCurrentThread
SetLastError
GetUserDefaultUILanguage
GetSystemTime
DeviceIoControl
InitializeCriticalSection
GlobalFindAtomW
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
GetConsoleFontSize
lstrcmpiW
SetProcessWorkingSetSize
SetThreadPriority
WritePrivateProfileSectionW
GetVolumeInformationW
TlsGetValue
MultiByteToWideChar
SetFilePointerEx
GetSystemPowerStatus
FormatMessageA
GetModuleHandleA
GetFullPathNameW
GlobalAddAtomW
CreateThread
SetEnvironmentVariableW
DeleteCriticalSection
GetExitCodeThread
GlobalAddAtomA
CreateSemaphoreW
ConvertDefaultLocale
CreateMutexW
MulDiv
GetDateFormatA
ExitThread
SetEnvironmentVariableA
FindAtomW
SetUnhandledExceptionFilter
WriteConsoleA
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
GetDiskFreeSpaceExW
SetEndOfFile
GetVersion
InterlockedIncrement
WriteConsoleW
AddAtomA
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GlobalGetAtomNameW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
OpenWaitableTimerW
CopyFileW
GetStartupInfoA
UnlockFile
GetFileSize
GlobalDeleteAtom
OpenProcess
GetModuleHandleW
GetDateFormatW
GetStartupInfoW
SetEvent
DeleteFileW
GlobalLock
AddAtomW
GetProcessHeap
GetTempFileNameW
CreateFileMappingW
CompareStringW
GetFileSizeEx
GlobalReAlloc
RemoveDirectoryW
ExpandEnvironmentStringsW
lstrcmpA
FindNextFileW
CreateDirectoryW
CompareStringA
GetComputerNameA
FindFirstFileW
lstrcmpW
GetProcAddress
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LocalUnlock
LeaveCriticalSection
GetLastError
LocalReAlloc
SystemTimeToFileTime
LCMapStringW
UnmapViewOfFile
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
VirtualQuery
lstrlenW
VirtualFree
LockFile
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
CancelIo
WritePrivateProfileStringW
RaiseException
ReleaseSemaphore
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
GlobalFlags
LoadLibraryExW
CancelWaitableTimer
CloseHandle
GetACP
GetCurrentThreadId
FreeResource
GetFileAttributesExW
SetStdHandle
GetEnvironmentStrings
WideCharToMultiByte
HeapCreate
FindResourceW
CreateProcessW
Sleep
VirtualAlloc
GetTimeFormatA
VarUI4FromStr
VariantChangeType
SysFreeString
SafeArrayGetLBound
SysStringLen
SystemTimeToVariantTime
LoadRegTypeLib
RegisterTypeLib
VariantClear
SysAllocString
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetVartype
UnRegisterTypeLib
VariantTimeToSystemTime
LoadTypeLib
SafeArrayGetDim
SafeArrayCopy
VariantInit
SafeArrayGetElement
GetModuleBaseNameW
EnumProcesses
EnumProcessModules
SHGetFolderLocation
SHQueryRecycleBinW
SHEmptyRecycleBinW
SHCreateDirectoryExW
DragFinish
DragQueryFileW
SHFileOperationW
ShellExecuteW
SHGetPathFromIDListW
ExtractIconExW
SHGetDesktopFolder
Shell_NotifyIconW
SHGetMalloc
CommandLineToArgvW
SHBrowseForFolderW
PathFindFileNameW
SHCopyKeyW
PathIsUNCW
PathFindExtensionW
PathStripToRootW
PathMakeSystemFolderW
PathUnmakeSystemFolderW
RedrawWindow
GetForegroundWindow
RegisterWindowMessageW
UnregisterHotKey
SetMenuItemBitmaps
LoadBitmapW
MoveWindow
DestroyMenu
PostQuitMessage
GetMessagePos
SetWindowPos
IsWindow
GrayStringW
EndPaint
WindowFromPoint
GetMessageTime
SetMenuItemInfoW
SetActiveWindow
DispatchMessageW
GetCursorPos
ReleaseDC
GetMenuStringW
SendMessageW
UnregisterClassA
SendMessageA
UnregisterClassW
GetClientRect
SetCaretPos
AllowSetForegroundWindow
DrawTextW
GetNextDlgTabItem
InSendMessage
CallNextHookEx
ClientToScreen
GetTopWindow
RegisterHotKey
OpenClipboard
GetWindowTextW
PostThreadMessageW
GetWindowTextLengthW
LoadAcceleratorsW
GetActiveWindow
PtInRect
DrawEdge
GetParent
UpdateWindow
GetPropW
EqualRect
GetMenuState
CreateCaret
MapVirtualKeyExW
GetMessageW
ShowWindow
GetCaretPos
DrawFrameControl
SetPropW
EnumDisplayMonitors
PeekMessageW
EnumClipboardFormats
InsertMenuItemW
CharUpperW
MapWindowPoints
GetSystemMenu
TranslateMessage
IsWindowEnabled
GetWindow
DestroyCaret
SetClipboardData
GetIconInfo
MsgWaitForMultipleObjects
SetParent
RegisterClassW
GetWindowPlacement
LoadStringW
IsIconic
TrackPopupMenuEx
GetSubMenu
SetTimer
IsDialogMessageW
FillRect
CopyRect
DeferWindowPos
GetDialogBaseUnits
GetClassInfoW
CreateWindowExW
TabbedTextOutW
GetWindowLongW
CharNextW
DragDetect
SetFocus
VkKeyScanExW
GetMonitorInfoW
BeginPaint
OffsetRect
DefWindowProcW
ReleaseCapture
KillTimer
TrackMouseEvent
GetComboBoxInfo
CharPrevW
GetClipboardData
GetClassInfoExW
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetCapture
DrawIcon
DrawTextExW
CharLowerW
RemovePropW
SendDlgItemMessageW
PostMessageW
InvalidateRect
GetScrollInfo
CreatePopupMenu
CheckMenuItem
DrawFocusRect
GetClassLongW
GetLastActivePopup
SetWindowTextW
GetDlgItem
GetMenuCheckMarkDimensions
BringWindowToTop
ScreenToClient
GetAsyncKeyState
TrackPopupMenu
DialogBoxIndirectParamW
GetMenuItemCount
CheckDlgButton
GetDesktopWindow
ShowOwnedPopups
LoadCursorW
LoadIconW
ReuseDDElParam
GetMenuItemID
InsertMenuW
SetForegroundWindow
GetMenuItemInfoW
SetWindowsHookExW
EmptyClipboard
GetCaretBlinkTime
CreateDialogIndirectParamW
IntersectRect
SetLayeredWindowAttributes
EndDialog
GetKeyboardLayout
FindWindowW
GetCapture
GetDlgCtrlID
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
GetSysColorBrush
BeginDeferWindowPos
MessageBoxW
GetMenu
RegisterClassExW
SetMenu
SetRectEmpty
AppendMenuW
GetWindowDC
AdjustWindowRectEx
GetSysColor
RegisterClipboardFormatW
GetKeyState
EndDeferWindowPos
SystemParametersInfoA
UpdateLayeredWindow
GetDoubleClickTime
DestroyIcon
IsWindowVisible
WinHelpW
UnpackDDElParam
SystemParametersInfoW
GetDC
FrameRect
SetRect
DeleteMenu
MonitorFromRect
CallWindowProcW
GetClassNameW
DestroyWindow
ModifyMenuW
EnableMenuItem
ValidateRect
IsRectEmpty
GetFocus
EnableWindow
CloseClipboard
TranslateAcceleratorW
UnhookWindowsHookEx
SetCursor
InternetTimeFromSystemTimeW
HttpQueryInfoW
InternetSetOptionW
InternetConnectW
InternetReadFile
InternetCloseHandle
InternetTimeToSystemTimeW
InternetGetConnectedState
InternetOpenW
InternetErrorDlg
HttpSendRequestW
InternetGetLastResponseInfoW
HttpOpenRequestW
HttpAddRequestHeadersW
mixerGetLineControlsW
mixerGetControlDetailsW
mciGetErrorStringW
mixerOpen
mixerSetControlDetails
mciSendCommandW
mixerClose
mixerGetDevCapsW
mixerGetLineInfoW
GdipDrawImageRectRect
GdipGetFontStyle
GdipDrawRectangleI
GdipCreateLineBrushFromRectWithAngleI
GdipSaveGraphics
GdipGetGenericFontFamilySansSerif
GdipTranslateMatrix
GdipSetPenBrushFill
GdipCreateBitmapFromScan0
GdipGetImageVerticalResolution
GdipDisposeImage
GdipImageSelectActiveFrame
GdipGetFamilyName
GdipGetFontSize
GdipGetCompositingMode
GdipGetTextRenderingHint
GdipGetCellAscent
GdipGetClipBounds
GdipSetStringFormatAlign
GdipImageGetFrameCount
GdipGetImageWidth
GdipDrawImageI
GdipStringFormatGetGenericTypographic
GdipCreateFont
GdipCloneBrush
GdipCloneStringFormat
GdipSetClipRect
GdipFree
GdipGetImageRawFormat
GdipGetImageHeight
GdipDeleteStringFormat
GdipTranslateWorldTransform
GdipSetPenDashStyle
GdipSetTextRenderingHint
GdipCreateBitmapFromHICON
GdipGetImageHorizontalResolution
GdipSetImageAttributesColorMatrix
GdipSaveImageToFile
GdipMeasureString
GdipTransformMatrixPoints
GdipBitmapSetResolution
GdiplusStartup
GdipDrawImageRectRectI
GdipGetFamily
GdipFillPath
GdipCreateBitmapFromStream
GdipGetImageThumbnail
GdipGetImageEncoders
GdipFillRectangleI
GdipDisposeImageAttributes
GdipSetCompositingMode
GdipClosePathFigure
GdipCreateMatrix
GdipDrawLine
GdipRotateMatrix
GdipGetImageGraphicsContext
GdipRestoreGraphics
GdipGetImageEncodersSize
GdipBitmapLockBits
GdipClonePen
GdipGetCellDescent
GdipStringFormatGetGenericDefault
GdipDrawPath
GdipDeleteFontFamily
GdipCloneFontFamily
GdipCreatePath
GdipBitmapUnlockBits
GdipFillRectangle
GdipDeleteFont
GdipSetPixelOffsetMode
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipDrawLineI
GdipBitmapGetPixel
GdipCreateFontFamilyFromName
GdipSetStringFormatFlags
GdipDeleteBrush
GdipRotateWorldTransform
GdipInvertMatrix
GdipAddPathArcI
GdipSetMatrixElements
GdipSetClipRectI
GdipGetStringFormatFlags
GdipGetClipBoundsI
GdipGetImagePixelFormat
GdipCreateSolidFill
GdipSetSmoothingMode
GdipSetStringFormatTrimming
GdipGetEmHeight
GdipGetDC
GdipDeleteMatrix
GdipGetLineSpacing
GdipDeleteGraphics
GdipTransformPath
GdipCreateImageAttributes
GdipCreateFromHDC
GdipCreatePen1
GdipDrawRectangle
GdipAlloc
GdipDeletePath
GdipDeletePen
GdipSetInterpolationMode
GdipDrawString
GdipCloneImage
GdipReleaseDC
malloc
isalnum
_CIsin
free
_exit
_wtoi
CreateStreamOnHGlobal
OleLockRunning
CoUninitialize
CoInitialize
OleInitialize
CoRevokeClassObject
CoLockObjectExternal
OleSetContainedObject
CoTaskMemRealloc
CoCreateInstance
RegisterDragDrop
CLSIDFromProgID
RevokeDragDrop
CoRegisterClassObject
CoCreateInstanceEx
CoCreateGuid
CoTaskMemFree
CLSIDFromString
StringFromGUID2
CoTaskMemAlloc
OleUIBusyW
Ord(8)
SnmpUtilOidCpy
SnmpUtilOidNCmp
SnmpUtilVarBindFree
CreateURLMonikerEx
Number of PE resources by type
RT_BITMAP 3
RT_ICON 3
RT_GROUP_ICON 1
RT_VERSION 1
RT_RCDATA 1
Number of PE resources by language
ENGLISH US 9
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.1.3.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
1135616

EntryPoint
0x5fd6

OriginalFileName
YahooSingerEngine.ocx

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2004-2008 Yahoo! Inc.

FileVersion
2.1.3

TimeStamp
2016:07:28 08:24:35+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Yahoo! Singer

ProductVersion
2.1.3

FileDescription
Yahoo! Widgets

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Yahoo! Inc.

CodeSize
50176

ProductName
Yahoo! Widget

ProductVersionNumber
2.1.3.1

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 8687357b835168fea03284a71a517219
SHA1 757ef3e929fd54590605e0b0d93868573dccc213
SHA256 1da2be79c9ffd1edfcfce054f1913bc59c6337ca62370f095172768c07c23f9e
ssdeep
3072:zyZ1WivhlJfS5xcSWKcOWcnH+gaUQEbVXb51qskaN/:zy57S5xFWROW9UJ51qska5

authentihash 7d71ed270523a217ed494f1bcb881a2b2ec241e550ea356d896992742a33b434
imphash a726f80796adc3d662179d2bf5a59ada
File size 135.0 KB ( 138240 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (52.5%)
Windows screen saver (22.0%)
Win32 Dynamic Link Library (generic) (11.0%)
Win32 Executable (generic) (7.5%)
Generic Win/DOS Executable (3.3%)
Tags
peexe

VirusTotal metadata
First submission 2016-07-28 09:47:31 UTC ( 1 year, 1 month ago )
Last submission 2016-08-20 04:29:23 UTC ( 1 year, 1 month ago )
File names Yahoo! Singer
v254Ww1D8M.exe
YahooSingerEngine.ocx
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Opened mutexes
Runtime DLLs
UDP communications