× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2fea3c0bb9976a4658388b99ed3df1883f0848ed8d122fa2db00dbba620b6910
File name: hmanKNBP7DVch.exe
Detection ratio: 8 / 54
Analysis date: 2016-08-04 10:01:54 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Lockycrypt.N2071137425 20160804
Baidu Win32.Trojan.WisdomEyes.151026.9950.9998 20160804
Bkav HW32.Packed.6840 20160803
McAfee-GW-Edition BehavesLike.Win32.Expiro.cc 20160804
Panda Trj/Genetic.gen 20160803
Qihoo-360 QVM20.1.Malware.Gen 20160804
Tencent Win32.Trojan.Raas.Auto 20160804
TrendMicro-HouseCall Ransom_HPLOCKY.SM3 20160804
Ad-Aware 20160804
AegisLab 20160804
Alibaba 20160804
ALYac 20160804
Antiy-AVL 20160804
Arcabit 20160804
Avast 20160804
AVG 20160804
Avira (no cloud) 20160804
AVware 20160804
BitDefender 20160804
CAT-QuickHeal 20160803
ClamAV 20160804
CMC 20160804
Comodo 20160804
Cyren 20160804
DrWeb 20160804
Emsisoft 20160804
ESET-NOD32 20160804
F-Prot 20160804
F-Secure 20160804
Fortinet 20160804
GData 20160804
Ikarus 20160804
Jiangmin 20160804
K7AntiVirus 20160804
K7GW 20160804
Kaspersky 20160804
Kingsoft 20160804
Malwarebytes 20160804
McAfee 20160804
Microsoft 20160804
eScan 20160804
NANO-Antivirus 20160804
nProtect 20160804
Sophos AV 20160804
SUPERAntiSpyware 20160804
Symantec 20160804
TheHacker 20160804
TrendMicro 20160804
VBA32 20160804
VIPRE 20160804
ViRobot 20160803
Yandex 20160803
Zillya 20160804
Zoner 20160804
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2004-2008 Yahoo! Inc.

Product Yahoo! Widget
Original name YahooHinderEngine.ocx
Internal name Yahoo! Hinder
File version 2.0.3
Description Yahoo! Widgets
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-08-04 06:34:59
Entry Point 0x000080D8
Number of sections 5
PE sections
PE imports
GetSaveFileNameW
CommDlgExtendedError
GetFileTitleW
SetGraphicsMode
Polygon
TextOutW
CreateFontIndirectW
GetGlyphOutlineW
GetTextExtentPoint32W
SaveDC
SetTextAlign
GetTextMetricsA
CombineRgn
GetClipBox
ModifyWorldTransform
GetPixel
Rectangle
SetMapMode
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
GetCharacterPlacementW
ScaleWindowExtEx
SetWorldTransform
GetObjectW
CreateDCW
CreateDIBSection
RealizePalette
SetTextColor
CreatePatternBrush
GetBrushOrgEx
GetClipRgn
ExtTextOutW
GetOutlineTextMetricsA
CreateBitmap
RectVisible
CreatePalette
EnumFontFamiliesExW
SetViewportOrgEx
SelectPalette
SetBkColor
BitBlt
PtVisible
GetDIBits
ExtCreateRegion
GdiFlush
ScaleViewportExtEx
SelectClipRgn
CreateCompatibleDC
CreateFontW
Escape
GetBkColor
CreatePen
SetBrushOrgEx
CreateRectRgn
SelectObject
SetPolyFillMode
CreateCompatibleBitmap
SetWindowExtEx
CreateSolidBrush
SetViewportExtEx
GetStockObject
SetPixelV
GetFontData
DeleteObject
Ellipse
ImmReleaseContext
ImmGetContext
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
WaitForSingleObject
GetDriveTypeA
HeapDestroy
EnumUILanguagesW
GetFileAttributesW
lstrcmpW
GetLocalTime
FreeEnvironmentStringsA
CreatePipe
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
GetVolumeInformationW
GetFileInformationByHandle
SetErrorMode
GetLogicalDrives
FreeEnvironmentStringsW
GetLocaleInfoW
EnumResourceLanguagesW
GetFileTime
GetCPInfo
GetStringTypeA
InterlockedExchange
GetTempPathW
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
HeapReAlloc
GetStringTypeW
GetExitCodeProcess
LocalFree
FormatMessageW
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
SetFileAttributesW
WritePrivateProfileStringW
SetLastError
GetUserDefaultUILanguage
GetSystemTime
DeviceIoControl
CopyFileW
FindAtomA
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
GlobalFindAtomW
LoadLibraryA
SetProcessWorkingSetSize
OpenWaitableTimerA
SetThreadPriority
WritePrivateProfileSectionW
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
SetFilePointerEx
GetSystemPowerStatus
MoveFileW
CreateEventW
GetFullPathNameW
GlobalAddAtomW
CreateThread
DeleteCriticalSection
GetExitCodeThread
ActivateActCtx
GlobalAddAtomA
CreateSemaphoreW
ConvertDefaultLocale
CreateMutexW
MulDiv
UnlockFile
ExitThread
FindAtomW
SetUnhandledExceptionFilter
WriteConsoleA
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
GetDiskFreeSpaceExW
SetEndOfFile
GetVersion
InterlockedIncrement
LoadLibraryExW
AddAtomA
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GlobalGetAtomNameW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
lstrcmpiW
RtlUnwind
FreeLibrary
LocalLock
GetStartupInfoA
GetDateFormatA
GetFileSize
GlobalDeleteAtom
OpenProcess
GetModuleHandleW
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GlobalLock
GetProcessHeap
GetTempFileNameW
CreateFileMappingW
CompareStringW
GetFileSizeEx
GlobalReAlloc
RemoveDirectoryW
ExpandEnvironmentStringsW
lstrcmpA
FindNextFileW
CompareStringA
GetComputerNameA
FindFirstFileW
DuplicateHandle
GetProcAddress
SetEvent
GetTimeZoneInformation
CreateFileW
GlobalFindAtomA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LocalUnlock
LeaveCriticalSection
GetLastError
LocalReAlloc
SystemTimeToFileTime
LCMapStringW
HeapCreate
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
VirtualQuery
lstrlenW
VirtualFree
LockFile
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
ReleaseSemaphore
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
GetACP
GetCurrentThreadId
FreeResource
GetFileAttributesExW
SetStdHandle
GetEnvironmentStrings
WideCharToMultiByte
GetConsoleFontSize
UnmapViewOfFile
FindResourceW
CreateProcessW
Sleep
WriteConsoleW
VirtualAlloc
GetTimeFormatA
LoadRegTypeLib
VariantChangeType
SysFreeString
SafeArrayGetLBound
UnRegisterTypeLib
SystemTimeToVariantTime
RegisterTypeLib
SysStringLen
SafeArrayGetElement
VariantClear
SysAllocString
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetVartype
VariantTimeToSystemTime
LoadTypeLib
SafeArrayGetDim
SafeArrayCopy
VariantInit
VarUI4FromStr
GetModuleBaseNameW
EnumProcesses
EnumProcessModules
DragQueryFileW
SHQueryRecycleBinW
SHEmptyRecycleBinW
SHCreateDirectoryExW
DragFinish
SHGetFolderLocation
SHFileOperationW
ShellExecuteW
SHGetPathFromIDListW
ExtractIconExW
SHGetDesktopFolder
Shell_NotifyIconW
SHGetMalloc
CommandLineToArgvW
SHBrowseForFolderW
PathFindFileNameW
SHCopyKeyW
PathIsUNCW
PathFindExtensionW
PathStripToRootW
PathMakeSystemFolderW
PathUnmakeSystemFolderW
MapWindowPoints
GetMessagePos
RegisterWindowMessageW
UnregisterHotKey
SetMenuItemBitmaps
LoadBitmapW
SetRectEmpty
DestroyMenu
PostQuitMessage
GetForegroundWindow
SetWindowPos
IsWindow
GrayStringW
ClientToScreen
EndDialog
WindowFromPoint
GetMessageTime
SetMenuItemInfoW
SetActiveWindow
GetDC
GetCursorPos
ReleaseDC
GetDlgCtrlID
SendMessageW
UnregisterClassA
IsDialogMessageW
SendMessageA
UnregisterClassW
GetClassInfoW
GetMenuItemInfoW
SetCaretPos
AllowSetForegroundWindow
DrawTextW
GetNextDlgTabItem
InSendMessage
CallNextHookEx
GetClientRect
GetTopWindow
RegisterHotKey
OpenClipboard
MapVirtualKeyExW
PostThreadMessageW
GetWindowTextLengthW
LoadAcceleratorsW
GetActiveWindow
PtInRect
DrawEdge
GetClassInfoExW
UpdateWindow
GetPropW
EqualRect
GetMenuState
CreateCaret
GetWindowTextW
GetMessageW
ShowWindow
GetCaretPos
DrawFrameControl
SetPropW
EnumDisplayMonitors
PeekMessageW
EnumClipboardFormats
InsertMenuItemW
CharUpperW
GetSystemMenu
TranslateMessage
IsWindowEnabled
GetWindow
DestroyCaret
RegisterClassW
GetIconInfo
MsgWaitForMultipleObjects
SetParent
SetClipboardData
GetWindowPlacement
LoadStringW
EnableMenuItem
TrackPopupMenuEx
GetSubMenu
SetTimer
GetKeyboardLayout
FillRect
CopyRect
DeferWindowPos
GetDialogBaseUnits
CreateWindowExW
RemovePropW
GetWindowLongW
CharNextW
DragDetect
SetFocus
VkKeyScanExW
GetMonitorInfoW
IsIconic
BeginPaint
OffsetRect
DefWindowProcW
DrawIcon
KillTimer
TrackMouseEvent
GetComboBoxInfo
CharPrevW
GetClipboardData
GetParent
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
DrawTextExW
CharLowerW
SendDlgItemMessageW
PostMessageW
InvalidateRect
RedrawWindow
CheckDlgButton
CreatePopupMenu
CheckMenuItem
DrawFocusRect
GetClassLongW
GetLastActivePopup
SetWindowTextW
GetDlgItem
GetMenuCheckMarkDimensions
BringWindowToTop
ScreenToClient
GetAsyncKeyState
TrackPopupMenu
DialogBoxIndirectParamW
GetMenuItemCount
ValidateRect
ShowOwnedPopups
LoadCursorW
LoadIconW
ReuseDDElParam
GetMenuItemID
InsertMenuW
SetForegroundWindow
GetMenuStringW
EmptyClipboard
GetCaretBlinkTime
EndPaint
CreateDialogIndirectParamW
IntersectRect
SetLayeredWindowAttributes
GetScrollInfo
FindWindowW
GetCapture
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
GetSysColorBrush
BeginDeferWindowPos
MessageBoxW
GetMenu
RegisterClassExW
UnhookWindowsHookEx
MoveWindow
AppendMenuW
GetWindowDC
AdjustWindowRectEx
GetSysColor
RegisterClipboardFormatW
GetKeyState
EndDeferWindowPos
SystemParametersInfoA
UpdateLayeredWindow
GetDoubleClickTime
TabbedTextOutW
DestroyIcon
IsWindowVisible
WinHelpW
GetDesktopWindow
UnpackDDElParam
SystemParametersInfoW
DispatchMessageW
FrameRect
SetRect
DeleteMenu
MonitorFromRect
CallWindowProcW
GetClassNameW
DestroyWindow
ModifyMenuW
SetWindowsHookExW
IsRectEmpty
GetFocus
EnableWindow
CloseClipboard
TranslateAcceleratorW
SetMenu
SetCursor
InternetTimeFromSystemTimeW
HttpQueryInfoW
InternetOpenW
InternetConnectW
InternetReadFile
InternetCloseHandle
InternetSetOptionW
HttpSendRequestW
InternetErrorDlg
InternetTimeToSystemTimeW
InternetGetConnectedState
InternetGetLastResponseInfoW
HttpOpenRequestW
HttpAddRequestHeadersW
mixerGetLineControlsW
mixerGetControlDetailsW
mciGetErrorStringW
mixerOpen
mixerSetControlDetails
mciSendCommandW
mixerClose
mixerGetDevCapsW
mixerGetLineInfoW
GdipDrawImageRectRect
GdipGetFontStyle
GdipDrawRectangleI
GdipCreateLineBrushFromRectWithAngleI
GdipSaveGraphics
GdipGetGenericFontFamilySansSerif
GdipTranslateMatrix
GdipSetPenBrushFill
GdipCreateBitmapFromScan0
GdipGetImageVerticalResolution
GdipDisposeImage
GdipImageSelectActiveFrame
GdipGetFamilyName
GdipGetFontSize
GdipGetCompositingMode
GdipGetTextRenderingHint
GdipGetCellAscent
GdipGetClipBounds
GdipSetStringFormatAlign
GdipImageGetFrameCount
GdipGetImageWidth
GdipDrawImageI
GdipDrawImageRectRectI
GdipCreateFont
GdipCloneBrush
GdipCloneStringFormat
GdipSetClipRect
GdipFree
GdipGetImageRawFormat
GdipGetImageHeight
GdipDeleteStringFormat
GdipTranslateWorldTransform
GdipSetPenDashStyle
GdipSetTextRenderingHint
GdipCreateBitmapFromHICON
GdipGetImageHorizontalResolution
GdipSetImageAttributesColorMatrix
GdipSaveImageToFile
GdipMeasureString
GdipTransformMatrixPoints
GdipBitmapSetResolution
GdiplusStartup
GdipGetFamily
GdipFillPath
GdipCreateBitmapFromStream
GdipGetImageThumbnail
GdipGetImageEncoders
GdipFillRectangleI
GdipDisposeImageAttributes
GdipSetCompositingMode
GdipClosePathFigure
GdipCreateMatrix
GdipDrawLine
GdipRotateMatrix
GdipGetImageGraphicsContext
GdipRestoreGraphics
GdipGetImageEncodersSize
GdipBitmapLockBits
GdipClonePen
GdipGetCellDescent
GdipStringFormatGetGenericDefault
GdipDrawPath
GdipDeleteFontFamily
GdipCloneFontFamily
GdipCreatePath
GdipBitmapUnlockBits
GdipFillRectangle
GdipDeleteFont
GdipSetPixelOffsetMode
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipDrawLineI
GdipBitmapGetPixel
GdipCreateFontFamilyFromName
GdipSetStringFormatFlags
GdipDeleteBrush
GdipRotateWorldTransform
GdipInvertMatrix
GdipAddPathArcI
GdipSetMatrixElements
GdipSetClipRectI
GdipStringFormatGetGenericTypographic
GdipGetStringFormatFlags
GdipGetClipBoundsI
GdipGetImagePixelFormat
GdipCreateSolidFill
GdipSetSmoothingMode
GdipSetStringFormatTrimming
GdipGetEmHeight
GdipGetDC
GdipDeleteMatrix
GdipGetLineSpacing
GdipDeleteGraphics
GdipTransformPath
GdipCreateImageAttributes
GdipCreateFromHDC
GdipCreatePen1
GdipDrawRectangle
GdipAlloc
GdipDeletePath
GdipDeletePen
GdipSetInterpolationMode
GdipDrawString
GdipCloneImage
GdipReleaseDC
malloc
_CIsin
free
isdigit
_exit
_wtoi
CreateStreamOnHGlobal
OleLockRunning
CoUninitialize
CoInitialize
OleInitialize
CoRevokeClassObject
CoLockObjectExternal
CoCreateGuid
RegisterDragDrop
CoCreateInstance
CoTaskMemRealloc
CLSIDFromProgID
RevokeDragDrop
CoRegisterClassObject
CoCreateInstanceEx
OleSetContainedObject
CoTaskMemFree
CLSIDFromString
StringFromGUID2
CoTaskMemAlloc
SnmpUtilOidCpy
SnmpUtilOidNCmp
SnmpUtilVarBindFree
CreateURLMonikerEx
Number of PE resources by type
RT_BITMAP 3
RT_ICON 3
RT_GROUP_ICON 1
RT_VERSION 1
RT_RCDATA 1
Number of PE resources by language
ENGLISH US 9
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.0.3.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
347648

EntryPoint
0x80d8

OriginalFileName
YahooHinderEngine.ocx

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2004-2008 Yahoo! Inc.

FileVersion
2.0.3

TimeStamp
2016:08:04 07:34:59+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Yahoo! Hinder

ProductVersion
2.0.3

FileDescription
Yahoo! Widgets

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Yahoo! Inc.

CodeSize
59904

ProductName
Yahoo! Widget

ProductVersionNumber
2.0.3.1

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 33777ff9b32da04cf86d3c75f282fb80
SHA1 a27186fe22b793e7cc1c307da08a6828a3e4c350
SHA256 2fea3c0bb9976a4658388b99ed3df1883f0848ed8d122fa2db00dbba620b6910
ssdeep
3072:o/NM35oKkoHreZiSA7sS39Xwzv46o2ky2JNmT3Ek4N7dH0CzzHNzTaqwsURGeajv:5JrkAF7s69XydMy2JobEkai

authentihash d4d88b557001aa04d8a16dbdc9680c73e9a301556ecfb0f454344997796a6128
imphash 2b83f183548ec5323f5f548421d38be4
File size 143.5 KB ( 146944 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2016-08-04 09:35:21 UTC ( 1 year, 2 months ago )
Last submission 2016-08-28 11:00:57 UTC ( 1 year, 1 month ago )
File names hmanKNBP7DVch.exe
YahooHinderEngine.ocx
Yahoo! Hinder
qnQIDknn5ASr5C.exe
2ifWir8Sxi8LoeZD.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Opened mutexes
Runtime DLLs
UDP communications