× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8a078618bf85b20a7915ff6cc7ae70eaf7f446cd8029371e18852bec76eeab3e
File name: 96cf0738a05cbabb7b51b5d624f2d51b
Detection ratio: 39 / 57
Analysis date: 2015-01-31 17:20:30 UTC ( 2 years, 9 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.533849 20150131
Yandex Trojan.Yakes!Wkhg9FC2cJ8 20150130
AhnLab-V3 Malware/Win32.Generic 20150131
ALYac Gen:Variant.Kazy.533849 20150131
Antiy-AVL Trojan/Win32.Yakes 20150131
Avast Win32:Malware-gen 20150131
AVG Crypt3.BRJH 20150131
Avira (no cloud) TR/Crypt.ZPACK.120261 20150131
AVware Trojan.Win32.Generic!BT 20150131
BitDefender Gen:Variant.Kazy.533849 20150131
Comodo TrojWare.Win32.Kuluoz.DRKZ 20150131
DrWeb Trojan.KillFiles.21700 20150131
Emsisoft Gen:Variant.Kazy.533849 (B) 20150131
ESET-NOD32 a variant of Win32/Kryptik.CVIH 20150131
F-Prot W32/S-7069410c!Eldorado 20150131
F-Secure Gen:Variant.Kazy.533849 20150131
Fortinet W32/Kryptik.CUUW!tr 20150131
GData Gen:Variant.Kazy.533849 20150131
Ikarus Trojan-Spy.Zbot 20150131
Jiangmin Trojan/Yakes.axmz 20150129
K7AntiVirus Trojan ( 0040f9fa1 ) 20150131
K7GW Trojan ( 0040f9fa1 ) 20150130
Kaspersky Trojan.Win32.Yakes.ikcb 20150131
Malwarebytes Trojan.Dropper.YK 20150131
McAfee Kuluoz-FAAT!96CF0738A05C 20150131
McAfee-GW-Edition BehavesLike.Win32.Downloader.ch 20150131
Microsoft TrojanDownloader:Win32/Kuluoz.D 20150131
eScan Gen:Variant.Kazy.533849 20150131
NANO-Antivirus Trojan.Win32.Yakes.dmeube 20150131
Norman Kuluoz.MO 20150131
Panda Trj/Genetic.gen 20150131
Qihoo-360 HEUR/QVM19.1.Malware.Gen 20150131
Sophos AV Mal/Generic-S 20150131
Symantec WS.Reputation.1 20150131
TotalDefense Win32/Kuluoz.FVTCKOD 20150131
TrendMicro Cryp_Zortob 20150131
TrendMicro-HouseCall Cryp_Zortob 20150131
VIPRE Trojan.Win32.Generic!BT 20150131
Zillya Trojan.Yakes.Win32.28770 20150131
AegisLab 20150130
Alibaba 20150130
Baidu-International 20150130
Bkav 20150130
ByteHero 20150131
CAT-QuickHeal 20150131
ClamAV 20150131
CMC 20150129
Cyren 20150131
Kingsoft 20150131
nProtect 20150130
Rising 20150130
SUPERAntiSpyware 20150131
Tencent 20150131
TheHacker 20150131
VBA32 20150129
ViRobot 20150131
Zoner 20150130
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-01-10 11:29:03
Entry Point 0x00008004
Number of sections 4
PE sections
PE imports
GetPaletteEntries
GetPixelFormat
GetPixel
GetPath
IsBadStringPtrW
GetLastError
IsBadHugeWritePtr
IsBadStringPtrA
MapViewOfFile
LoadLibraryA
GetModuleHandleA
OutputDebugStringW
QueryDosDeviceA
VirtualFree
GetTickCount
IsBadReadPtr
IsBadHugeReadPtr
OutputDebugStringA
ExitProcess
GetProcAddress
VirtualAlloc
IsDBCSLeadByte
UnmapViewOfFile
IsBadWritePtr
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2015:01:10 12:29:03+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
96768

LinkerVersion
9.0

FileAccessDate
2015:01:31 18:20:40+01:00

EntryPoint
0x8004

InitializedDataSize
27136

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

FileCreateDate
2015:01:31 18:20:40+01:00

UninitializedDataSize
0

File identification
MD5 96cf0738a05cbabb7b51b5d624f2d51b
SHA1 1efe4ff5e6a49a34ed85efbff487e00bf38e7e86
SHA256 8a078618bf85b20a7915ff6cc7ae70eaf7f446cd8029371e18852bec76eeab3e
ssdeep
1536:X3B7qpHvDyzz1ZkI2MCWHg2EMHZ2biE9u6s09/PrZC63iMou7wiLnDJ:HIHv+oI2MBAAHsbq6FtJXoriLn

authentihash df1912b78bb10e62f0387e0a63701200a6132b0d8f8613c1782eff843c5dc2cc
imphash 768616fb6419f581eafb35bbb721fa7b
File size 128.0 KB ( 131072 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.6%)
Clipper DOS Executable (19.1%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
VXD Driver (0.2%)
Tags
peexe

VirusTotal metadata
First submission 2015-01-31 17:20:30 UTC ( 2 years, 9 months ago )
Last submission 2015-01-31 17:20:30 UTC ( 2 years, 9 months ago )
File names 96cf0738a05cbabb7b51b5d624f2d51b
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Created mutexes
Runtime DLLs