× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 92c6a9e648bfd98bbceea3813ce96c6861487826d6b2c3d462debae73ed25b34
File name: Eternalsynergy-1.0.1.exe
Detection ratio: 2 / 61
Analysis date: 2017-04-14 11:31:04 UTC ( 2 weeks ago ) View latest
Antivirus Result Update
Kaspersky UDS:DangerousObject.Multi.Generic 20170414
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20170414
Ad-Aware 20170414
AegisLab 20170414
AhnLab-V3 20170414
Alibaba 20170414
ALYac 20170414
Antiy-AVL 20170414
Arcabit 20170414
Avast 20170414
AVG 20170414
Avira (no cloud) 20170414
AVware 20170410
Baidu 20170414
BitDefender 20170414
Bkav 20170414
CAT-QuickHeal 20170414
ClamAV 20170414
CMC 20170414
Comodo 20170414
CrowdStrike Falcon (ML) 20170130
Cyren 20170414
DrWeb 20170414
Emsisoft 20170414
Endgame 20170413
ESET-NOD32 20170414
F-Prot 20170414
F-Secure 20170414
Fortinet 20170414
GData 20170414
Ikarus 20170414
Invincea 20170413
Jiangmin 20170414
K7AntiVirus 20170414
K7GW 20170414
Kingsoft 20170414
Malwarebytes 20170414
McAfee 20170412
McAfee-GW-Edition 20170414
Microsoft 20170414
eScan 20170414
NANO-Antivirus 20170414
nProtect 20170414
Palo Alto Networks (Known Signatures) 20170414
Panda 20170414
Qihoo-360 20170414
Rising 20170414
SentinelOne (Static ML) 20170330
Sophos 20170414
SUPERAntiSpyware 20170414
Symantec 20170413
Symantec Mobile Insight 20170414
Tencent 20170414
TheHacker 20170412
TrendMicro 20170414
TrendMicro-HouseCall 20170414
Trustlook 20170414
VBA32 20170414
VIPRE 20170414
ViRobot 20170414
Webroot 20170414
WhiteArmor 20170409
Yandex 20170413
Zillya 20170414
Zoner 20170414
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-11-19 20:46:53
Entry Point 0x0002980F
Number of sections 4
PE sections
PE imports
GetSystemTime
GetLastError
SystemTimeToFileTime
FreeLibrary
QueryPerformanceCounter
GetTickCount
OutputDebugStringA
LoadLibraryA
RtlUnwind
GetCurrentProcess
GetCurrentProcessId
UnhandledExceptionFilter
GetProcAddress
InterlockedCompareExchange
GetModuleHandleA
InterlockedExchange
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetSystemDirectoryA
GetCurrentThreadId
TerminateProcess
Sleep
GetVersion
htonl
ioctlsocket
WSAStartup
connect
htons
WSASetLastError
select
closesocket
inet_addr
send
getservbyport
ntohs
WSAGetLastError
gethostbyaddr
listen
gethostbyname
inet_ntoa
recv
setsockopt
socket
bind
getservbyname
coli_setCleanup
coli_create
coli_setProcess
coli_delete
coli_setValidate
mainWrapper
coli_setID
__p__fmode
malloc
toupper
realloc
wctomb
memset
fclose
_controlfp
strtoul
fopen
__pioinfo
_cexit
_itoa
_errno
memcpy
exit
sprintf
_fileno
_snprintf
__setusermatherr
__p__commode
_XcptFilter
_amsg_exit
fread
tolower
isleadbyte
?terminate@@YAXXZ
strrchr
_adjust_fdiv
free
_isatty
__getmainargs
calloc
_write
_exit
_stat
_lseeki64
__badioinfo
strchr
_initterm
_iob
memchr
__set_app_type
POSH_WriteU32ToLittle
Parameter_Socket_setValue
Parameter_Boolean_getValue
Parameter_Port_getValue
Parameter_U16_getValue
Params_findParamchoice
Parameter_U32_getValue
Parameter_IPv4_getValue
Paramchoice_getValue
Parameter_getType
Parameter_String_setValue
Parameter_S16_getValue
Parameter_U8_getValue
Parameter_U8_setValue
Params_findParameter
Parameter_Buffer_getValue
Parameter_String_getValue
Parameter_LocalFile_getValue
TcLog
TcLogBuffer
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2012:11:19 21:46:53+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
172032

LinkerVersion
9.0

EntryPoint
0x2980f

InitializedDataSize
39936

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 2a8d437f0b9ffac482750fe052223c3d
SHA1 b521f6dc045b56ad89bd46b4e2586f481aa3ebf0
SHA256 92c6a9e648bfd98bbceea3813ce96c6861487826d6b2c3d462debae73ed25b34
ssdeep
6144:bt90K/WxRCjaKLb6aJGK6zRWm5o2MjvhlAUPpAR/7V6uD46APMdm:bttKwjaKb6aJG4m5oXvhlAUPpAR/x6W2

authentihash a9fe813430c4f71ea4fbc6dfd6d812718ed77e71facae05e834ca32394b249f8
imphash 3435b3edce1e9970229bc56e4dd4d3ce
File size 206.5 KB ( 211456 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2017-04-14 11:31:04 UTC ( 2 weeks ago )
Last submission 2017-04-28 11:04:58 UTC ( 8 hours, 44 minutes ago )
File names Eternalsynergy-1.0.1.exe
eternalsynergy-1.0.1.exe
Eternalsynergy-1.0.1.exe
Eternalsynergy-1.0.1.exe
Eternalsynergy-1.0.1.exe
Eternalsynergy-1.0.1.exe
Eternalsynergy-1.0.1.exe
Eternalsynergy-1.0.1.exe
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!