× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c501131d7255725e26cf6351d21261a5bde58e9a996930f435d1008dc26a388c
File name: malware.exe
Detection ratio: 4 / 54
Analysis date: 2016-07-22 14:28:12 UTC ( 1 year, 3 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160722
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.cc 20160722
Qihoo-360 QVM20.1.Malware.Gen 20160722
VBA32 Heur.Trojan.Hlux 20160722
Ad-Aware 20160722
AegisLab 20160722
AhnLab-V3 20160722
Alibaba 20160722
ALYac 20160722
Antiy-AVL 20160722
Arcabit 20160722
Avast 20160722
AVG 20160722
Avira (no cloud) 20160722
AVware 20160722
BitDefender 20160722
Bkav 20160722
CAT-QuickHeal 20160721
ClamAV 20160722
CMC 20160715
Comodo 20160722
Cyren 20160722
DrWeb 20160722
Emsisoft 20160722
ESET-NOD32 20160722
F-Prot 20160722
F-Secure 20160722
Fortinet 20160722
GData 20160722
Ikarus 20160722
Jiangmin 20160722
K7AntiVirus 20160722
K7GW 20160722
Kaspersky 20160722
Kingsoft 20160722
Malwarebytes 20160722
McAfee 20160721
Microsoft 20160722
eScan 20160722
NANO-Antivirus 20160722
nProtect 20160722
Panda 20160722
Sophos AV 20160722
SUPERAntiSpyware 20160722
Symantec 20160722
Tencent 20160722
TheHacker 20160722
TrendMicro 20160722
TrendMicro-HouseCall 20160722
VIPRE 20160722
ViRobot 20160722
Yandex 20160721
Zillya 20160722
Zoner 20160722
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2004-2008 Yahoo! Inc.

Product Yahoo! Widget
Original name YahooWidgetEngine.dll
Internal name Yahoo! Widget
File version 2.5.2
Description Yahoo! Widgets
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-07-22 09:44:23
Entry Point 0x00005F5D
Number of sections 5
PE sections
Overlays
MD5 de74209117fc9cc9473d0ef04deca3d5
File type data
Offset 105472
Size 3091
Entropy 7.94
PE imports
CryptDestroyKey
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
RegQueryValueExA
RegCreateKeyW
AdjustTokenPrivileges
CryptVerifySignatureW
LookupPrivilegeValueW
RegOpenKeyExW
RegRestoreKeyW
CryptHashData
RegQueryValueExW
CryptCreateHash
RegOpenKeyA
OpenProcessToken
RegEnumKeyW
RegOpenKeyW
RegOpenKeyExA
RegQueryValueW
CryptReleaseContext
CryptGetUserKey
RegQueryInfoKeyW
RegEnumKeyExW
OpenThreadToken
GetUserNameA
CryptDestroyHash
CryptAcquireContextW
RegDeleteValueW
RegSetValueExW
GetSaveFileNameW
CommDlgExtendedError
GetFileTitleW
SetGraphicsMode
Polygon
TextOutW
CreateFontIndirectW
GetGlyphOutlineW
CreatePen
SaveDC
SetTextAlign
GetTextMetricsA
CombineRgn
GetClipBox
ModifyWorldTransform
GetPixel
Rectangle
SetMapMode
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
GetCharacterPlacementW
SetWorldTransform
DeleteObject
GetObjectW
CreateDCW
CreateDIBSection
RealizePalette
SetTextColor
CreatePatternBrush
GetBkColor
GetClipRgn
ExtTextOutW
GetOutlineTextMetricsA
CreateBitmap
BitBlt
CreatePalette
EnumFontFamiliesExW
SetViewportOrgEx
ScaleWindowExtEx
GetFontData
PtVisible
GetDIBits
ExtCreateRegion
GdiFlush
SetBrushOrgEx
SelectClipRgn
CreateCompatibleDC
CreateFontW
Escape
SelectPalette
ScaleViewportExtEx
CreateRectRgn
SelectObject
SetPolyFillMode
CreateCompatibleBitmap
SetWindowExtEx
GetBrushOrgEx
CreateSolidBrush
SetViewportExtEx
GetStockObject
SetPixelV
SetBkColor
GetTextExtentPoint32W
Ellipse
RectVisible
ImmReleaseContext
ImmGetContext
GetAdaptersInfo
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
WaitForSingleObject
GetDriveTypeA
HeapDestroy
EnumUILanguagesW
GetFileAttributesW
DuplicateHandle
GetLocalTime
GetProfileIntA
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
UnhandledExceptionFilter
CheckNameLegalDOS8Dot3W
GetFileInformationByHandle
SetErrorMode
GetLogicalDrives
FreeEnvironmentStringsW
GetLocaleInfoW
EnumResourceLanguagesW
GetFileTime
WideCharToMultiByte
GetStringTypeA
InterlockedExchange
WriteFile
GetProfileIntW
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
FormatMessageW
ResumeThread
CreateEventW
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
FormatMessageA
SetFileAttributesW
GetCurrentThread
SetLastError
GetUserDefaultUILanguage
GetSystemTime
DeviceIoControl
InitializeCriticalSection
CopyFileW
FindAtomA
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
GlobalFindAtomW
LoadLibraryA
SetProcessWorkingSetSize
OpenWaitableTimerA
SetThreadPriority
WritePrivateProfileSectionW
GetVolumeInformationW
TlsGetValue
MultiByteToWideChar
SetFilePointerEx
GetSystemPowerStatus
MoveFileW
GetModuleHandleA
GetFullPathNameW
GlobalAddAtomW
CreateThread
SetEnvironmentVariableW
CreatePipe
GetExitCodeThread
GlobalAddAtomA
SetUnhandledExceptionFilter
ConvertDefaultLocale
CreateMutexW
MulDiv
GetDateFormatA
ExitThread
SetEnvironmentVariableA
TerminateProcess
CreateSemaphoreW
WriteConsoleA
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
GetDiskFreeSpaceExW
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
AddAtomA
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
LoadLibraryW
GlobalGetAtomNameW
GetVersionExW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
lstrcmpiW
RtlUnwind
FreeLibrary
LocalLock
GetStartupInfoA
UnlockFile
GetFileSize
GlobalDeleteAtom
OpenProcess
GetModuleHandleW
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GlobalLock
AddAtomW
GetProcessHeap
GetTempFileNameW
CreateFileMappingW
CompareStringW
GetFileSizeEx
GlobalReAlloc
RemoveDirectoryW
ExpandEnvironmentStringsW
lstrcmpA
FindNextFileW
CompareStringA
GetComputerNameA
FindFirstFileW
lstrcmpW
GetProcAddress
GetTimeZoneInformation
CreateFileW
VirtualProtectEx
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LocalUnlock
LeaveCriticalSection
GetLastError
LocalReAlloc
SystemTimeToFileTime
LCMapStringW
HeapCreate
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
FindResourceW
LCMapStringA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
GetCPInfo
CreateProcessW
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
WritePrivateProfileStringW
SuspendThread
RaiseException
ReleaseSemaphore
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
GlobalFlags
LoadLibraryExW
CloseHandle
GetACP
GetVersion
FreeResource
GetFileAttributesExW
SetStdHandle
GetEnvironmentStrings
UnmapViewOfFile
GetTempPathW
VirtualQuery
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
GetTimeFormatA
VarUI4FromStr
VariantChangeType
LoadRegTypeLib
VariantTimeToSystemTime
SafeArrayGetElement
SystemTimeToVariantTime
RegisterTypeLib
SafeArrayGetDim
VariantClear
SysAllocString
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetVartype
UnRegisterTypeLib
SafeArrayGetLBound
LoadTypeLib
SysFreeString
SafeArrayCopy
VariantInit
SysStringLen
EnumProcesses
EnumProcessModules
GetModuleBaseNameW
DragQueryFileW
SHQueryRecycleBinW
SHEmptyRecycleBinW
SHCreateDirectoryExW
DragFinish
SHGetFolderLocation
SHFileOperationW
ShellExecuteW
SHGetPathFromIDListW
ExtractIconExW
SHGetDesktopFolder
Shell_NotifyIconW
SHGetMalloc
CommandLineToArgvW
SHBrowseForFolderW
PathFindFileNameW
SHCopyKeyW
PathIsUNCW
PathFindExtensionW
PathStripToRootW
PathMakeSystemFolderW
PathUnmakeSystemFolderW
MapWindowPoints
GetMessagePos
RedrawWindow
UnregisterHotKey
SetMenuItemBitmaps
LoadBitmapW
SetRectEmpty
DestroyMenu
PostQuitMessage
GetForegroundWindow
SetWindowPos
IsWindow
GrayStringW
ScreenToClient
WindowFromPoint
GetMessageTime
SetMenuItemInfoW
SetActiveWindow
GetMenuItemID
GetCursorPos
ReleaseDC
GetMenuStringW
SendMessageW
UnregisterClassA
SendMessageA
UnregisterClassW
GetClassInfoW
DefWindowProcW
AllowSetForegroundWindow
DrawTextW
GetNextDlgTabItem
InSendMessage
CallNextHookEx
GetClientRect
GetTopWindow
RegisterHotKey
MapVirtualKeyExW
EnumClipboardFormats
GetWindowTextLengthW
LoadAcceleratorsW
GetActiveWindow
PtInRect
DrawEdge
GetClassInfoExW
UpdateWindow
GetPropW
EqualRect
GetMenuState
CreateCaret
GetWindowTextW
GetMessageW
ShowWindow
GetCaretPos
DrawFrameControl
SetPropW
EnumDisplayMonitors
PeekMessageW
SetWindowsHookExW
InsertMenuItemW
CharUpperW
GetSystemMenu
TranslateMessage
IsWindowEnabled
GetWindow
DestroyCaret
SetClipboardData
GetIconInfo
MsgWaitForMultipleObjects
SetParent
RegisterClassW
CharLowerA
GetWindowPlacement
LoadStringW
IsIconic
TrackPopupMenuEx
DrawFocusRect
SetTimer
ShowOwnedPopups
FillRect
CopyRect
GetSysColorBrush
GetDialogBaseUnits
CreateWindowExW
TabbedTextOutW
EndPaint
GetMenuItemInfoW
DragDetect
SetFocus
RegisterWindowMessageW
GetMonitorInfoW
BeginPaint
OffsetRect
SetCaretPos
ReleaseCapture
KillTimer
TrackMouseEvent
GetComboBoxInfo
CharPrevW
GetClipboardData
GetParent
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetCapture
DrawIcon
DrawTextExW
SendDlgItemMessageW
PostMessageW
MonitorFromRect
CheckDlgButton
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetClassLongW
GetLastActivePopup
SetWindowTextW
GetDlgItem
GetMenuCheckMarkDimensions
SetCursor
BringWindowToTop
ClientToScreen
GetScrollInfo
GetAsyncKeyState
TrackPopupMenu
PostThreadMessageW
GetMenuItemCount
ValidateRect
IsDialogMessageW
LoadCursorW
LoadIconW
ReuseDDElParam
DispatchMessageW
InsertMenuW
SetForegroundWindow
OpenClipboard
EmptyClipboard
GetCaretBlinkTime
CreateDialogIndirectParamW
IntersectRect
SetLayeredWindowAttributes
EndDialog
VkKeyScanExW
GetKeyboardLayout
FindWindowW
GetCapture
GetDlgCtrlID
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
DeferWindowPos
BeginDeferWindowPos
MessageBoxW
GetMenu
RegisterClassExW
SetMenu
MoveWindow
DialogBoxIndirectParamW
AppendMenuW
GetWindowDC
AdjustWindowRectEx
GetSysColor
RegisterClipboardFormatW
GetKeyState
EndDeferWindowPos
SystemParametersInfoA
UpdateLayeredWindow
GetDoubleClickTime
DestroyIcon
GetWindowLongW
IsWindowVisible
WinHelpW
GetDesktopWindow
UnpackDDElParam
SystemParametersInfoW
GetDC
FrameRect
SetRect
DeleteMenu
InvalidateRect
CharNextW
CallWindowProcW
GetClassNameW
DestroyWindow
ModifyMenuW
EnableMenuItem
IsRectEmpty
GetFocus
EnableWindow
CloseClipboard
TranslateAcceleratorW
UnhookWindowsHookEx
RemovePropW
InternetTimeFromSystemTimeW
HttpQueryInfoW
InternetGetLastResponseInfoW
InternetConnectW
InternetReadFile
InternetTimeToSystemTimeW
InternetSetOptionW
InternetGetConnectedState
InternetErrorDlg
InternetCloseHandle
HttpSendRequestW
InternetOpenW
HttpOpenRequestW
HttpAddRequestHeadersW
mixerGetLineControlsW
mixerGetControlDetailsW
mciGetErrorStringW
mixerOpen
mixerSetControlDetails
mciSendCommandW
mixerClose
mixerGetDevCapsW
mixerGetLineInfoW
GdipDrawImageRectRect
GdipGetFontStyle
GdipDrawRectangleI
GdipCreateLineBrushFromRectWithAngleI
GdipSaveGraphics
GdipGetGenericFontFamilySansSerif
GdipTranslateMatrix
GdipSetPenBrushFill
GdipCreateBitmapFromScan0
GdipGetImageVerticalResolution
GdipDisposeImage
GdipImageSelectActiveFrame
GdipGetFamilyName
GdipGetFontSize
GdipGetCompositingMode
GdipGetTextRenderingHint
GdipGetCellAscent
GdipGetClipBounds
GdipSetStringFormatAlign
GdipImageGetFrameCount
GdipGetImageWidth
GdipDrawImageI
GdipStringFormatGetGenericTypographic
GdipCreateFont
GdipCloneBrush
GdipCloneStringFormat
GdipSetClipRect
GdipFree
GdipGetImageRawFormat
GdipGetImageHeight
GdipDeleteStringFormat
GdipTranslateWorldTransform
GdipSetPenDashStyle
GdipSetTextRenderingHint
GdipCreateBitmapFromHICON
GdipGetImageHorizontalResolution
GdipSetImageAttributesColorMatrix
GdipSaveImageToFile
GdipMeasureString
GdipTransformMatrixPoints
GdipBitmapSetResolution
GdiplusStartup
GdipDrawImageRectRectI
GdipGetFamily
GdipFillPath
GdipCreateBitmapFromStream
GdipGetImageThumbnail
GdipGetImageEncoders
GdipFillRectangleI
GdipDisposeImageAttributes
GdipSetCompositingMode
GdipClosePathFigure
GdipCreateMatrix
GdipDrawLine
GdipRotateMatrix
GdipGetImageGraphicsContext
GdipRestoreGraphics
GdipGetImageEncodersSize
GdipBitmapLockBits
GdipClonePen
GdipGetCellDescent
GdipStringFormatGetGenericDefault
GdipDrawPath
GdipDeleteFontFamily
GdipCloneFontFamily
GdipCreatePath
GdipBitmapUnlockBits
GdipFillRectangle
GdipDeleteFont
GdipSetPixelOffsetMode
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipDrawLineI
GdipBitmapGetPixel
GdipCreateFontFamilyFromName
GdipSetStringFormatFlags
GdipDeleteBrush
GdipRotateWorldTransform
GdipInvertMatrix
GdipAddPathArcI
GdipSetMatrixElements
GdipSetClipRectI
GdipGetStringFormatFlags
GdipGetClipBoundsI
GdipGetImagePixelFormat
GdipCreateSolidFill
GdipSetSmoothingMode
GdipSetStringFormatTrimming
GdipGetEmHeight
GdipGetDC
GdipDeleteMatrix
GdipGetLineSpacing
GdipDeleteGraphics
GdipTransformPath
GdipCreateImageAttributes
GdipCreateFromHDC
GdipCreatePen1
GdipDrawRectangle
GdipAlloc
GdipDeletePath
GdipDeletePen
GdipSetInterpolationMode
GdipDrawString
GdipCloneImage
GdipReleaseDC
_CIsin
free
isalpha
exit
calloc
_exit
_wtoi
CreateStreamOnHGlobal
OleLockRunning
CLSIDFromProgID
CoInitialize
CoTaskMemAlloc
CoRevokeClassObject
CoLockObjectExternal
CoUninitialize
OleSetContainedObject
RegisterDragDrop
CoCreateInstance
CoTaskMemRealloc
CLSIDFromString
CoRegisterClassObject
RevokeDragDrop
CoCreateInstanceEx
CoCreateGuid
CoTaskMemFree
StringFromGUID2
OleInitialize
OleUIBusyW
Ord(8)
SnmpUtilOidCpy
SnmpUtilOidNCmp
SnmpUtilVarBindFree
CreateURLMonikerEx
Number of PE resources by type
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.5.2.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
1106944

EntryPoint
0x5f5d

OriginalFileName
YahooWidgetEngine.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2004-2008 Yahoo! Inc.

FileVersion
2.5.2

TimeStamp
2016:07:22 10:44:23+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Yahoo! Widget

ProductVersion
2.5.2

FileDescription
Yahoo! Widgets

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Yahoo! Inc.

CodeSize
45568

ProductName
Yahoo! Widget

ProductVersionNumber
2.5.2.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 d171f521f342bcd7c8ed0a195653c8e8
SHA1 38bf7e3e549100875a3ebbed9ede863ed4554d88
SHA256 c501131d7255725e26cf6351d21261a5bde58e9a996930f435d1008dc26a388c
ssdeep
3072:E9jS7V7iisvZ/DBkx//bGp2+4Y1uF04uneNsX+K7B0:E9+7hit5tkJxZFLK7B0

authentihash 22d6b305dfc9da767855dd84e96c5b238045c279cb9f0945cf8d212cc04ec886
imphash 73239fca67291d136d8a314d20fe00ac
File size 106.0 KB ( 108563 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-07-22 14:28:12 UTC ( 1 year, 3 months ago )
Last submission 2016-07-23 18:51:41 UTC ( 1 year, 3 months ago )
File names alware.exe
YahooWidgetEngine.dll
malware.exe
Yahoo! Widget
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Opened mutexes
Runtime DLLs