2014_06rechnung_0020273640_sign_telekom_deutschland_gmbh.exe

Jisblbnl Glof Pbslrtm

Tybjo

Publisher:
Tybjo

Product:
Jisblbnl Glof Pbslrtm

Description:
Jisblbnl Dwtvb

Version:
16.17.2106.43733

MD5:
f1f9638369cf72661f987d25e7571bc4

SHA-1:
9a6137828a361b41c34aa3a3a6ca95e904aea327

SHA-256:
e1bc95f4cc59602c07c384aae5be42adc6ddfde827fc23f562a8d4c005c60b85

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/5/2016 3:33:16 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Luhe.Fiha.A
2015.0.3448

CMC Antivirus
Packed.Win32.Katusha.3!O
1.1.0.977

Qihoo 360 Security
HEUR/Malware.QVM20.Gen
1.0.0.1015

Sophos
Mal/Generic-S
4.98

File size:
185 KB (189,440 bytes)

Product version:
16.17.2106.43733

Copyright:
Tybjo

Original file name:
Jisblbnl.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\2014_06rechnung_0020273640_sign_telekom_deutschland_gmbh.exe

File PE Metadata
Compilation timestamp:
2/26/2014 4:11:53 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:i+1rGL4zujk6Ad9BxbfbSaiwn2JBXBZoghpCniC4:i068cBwn2JBXBCghpCnA

Entry address:
0x5294

Entry point:
55, 8B, EC, 83, EC, 28, 56, 53, 57, 33, DB, E8, B9, FB, FF, FF, 83, 3D, 90, 95, 40, 00, 01, 74, 02, EB, 28, 33, C0, 5F, 5B, 5E, 8B, E5, 5D, C3, 5B, 8B, D3, 8B, 0D, 14, 8B, 40, 00, 2B, D1, 89, 55, F8, FF, 75, F8, 89, 1D, 88, 84, 40, 00, FF, 15, 88, 84, 40, 00, EB, D8, 68, 00, 97, 40, 00, 8B, DD, 03, 1D, 18, 8C, 40, 00, 8D, 75, E8, 89, 5D, E4, FF, 75, E4, 8F, 06, FF, 75, E8, 8B, 55, CC, 89, 55, DC, FF, 75, DC, 8B, 4D, D4, 8D, 55, F0, 89, 0D, 24, 91, 40, 00, FF, 35, 24, 91, 40, 00, 8F, 02, 8B, 4D, F0, 89, 4D...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
18 KB (18,432 bytes)