× Бисквитките са забранени! Този сайт изисква бисквитките да бъдат разрешени, за да работи правилно.
SHA256: 7291ff50759ebc04c9bf9a09e78dbf8a3b77df2bca433633a9c8de291d3f2e3d
Име на файла: vmsnap3.exe
Съотношение на разпознаване: 0 / 47
Дата на анализиране: 2013-11-09 08:08:11 UTC (преди 5 години, 5 месеци) Преглед на последния
Антивирусен софтуер Резултат Версия на обновление
Yandex 20131108
AhnLab-V3 20131108
AntiVir 20131109
Antiy-AVL 20131107
Avast 20131109
AVG 20131108
Baidu-International 20131109
BitDefender 20131109
Bkav 20131109
ByteHero 20131105
CAT-QuickHeal 20131109
ClamAV 20131109
Commtouch 20131109
Comodo 20131109
DrWeb 20131109
Emsisoft 20131109
ESET-NOD32 20131109
F-Prot 20131109
F-Secure 20131109
Fortinet 20131109
GData 20131109
Ikarus 20131109
Jiangmin 20131109
K7AntiVirus 20131108
K7GW 20131108
Kaspersky 20131108
Kingsoft 20130829
Malwarebytes 20131109
McAfee 20131109
McAfee-GW-Edition 20131109
Microsoft 20131109
eScan 20131109
NANO-Antivirus 20131109
Norman 20131109
nProtect 20131108
Panda 20131108
Rising 20131108
Sophos AV 20131109
SUPERAntiSpyware 20131109
Symantec 20131109
TheHacker 20131107
TotalDefense 20131108
TrendMicro 20131109
TrendMicro-HouseCall 20131109
VBA32 20131108
VIPRE 20131109
ViRobot 20131109
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2004 Vimicro Corporation

Product BIGDOG
Original name BigDog.exe
Internal name BIGDOG
File version 4, 2, 1124, 6
Description Vimicro
Comments For Windows XP only
Packers identified
PEiD InstallShield 2000
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-07-18 08:15:17
Entry Point 0x00002BF0
Number of sections 4
PE sections
PE imports
RegQueryValueExA
RegCloseKey
RegOpenKeyA
GetLastError
HeapFree
GetStdHandle
LCMapStringW
HeapCreate
GetOEMCP
LCMapStringA
HeapDestroy
ExitProcess
IsBadWritePtr
GetEnvironmentStringsW
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
GetStartupInfoA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
MultiByteToWideChar
SetHandleCount
GetCommandLineA
GetProcAddress
GetFileType
SetStdHandle
CreateMutexA
GetModuleHandleA
GetCPInfo
MapViewOfFile
GetStringTypeA
SetFilePointer
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
CloseHandle
CreateFileMappingA
GetACP
GetStringTypeW
TerminateProcess
CreateProcessA
UnmapViewOfFile
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
HeapAlloc
GetVersion
VirtualAlloc
SysFreeString
SysAllocString
LoadAcceleratorsA
GetMessageA
RegisterDeviceNotificationA
CreateWindowExA
DispatchMessageA
TranslateAcceleratorA
PostQuitMessage
UnregisterDeviceNotification
KillTimer
SetTimer
TranslateMessage
DefWindowProcA
RegisterClassExA
KsSynchronousDeviceControl
CoUninitialize
CoInitialize
CoCreateInstance
CreateBindCtx
CoGetMalloc
MkParseDisplayName
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
CHINESE SIMPLIFIED 1
PE resources
ExifTool file metadata
CodeSize
24576

SubsystemVersion
4.0

Comments
For Windows XP only

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.2.1124.6

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Vimicro

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
32768

EntryPoint
0x2bf0

OriginalFileName
BigDog.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2004 Vimicro Corporation

FileVersion
4, 2, 1124, 6

TimeStamp
2006:07:18 09:15:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
BIGDOG

ProductVersion
4, 2, 1124, 6

UninitializedDataSize
0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Vimicro

LegalTrademarks
BIGDOG

ProductName
BIGDOG

ProductVersionNumber
4.2.1124.6

FileTypeExtension
exe

ObjectFileType
Executable application

Execution parents
PE resource-wise parents
Compressed bundles
File identification
MD5 0b1e2a37aab87034314d8014f23221b2
SHA1 e1b50e099d12fef1664d5bb4d781415c87784e85
SHA256 7291ff50759ebc04c9bf9a09e78dbf8a3b77df2bca433633a9c8de291d3f2e3d
ssdeep
384:QJBtHKuUuUyB+/ugg2DRBlgQbBVl+UCrmZx3K9T33X/WfwO++5kRO04yRQ2sdPbE:iBtHE8uCQcCDomcP4yayjs157JKR

authentihash fd36a1032b2c1fee4d9997a8618897ad98c497c3c530edb62fc9db0d227596d9
imphash cf467d35f5d92d930a092771d9d898d2
File size 48.0 KB ( 49152 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe installshield

VirusTotal metadata
First submission 2009-02-12 20:37:46 UTC (преди 10 години, 2 месеци)
Last submission 2018-12-01 13:13:15 UTC (преди 4 месеци, 3 седмици)
Имена на файла un_20110514_3.exe
VMSnap3.exe
Paizhao.exe
0b1e2a37aab87034314d8014f23221b2
VMSnap3.EXE
BigDog.exe
BIGDOG
vmsnap3.exe
vmsnap33.exe
smona131924018073761080515
e1b50e099d12fef1664d5bb4d781415c87784e85.bin
VMSnap3.exe
avz00003.dta
C__Windows_VMSnap3.exe
file-3321687_exe
smona131923784407533752186
asd
VMSnap3.exe
DD2C7A0F007548DEC07D0070E47BE60066157D44.exe
VMSnap3.exe.
vmsnap3.exe
0B1E2A37AAB87034314D8014F23221B2
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Няма коментари. Никой не е коментирал това, бъдете първи!

Оставете своя коментар…

?
Публикуване

Не сте влезли в акаунта си. Само регистрирани потребители могат да коментират. Влезте и оставете своя коментар!

Няма гласове. Никой не е гласувал за това все още, бъдете първи!