× Бисквитките са забранени! Този сайт изисква бисквитките да бъдат разрешени, за да работи правилно.
SHA256: eb856e4bc44a489e6f23f1b6c9cb81bc783f721ecbff1302ff6d1648189752c0
Име на файла: prep1.exe
Съотношение на разпознаване: 13 / 66
Дата на анализиране: 2018-02-01 15:16:07 UTC (преди 1 година, 3 месеци) Преглед на последния
Антивирусен софтуер Резултат Версия на обновление
Avast FileRepMalware 20180201
AVG FileRepMalware 20180201
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20170201
Cylance Unsafe 20180201
Endgame malicious (high confidence) 20171130
Kaspersky UDS:DangerousObject.Multi.Generic 20180201
McAfee-GW-Edition BehavesLike.Win32.Fareit.dm 20180201
Palo Alto Networks (Known Signatures) generic.ml 20180201
Qihoo-360 HEUR/QVM03.0.EA41.Malware.Gen 20180201
SentinelOne (Static ML) static engine - malicious 20180115
Symantec Trojan.Smoaler 20180201
Webroot W32.Trojan.Gen 20180201
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180201
Ad-Aware 20180201
AegisLab 20180201
AhnLab-V3 20180201
Alibaba 20180201
ALYac 20180201
Antiy-AVL 20180201
Arcabit 20180201
Avast-Mobile 20180201
Avira (no cloud) 20180201
AVware 20180201
Baidu 20180201
BitDefender 20180201
Bkav 20180201
CAT-QuickHeal 20180201
ClamAV 20180201
CMC 20180201
Comodo 20180201
Cybereason 20171103
Cyren 20180201
DrWeb 20180201
eGambit 20180201
Emsisoft 20180201
ESET-NOD32 20180201
F-Prot 20180201
F-Secure 20180201
Fortinet 20180201
GData 20180201
Sophos ML 20180121
Jiangmin 20180201
K7AntiVirus 20180201
K7GW 20180131
Kingsoft 20180201
Malwarebytes 20180201
MAX 20180201
McAfee 20180201
Microsoft 20180201
eScan 20180201
NANO-Antivirus 20180201
nProtect 20180201
Panda 20180201
Rising 20180201
Sophos AV 20180201
SUPERAntiSpyware 20180201
Symantec Mobile Insight 20180201
Tencent 20180201
TheHacker 20180130
TotalDefense 20180201
TrendMicro 20180201
TrendMicro-HouseCall 20180201
Trustlook 20180201
VBA32 20180201
VIPRE 20180201
ViRobot 20180201
Yandex 20180130
Zillya 20180131
Zoner 20180201
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Einvernehmen mit dem Erhalter

Product Lines
Original name Lines.exe
Internal name Lines
File version 1.00
Description Einvernehmen mit dem Erhalter
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-02-01 12:52:40
Entry Point 0x00001A8C
Number of sections 3
PE sections
PE imports
_adj_fdiv_m32
__vbaChkstk
EVENT_SINK_Release
__vbaGenerateBoundsError
_allmul
EVENT_SINK_Invoke
__vbaAryUnlock
_adj_fprem
EVENT_SINK_AddRef
__vbaAryMove
_adj_fpatan
_adj_fdiv_m32i
__vbaFreeObjList
EVENT_SINK_GetIDsOfNames
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaSetSystemError
__vbaFreeVarList
DllFunctionCall
__vbaFPException
Zombie_GetTypeInfoCount
_adj_fdivr_m16i
__vbaUbound
__vbaVarAdd
_adj_fdiv_r
Ord(100)
Zombie_GetTypeInfo
_adj_fdivr_m64
__vbaFreeVar
__vbaObjSetAddref
__vbaVarLateMemCallLd
_adj_fdiv_m64
__vbaFreeObj
_CIsin
_CIsqrt
__vbaHresultCheckObj
_CIlog
__vbaAryLock
_CIcos
__vbaVarTstEq
_adj_fptan
__vbaVarSub
__vbaObjSet
__vbaVarLateMemSt
_CIatan
__vbaNew2
__vbaOnError
_adj_fdivr_m32i
__vbaAryDestruct
_CIexp
_adj_fprem1
_adj_fdivr_m32
__vbaVar2Vec
_CItan
_adj_fdiv_m16i
Number of PE resources by type
RT_ICON 3
PCKANDROID6.0 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
49152

ImageVersion
1.0

ProductName
Lines

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
Lines.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0

TimeStamp
2018:02:01 13:52:40+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Lines

ProductVersion
1.0

FileDescription
Einvernehmen mit dem Erhalter

OSVersion
4.0

FileOS
Win32

LegalCopyright
Einvernehmen mit dem Erhalter

MachineType
Intel 386 or later, and compatibles

CompanyName
Buines 2.0

CodeSize
180224

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x1a8c

ObjectFileType
Executable application

File identification
MD5 7a71a7988a0822b8d2e5421ff432dea2
SHA1 4870a20d4f5c47dde65cb64fbbb427d6e51354af
SHA256 eb856e4bc44a489e6f23f1b6c9cb81bc783f721ecbff1302ff6d1648189752c0
ssdeep
3072:pbzsxRzvT9vUErzYV4xRONntlk7AJBqQrL+tUErhc:CFhUEvA4xRAtGtUEm

authentihash 0203544769ad214f2b9e854991f332ebead1442c2edd6a855d512eee8f11c7f0
imphash 68402cd455ef1695e7ef7002eacd7902
File size 228.0 KB ( 233472 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (88.6%)
Win32 Executable (generic) (4.8%)
OS/2 Executable (generic) (2.1%)
Generic Win/DOS Executable (2.1%)
DOS Executable Generic (2.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-02-01 15:16:07 UTC (преди 1 година, 3 месеци)
Last submission 2018-07-01 01:48:53 UTC (преди 10 месеци, 4 седмици)
Имена на файла 4870a20d4f5c47dde65cb64fbbb427d6e51354af
Lines
prep1.exe
Lines.exe
prep1.exe
Advanced heuristic and reputation engines
Няма коментари. Никой не е коментирал това, бъдете първи!

Оставете своя коментар…

?
Публикуване

Не сте влезли в акаунта си. Само регистрирани потребители могат да коментират. Влезте и оставете своя коментар!

Няма гласове. Никой не е гласувал за това все още, бъдете първи!