× Cookies er deaktiveret! Denne side kræver cookies for at fungere korrekt
SHA256: 31f22693dcbc650b492c60f4ae571ce85dde006689fe97b50bb51f3ace44961c
Filnavn: BoostActiveProgram-x86.exe
Opdagelses forhold: 0 / 53
Undersøgelses dato: 2016-01-19 00:02:10 UTC ( 2 år, 6 månederiden )
Antivirus Resultat Opdatere
Ad-Aware 20160118
AegisLab 20160118
Yandex 20160118
AhnLab-V3 20160118
Alibaba 20160118
ALYac 20160118
Antiy-AVL 20160118
Arcabit 20160118
Avast 20160118
AVG 20160118
Baidu-International 20160118
BitDefender 20160118
Bkav 20160118
ByteHero 20160119
CAT-QuickHeal 20160118
ClamAV 20160118
CMC 20160111
Comodo 20160118
Cyren 20160118
DrWeb 20160118
Emsisoft 20160118
ESET-NOD32 20160119
F-Prot 20160118
F-Secure 20160119
Fortinet 20160118
GData 20160119
Ikarus 20160119
Jiangmin 20160119
K7AntiVirus 20160118
K7GW 20160118
Kaspersky 20160119
Malwarebytes 20160119
McAfee 20160119
McAfee-GW-Edition 20160119
Microsoft 20160119
eScan 20160119
NANO-Antivirus 20160119
nProtect 20160118
Panda 20160118
Qihoo-360 20160119
Rising 20160118
Sophos AV 20160118
SUPERAntiSpyware 20160118
Symantec 20160118
Tencent 20160119
TheHacker 20160116
TrendMicro 20160118
TrendMicro-HouseCall 20160118
VBA32 20160117
VIPRE 20160118
ViRobot 20160118
Zillya 20160118
Zoner 20160118
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© 2001-2016 J.Malmgren - www.TryWare90

Product DeployMaster
Internal name Setup
File version 1.0.0.0
Description BoostActiveProgram
Comments This installation package is built with Just Great Software DeployMaster. Please visit http://www.DeployMaster.com for more information.
Packers identified
PEiD BobSoft Mini Delphi -> BoB / BobSoft
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-12-21 09:42:25
Entry Point 0x000080BC
Number of sections 8
PE sections
Overlays
MD5 4b9960438795e3f820d706759d88e35e
File type data
Offset 50688
Size 18945518
Entropy 8.00
PE imports
RegOpenKeyExA
FreeSid
RegQueryValueExA
RegCloseKey
AllocateAndInitializeSid
GetStdHandle
WaitForSingleObject
FreeLibrary
ExitProcess
GetVersionExA
GetModuleFileNameA
RtlUnwind
GetStartupInfoA
LocalAlloc
DeleteFileA
UnhandledExceptionFilter
MultiByteToWideChar
GetCommandLineA
GetProcAddress
SetFilePointer
GetTempPathA
RaiseException
WideCharToMultiByte
GetModuleHandleA
ReadFile
WriteFile
GetCurrentProcess
FindFirstFileA
GetACP
CreateProcessA
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
TlsSetValue
CreateFileA
GetCurrentThreadId
VirtualAlloc
GetFileSize
CloseHandle
SysReAllocStringLen
SysFreeString
SysAllocStringLen
ShellExecuteExA
MessageBoxA
GetKeyboardType
CharNextA
DestroyWindow
Number of PE resources by type
RT_ICON 5
RT_RCDATA 2
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 8
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
This installation package is built with Just Great Software DeployMaster. Please visit http://www.DeployMaster.com for more information.

InitializedDataSize
20480

ImageVersion
0.0

ProductName
DeployMaster

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
2.25

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.0

TimeStamp
2015:12:21 10:42:25+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Setup

ProductVersion
1.0.0

FileDescription
BoostActiveProgram

OSVersion
4.0

FileOS
Win32

LegalCopyright
2001-2016 J.Malmgren - www.TryWare90

MachineType
Intel 386 or later, and compatibles

CompanyName
TryWare90Days

CodeSize
29184

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x80bc

ObjectFileType
Executable application

File identification
MD5 e0b404ddec585d00d3f318da578adbed
SHA1 3693e58bdec70b84ca53f0cd85aaa1a05702f056
SHA256 31f22693dcbc650b492c60f4ae571ce85dde006689fe97b50bb51f3ace44961c
ssdeep
393216:Vx5HV0b4ZWQ620dxgWXeYkzJZEY0OMgATbEokQPde/gRdhxiRvMxe3rf0I:jUVpdxgWXvA3EY0X0okQPdrxihYebcI

authentihash 8168affd7d3bc5dcb28289c122560119005e2a23e4d5e6ae62926eb075fa7c73
imphash a8a131e17abf50f28b49a7b35aff709f
File size 18.1 MB ( 18996206 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Delphi generic (45.2%)
Win32 Dynamic Link Library (generic) (20.9%)
Win32 Executable (generic) (14.3%)
Win16/32 Executable Delphi generic (6.6%)
Generic Win/DOS Executable (6.3%)
Tags
peexe bobsoft overlay

VirusTotal metadata
First submission 2016-01-19 00:02:10 UTC ( 2 år, 6 månederiden )
Last submission 2016-01-19 00:02:10 UTC ( 2 år, 6 månederiden )
Filnavne Setup
BoostActiveProgram-x86.exe
Ingen kommentarer. Ingen af VirusTotal's medlemmer har kommenteret denne enhed, bliv den første til at gøre dette.

Efterlad din kommentar...

?
Send kommentar

Du er ikke logget ind. Kun registrerede brugere kan skrive kommentarer, log ind!

Ingen stemmer. Ingen har bedømt denne enhed endnu, bliv den første der gør det!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Runtime DLLs
UDP communications