× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 24549907b347555af99e0cc36d32c1845b2530030c5eed3c8aac08da948c5283
Dateiname: LandOfRails Setup.exe
Erkennungsrate: 0 / 68
Analyse-Datum: 2018-10-03 20:06:04 UTC ( vor 2 Monate, 1 Woche ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Ad-Aware 20181003
AegisLab 20181003
AhnLab-V3 20181003
Alibaba 20180921
ALYac 20181003
Antiy-AVL 20181003
Arcabit 20181003
Avast 20181003
Avast-Mobile 20181003
AVG 20181003
Avira (no cloud) 20181003
AVware 20180925
Babable 20180918
Baidu 20180930
BitDefender 20181003
Bkav 20181003
CAT-QuickHeal 20181001
ClamAV 20181003
CMC 20181003
Comodo 20181003
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20181003
Cyren 20181003
DrWeb 20181003
eGambit 20181003
Emsisoft 20181003
Endgame 20180730
ESET-NOD32 20181003
F-Prot 20181003
F-Secure 20181003
Fortinet 20181003
GData 20181003
Ikarus 20181003
Sophos ML 20180717
Jiangmin 20181003
K7AntiVirus 20181003
K7GW 20181003
Kaspersky 20181003
Kingsoft 20181003
Malwarebytes 20181003
MAX 20181003
McAfee 20181003
McAfee-GW-Edition 20181003
Microsoft 20181003
eScan 20181003
NANO-Antivirus 20181003
Palo Alto Networks (Known Signatures) 20181003
Panda 20181003
Qihoo-360 20181003
Rising 20181003
SentinelOne (Static ML) 20180926
Sophos AV 20181003
SUPERAntiSpyware 20180907
Symantec 20181003
Symantec Mobile Insight 20181001
TACHYON 20181003
Tencent 20181003
TheHacker 20181001
TrendMicro 20181003
TrendMicro-HouseCall 20181003
Trustlook 20181003
VBA32 20181003
VIPRE 20181003
ViRobot 20181003
Webroot 20181003
Yandex 20180927
Zillya 20181003
ZoneAlarm by Check Point 20180925
Zoner 20181003
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product LandOfRails Launcher Installationsprogramm...
File version 2,0,0,45
Signature verification A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signing date 11:13 AM 12/2/2018
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-10-02 15:39:01
Entry Point 0x0001403C
Number of sections 4
PE sections
Overlays
MD5 5f206453d37b5268dec5d90c861bf2c9
File type data
Offset 176128
Size 8093712
Entropy 8.00
PE imports
LookupPrivilegeValueA
RegOpenKeyA
RegCloseKey
OpenProcessToken
RegSetValueExA
RegQueryValueA
RegQueryValueExA
AdjustTokenPrivileges
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
AddFontResourceA
GetSystemPaletteEntries
CreateHalftonePalette
CreateFontIndirectA
SetStretchBltMode
GetDeviceCaps
DeleteDC
SetBkMode
CreateDIBPatternBrush
BitBlt
RealizePalette
SetTextColor
CreatePalette
GetStockObject
SelectPalette
ExtTextOutA
CreateCompatibleDC
StretchDIBits
SetBrushOrgEx
RemoveFontResourceA
SelectObject
CreateSolidBrush
SetBkColor
DeleteObject
CreateCompatibleBitmap
GetLastError
HeapFree
GetStdHandle
LCMapStringW
SetHandleCount
lstrlenA
GetFileAttributesA
GlobalFree
GetDriveTypeA
LCMapStringA
HeapDestroy
HeapAlloc
IsBadWritePtr
GlobalUnlock
GetEnvironmentStringsW
GetVersionExA
GetModuleFileNameA
RtlUnwind
LoadLibraryA
GetLocalTime
FreeLibrary
FreeEnvironmentStringsA
HeapCompact
GetStartupInfoA
WritePrivateProfileStringA
GetEnvironmentStrings
GetCurrentDirectoryA
GetPrivateProfileStringA
MoveFileExA
lstrcatA
CreateDirectoryA
DeleteFileA
WideCharToMultiByte
UnhandledExceptionFilter
SetErrorMode
MultiByteToWideChar
GetShortPathNameA
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetFileType
GetFullPathNameA
SetFilePointer
GetTempPathA
CreateFileA
GetCPInfo
GetStringTypeA
GetModuleHandleA
OpenFile
ReadFile
FormatMessageA
SetUnhandledExceptionFilter
GetDiskFreeSpaceA
GetCurrentProcess
FindFirstFileA
CloseHandle
GetSystemDirectoryA
GetACP
HeapReAlloc
GetStringTypeW
GlobalLock
SetEnvironmentVariableA
SetFileAttributesA
GetOEMCP
MoveFileA
TerminateProcess
WinExec
CreateProcessA
GetExitCodeProcess
GetEnvironmentVariableA
HeapCreate
WriteFile
GlobalAlloc
VirtualFree
FindClose
Sleep
IsBadReadPtr
SetFileTime
IsBadCodePtr
ExitProcess
GetVersion
VirtualAlloc
SetCurrentDirectoryA
GetWindowsDirectoryA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SHGetSpecialFolderLocation
SetFocus
RedrawWindow
GetParent
EnableWindow
UpdateWindow
EndDialog
BeginPaint
CheckRadioButton
PostQuitMessage
DefWindowProcA
ShowWindow
SetWindowPos
FindWindowA
SendDlgItemMessageA
GetSystemMetrics
GetWindowRect
DispatchMessageA
ScreenToClient
SetDlgItemTextA
PostMessageA
GetDlgItemTextA
MessageBoxA
PeekMessageA
SetWindowLongA
AdjustWindowRectEx
TranslateMessage
DialogBoxParamA
GetWindow
GetSysColor
CheckDlgButton
DrawTextA
SetWindowTextA
wsprintfA
GetLastActivePopup
IsWindowVisible
SendMessageA
IsWindowEnabled
GetClientRect
CreateWindowExA
GetDlgItem
CreateDialogParamA
BringWindowToTop
IsIconic
RegisterClassA
InvalidateRect
GetWindowLongA
SendMessageTimeoutA
SetTimer
LoadCursorA
LoadIconA
FillRect
IsDlgButtonChecked
ValidateRect
CallWindowProcA
GetClassNameA
EndPaint
GetMessageA
ExitWindowsEx
IsDialogMessageA
DestroyWindow
GetFileVersionInfoSizeA
VerFindFileA
GetFileVersionInfoA
VerQueryValueA
OleUninitialize
CoCreateInstance
OleInitialize
CoGetMalloc
Number of PE resources by type
RT_ICON 5
RT_DIALOG 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
77824

ImageVersion
0.0

ProductName
LandOfRails Launcher Installationsprogramm...

FileVersionNumber
2.0.0.45

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

MIMEType
application/octet-stream

FileVersion
2,0,0,45

TimeStamp
2015:10:02 16:39:01+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
2,0,0,45

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
94208

FileSubtype
0

ProductVersionNumber
2.0.0.45

EntryPoint
0x1403c

ObjectFileType
Executable application

File identification
MD5 3b82620000cd03da742d096bc7289248
SHA1 3f0e1f365009015c3d5ca11a8c652d6142fffa53
SHA256 24549907b347555af99e0cc36d32c1845b2530030c5eed3c8aac08da948c5283
ssdeep
196608:M2QcG65rQRXbGr+hPSbQH/JkfJ+AYQdP55nk0H8fGdJH:M21yRa6hH4BYQdP1HYGf

authentihash 6bc5cd6df7beefdab1f24bda8a46aee95fc4d39212d2ab9f1dc6f190ddef4f2e
imphash b0d556e6fced10073d36709d8fe6ba14
File size 7.9 MB ( 8269840 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe overlay

VirusTotal metadata
First submission 2018-10-02 23:45:05 UTC ( vor 2 Monate, 1 Woche )
Last submission 2018-10-03 20:06:04 UTC ( vor 2 Monate, 1 Woche )
Dateinamen LandOfRails Setup.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Searched windows
Runtime DLLs