× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 247e2939c901450b98f3a91da4107d0c9ec6e5ab97f26854a76e75a3c09e77de
Dateiname: sw3cwEXP.x64.exe
Erkennungsrate: 0 / 56
Analyse-Datum: 2015-10-03 12:34:38 UTC ( vor 1 Jahr, 11 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Ad-Aware 20151003
AegisLab 20151003
Yandex 20150930
AhnLab-V3 20151003
Alibaba 20150927
ALYac 20151003
Antiy-AVL 20151003
Arcabit 20151003
Avast 20151003
AVG 20151003
Avira (no cloud) 20151003
AVware 20151003
Baidu-International 20151003
BitDefender 20151003
Bkav 20151003
ByteHero 20151003
CAT-QuickHeal 20151003
ClamAV 20151002
CMC 20151002
Comodo 20151003
Cyren 20151003
DrWeb 20151003
Emsisoft 20151003
ESET-NOD32 20151003
F-Prot 20150929
F-Secure 20151003
Fortinet 20151003
GData 20151003
Ikarus 20151003
Jiangmin 20151001
K7AntiVirus 20151003
K7GW 20151003
Kaspersky 20151003
Kingsoft 20151003
Malwarebytes 20151003
McAfee 20151003
McAfee-GW-Edition 20151002
Microsoft 20151003
eScan 20151003
NANO-Antivirus 20151003
nProtect 20151002
Panda 20151003
Qihoo-360 20151003
Rising 20151002
Sophos AV 20151003
SUPERAntiSpyware 20151003
Symantec 20151002
Tencent 20151003
TheHacker 20151002
TrendMicro 20151003
TrendMicro-HouseCall 20151003
VBA32 20151003
VIPRE 20151003
ViRobot 20151003
Zillya 20151002
Zoner 20151003
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-03-13 17:21:17
Entry Point 0x0027EDEF
Number of sections 5
PE sections
PE imports
GetUserNameA
OpenProcessToken
DirectInput8Create
Ord(11)
GetStockObject
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
HeapDestroy
SystemTimeToTzSpecificLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetFileTime
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
GetOEMCP
MoveFileA
GetExitCodeProcess
InitializeCriticalSection
FindClose
TlsGetValue
FormatMessageA
OutputDebugStringA
SetLastError
IsDebuggerPresent
ExitProcess
FlushFileBuffers
RemoveDirectoryA
QueryPerformanceFrequency
EnumSystemLocalesA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetLocalTime
CreateMutexA
SetFilePointer
CreateThread
SetUnhandledExceptionFilter
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
VirtualQuery
SearchPathA
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetDateFormatA
GetFileSize
CreateDirectoryA
DeleteFileA
GetUserDefaultLCID
GetProcessHeap
CompareStringW
FindFirstFileA
HeapValidate
CompareStringA
FindNextFileA
IsValidLocale
GetProcAddress
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GetModuleFileNameA
GetEnvironmentStrings
GetCurrentProcessId
GetCurrentDirectoryA
HeapSize
GetCommandLineA
RaiseException
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
CreateProcessA
WideCharToMultiByte
IsValidCodePage
HeapCreate
VirtualFree
Sleep
VirtualAlloc
GetTimeFormatA
GetProcessMemoryInfo
GetMessageA
RegisterClassA
UpdateWindow
SendInput
PostQuitMessage
DefWindowProcA
ShowWindow
GetSystemMetrics
DispatchMessageA
ClientToScreen
MessageBoxA
GetMessageExtraInfo
PeekMessageA
TranslateMessage
GetKeyState
SystemParametersInfoA
ToAscii
SetCursorPos
ScreenToClient
SetRect
wsprintfA
CreateWindowExA
LoadCursorA
LoadIconA
GetKeyboardState
ShowCursor
DestroyWindow
_BinkNextFrame@4
_BinkOpen@8
_BinkDoFrame@4
_BinkWait@4
_BinkGoto@12
_BinkCopyToBuffer@28
_BinkOpenDirectSound@4
_BinkSetSoundSystem@8
_BinkClose@4
Direct3DCreate9
D3DXMatrixRotationQuaternion
D3DXCreateTexture
D3DXGetImageInfoFromFileA
D3DXSaveTextureToFileA
D3DXCreateTextureFromFileInMemoryEx
D3DXQuaternionRotationMatrix
CoUninitialize
CoInitialize
compress2
PE exports
Number of PE resources by type
RT_ICON 5
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
RHAETO ROMANCE DEFAULT 6
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2010:03:13 18:21:17+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
3125248

LinkerVersion
8.0

FileTypeExtension
exe

InitializedDataSize
1105920

SubsystemVersion
4.0

EntryPoint
0x27edef

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 f8048dbc385b616f818683e0f6370c72
SHA1 26e249802baf05ef323654d660025f7af0801b3f
SHA256 247e2939c901450b98f3a91da4107d0c9ec6e5ab97f26854a76e75a3c09e77de
ssdeep
49152:X1VMzTfTpEKuqPG2oq1Hy+QHtJHXRGlyj5WVmqF7f/PmBiuVzpV+roP:X1VMnfTpEKbV1Hy+QHtJN5WVmOf/Pm

authentihash a03ab9d76f2a35125aefe2ef8e9ccee386073eb08acfd4d359db4bcd0427cf30
imphash 14fd2d887050b209f55e6ee6adff3676
File size 4.0 MB ( 4235264 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2015-10-03 12:34:38 UTC ( vor 1 Jahr, 11 Monate )
Last submission 2015-10-03 12:34:38 UTC ( vor 1 Jahr, 11 Monate )
Dateinamen sw3cwEXP.x64.exe
sw3cwEXP64.exe
sw3cw64.exe
sw3cwEXP.x64.exe
sw3cw64.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!