× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 27fa455f61c5438603b08d72cb814bddf2361a3b803e6ee6261593b4a372124d
Dateiname: 7z.sfx
Erkennungsrate: 0 / 57
Analyse-Datum: 2015-10-04 05:47:28 UTC ( vor 2 Jahre, 7 Monate )
Antivirus Ergebnis Aktualisierung
Ad-Aware 20151004
AegisLab 20151003
Yandex 20151003
AhnLab-V3 20151003
Alibaba 20150927
ALYac 20151004
Antiy-AVL 20151004
Arcabit 20151004
Avast 20151004
AVG 20151004
Avira (no cloud) 20151003
AVware 20151004
Baidu-International 20151003
BitDefender 20151004
Bkav 20151003
ByteHero 20151004
CAT-QuickHeal 20151003
ClamAV 20151002
CMC 20151002
Comodo 20151003
Cyren 20151004
DrWeb 20151004
Emsisoft 20151004
ESET-NOD32 20151003
F-Prot 20150929
F-Secure 20151003
Fortinet 20151004
GData 20151004
Ikarus 20151004
Jiangmin 20151003
K7AntiVirus 20151004
K7GW 20151004
Kaspersky 20151004
Kingsoft 20151004
Malwarebytes 20151004
McAfee 20151004
McAfee-GW-Edition 20151003
Microsoft 20151004
eScan 20151004
NANO-Antivirus 20151004
nProtect 20151002
Panda 20151003
Qihoo-360 20151004
Rising 20151003
Sophos AV 20151004
SUPERAntiSpyware 20151003
Symantec 20151003
Tencent 20151004
TheHacker 20151002
TotalDefense 20151004
TrendMicro 20151004
TrendMicro-HouseCall 20151004
VBA32 20151003
VIPRE 20151004
ViRobot 20151003
Zillya 20151003
Zoner 20151004
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 1999-2010 Igor Pavlov

Publisher Igor Pavlov
Product 7-Zip
Original name 7z.sfx.exe
Internal name 7z.sfx
File version 9.20
Description 7z SFX
Packers identified
F-PROT 7Z
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-11-18 16:27:33
Entry Point 0x0001D262
Number of sections 5
PE sections
Overlays
MD5 9e988132c1c7d7a6d4861bddeb2ddd9b
File type data
Offset 162816
Size 171802174
Entropy 8.00
PE imports
AreFileApisANSI
GetLastError
GetStdHandle
EnterCriticalSection
FileTimeToSystemTime
lstrlenA
RemoveDirectoryW
WaitForSingleObject
SetEvent
GetCommandLineW
GetTickCount
SetFileTime
SetFileAttributesW
GetVersionExA
RemoveDirectoryA
DeleteFileA
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoA
SetFileAttributesA
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetFileSize
lstrcatA
CreateDirectoryA
GetModuleHandleW
GetCurrentDirectoryA
FormatMessageW
MultiByteToWideChar
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
FormatMessageA
GetFullPathNameA
SetFilePointer
GetFullPathNameW
CloseHandle
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleA
ReadFile
WriteFile
GetCurrentProcess
FindFirstFileA
ResetEvent
FindFirstFileW
GetProcAddress
SetPriorityClass
LocalFree
MoveFileA
InitializeCriticalSection
CreateFileW
VirtualFree
CreateEventA
FindClose
Sleep
MoveFileW
SetEndOfFile
CreateFileA
VirtualAlloc
SetLastError
LeaveCriticalSection
_purecall
__p__fmode
malloc
__CxxFrameHandler
??1type_info@@UAE@XZ
memset
__dllonexit
_except_handler3
_onexit
wcslen
exit
_XcptFilter
memcmp
__setusermatherr
_controlfp
_adjust_fdiv
_acmdln
_CxxThrowException
__p__commode
free
__getmainargs
memcpy
memmove
_beginthreadex
_initterm
_exit
__set_app_type
SysFreeString
VariantClear
SysAllocString
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
MapDialogRect
EndDialog
CharUpperW
KillTimer
ShowWindow
MessageBoxW
GetWindowRect
SetDlgItemTextA
PostMessageA
MoveWindow
DialogBoxParamW
SetWindowLongA
DialogBoxParamA
CharUpperA
LoadStringA
SystemParametersInfoA
SetWindowTextA
SendMessageW
GetWindowLongA
SendMessageA
LoadStringW
SetWindowTextW
GetDlgItem
ScreenToClient
InvalidateRect
wsprintfA
GetWindowTextLengthA
SetTimer
LoadCursorA
LoadIconA
IsDlgButtonChecked
GetWindowTextW
GetWindowTextLengthW
GetWindowTextA
SetCursor
CoUninitialize
CoInitialize
Number of PE resources by type
RT_STRING 9
RT_DIALOG 4
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 17
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
9.20.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
51200

EntryPoint
0x1d262

OriginalFileName
7z.sfx.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 1999-2010 Igor Pavlov

FileVersion
9.2

TimeStamp
2010:11:18 17:27:33+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
7z.sfx

ProductVersion
9.2

FileDescription
7z SFX

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Igor Pavlov

CodeSize
127488

ProductName
7-Zip

ProductVersionNumber
9.20.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 d7cb3cb53e62d08b3e00df826c5a4481
SHA1 e3ea73e0cdb6081eeb11e4b1de1d0556748dc01e
SHA256 27fa455f61c5438603b08d72cb814bddf2361a3b803e6ee6261593b4a372124d
ssdeep
3145728:WpGHnLS88dXUWDy9r4HqMcB+GW+z0HJqlYrXya10tm2/KfORWnViTc4HcVn:WpcnT9vKkWZHJYcHHxGc48l

authentihash 150e5347c83d49f41f319c69f4a61170264aa1e34a2359fd574dcfffc9de35f6
imphash 1f4dc9aa893a3c5fdfc9623903183e73
File size 164.0 MB ( 171964990 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe overlay

VirusTotal metadata
First submission 2014-03-29 18:31:35 UTC ( vor 4 Jahre, 1 Monat )
Last submission 2014-03-29 18:31:35 UTC ( vor 4 Jahre, 1 Monat )
Dateinamen 7z.sfx.exe
Counter-Strike Beta 5.2.exe
7z.sfx
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!