× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 2903bdd8a5a5a3935ec61664868fe2cfb95846e04b0278871c231f0cbf7e7f2e
Dateiname: BMA_Mod_2.7.exe
Erkennungsrate: 0 / 56
Analyse-Datum: 2015-08-30 17:59:06 UTC ( vor 2 Jahre, 5 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Ad-Aware 20150830
AegisLab 20150830
Yandex 20150829
AhnLab-V3 20150830
Alibaba 20150828
ALYac 20150830
Antiy-AVL 20150830
Arcabit 20150830
Avast 20150830
AVG 20150830
Avira (no cloud) 20150830
AVware 20150830
Baidu-International 20150830
BitDefender 20150830
Bkav 20150829
ByteHero 20150830
CAT-QuickHeal 20150829
ClamAV 20150830
CMC 20150827
Comodo 20150830
Cyren 20150830
DrWeb 20150830
Emsisoft 20150830
ESET-NOD32 20150830
F-Prot 20150829
F-Secure 20150829
Fortinet 20150830
GData 20150830
Ikarus 20150830
Jiangmin 20150829
K7AntiVirus 20150830
K7GW 20150830
Kaspersky 20150830
Kingsoft 20150830
Malwarebytes 20150830
McAfee 20150830
McAfee-GW-Edition 20150830
Microsoft 20150830
eScan 20150830
NANO-Antivirus 20150830
nProtect 20150828
Panda 20150830
Qihoo-360 20150830
Rising 20150830
Sophos AV 20150830
SUPERAntiSpyware 20150829
Symantec 20150830
Tencent 20150830
TheHacker 20150830
TrendMicro 20150830
TrendMicro-HouseCall 20150830
VBA32 20150829
VIPRE 20150830
ViRobot 20150830
Zillya 20150830
Zoner 20150830
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product BMA Mod 2.7 Install Program
File version 2, 0, 0, 44
Packers identified
F-PROT ZIP
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-11-07 11:09:55
Entry Point 0x00013D4C
Number of sections 4
PE sections
Overlays
MD5 3564516e4c6b0e70ec95b38135964fa2
File type data
Offset 139264
Size 2394484
Entropy 8.00
PE imports
LookupPrivilegeValueA
RegOpenKeyA
RegCloseKey
OpenProcessToken
RegSetValueExA
RegQueryValueA
RegQueryValueExA
AdjustTokenPrivileges
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
AddFontResourceA
GetSystemPaletteEntries
CreateHalftonePalette
CreateFontIndirectA
SetStretchBltMode
GetDeviceCaps
DeleteDC
SetBkMode
CreateDIBPatternBrush
BitBlt
RealizePalette
SetTextColor
CreatePalette
GetStockObject
SelectPalette
ExtTextOutA
CreateCompatibleDC
StretchDIBits
SetBrushOrgEx
RemoveFontResourceA
SelectObject
CreateSolidBrush
SetBkColor
DeleteObject
CreateCompatibleBitmap
GetLastError
HeapFree
GetStdHandle
LCMapStringW
SetHandleCount
lstrlenA
GetFileAttributesA
GlobalFree
GetDriveTypeA
LCMapStringA
HeapDestroy
HeapAlloc
IsBadWritePtr
GlobalUnlock
GetEnvironmentStringsW
GetVersionExA
GetModuleFileNameA
RtlUnwind
LoadLibraryA
GetLocalTime
FreeLibrary
FreeEnvironmentStringsA
HeapCompact
GetStartupInfoA
WritePrivateProfileStringA
GetEnvironmentStrings
GetCurrentDirectoryA
GetPrivateProfileStringA
MoveFileExA
lstrcatA
CreateDirectoryA
DeleteFileA
WideCharToMultiByte
UnhandledExceptionFilter
SetErrorMode
MultiByteToWideChar
GetShortPathNameA
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetFileType
GetFullPathNameA
SetFilePointer
GetTempPathA
CreateFileA
GetCPInfo
GetStringTypeA
GetModuleHandleA
OpenFile
ReadFile
FormatMessageA
SetUnhandledExceptionFilter
GetDiskFreeSpaceA
GetCurrentProcess
FindFirstFileA
CloseHandle
GetSystemDirectoryA
GetACP
HeapReAlloc
GetStringTypeW
GlobalLock
SetEnvironmentVariableA
SetFileAttributesA
GetOEMCP
MoveFileA
TerminateProcess
WinExec
CreateProcessA
GetExitCodeProcess
GetEnvironmentVariableA
HeapCreate
WriteFile
GlobalAlloc
VirtualFree
FindClose
Sleep
IsBadReadPtr
SetFileTime
IsBadCodePtr
ExitProcess
GetVersion
VirtualAlloc
SetCurrentDirectoryA
GetWindowsDirectoryA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SHGetSpecialFolderLocation
SetFocus
RedrawWindow
GetParent
EnableWindow
UpdateWindow
EndDialog
BeginPaint
CheckRadioButton
PostQuitMessage
DefWindowProcA
ShowWindow
SetWindowPos
FindWindowA
SendDlgItemMessageA
GetSystemMetrics
GetWindowRect
DispatchMessageA
ScreenToClient
SetDlgItemTextA
PostMessageA
GetDlgItemTextA
MessageBoxA
PeekMessageA
SetWindowLongA
AdjustWindowRectEx
TranslateMessage
DialogBoxParamA
GetWindow
GetSysColor
CheckDlgButton
DrawTextA
SetWindowTextA
wsprintfA
GetLastActivePopup
IsWindowVisible
SendMessageA
IsWindowEnabled
GetClientRect
GetDlgItem
CreateDialogParamA
BringWindowToTop
IsIconic
RegisterClassA
InvalidateRect
GetWindowLongA
SendMessageTimeoutA
CreateWindowExA
LoadCursorA
LoadIconA
FillRect
IsDlgButtonChecked
ValidateRect
CallWindowProcA
GetClassNameA
EndPaint
GetMessageA
ExitWindowsEx
IsDialogMessageA
DestroyWindow
GetFileVersionInfoSizeA
VerFindFileA
GetFileVersionInfoA
VerQueryValueA
OleUninitialize
CoCreateInstance
OleInitialize
CoGetMalloc
Number of PE resources by type
RT_ICON 5
RT_DIALOG 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.0.0.44

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
45056

EntryPoint
0x13d4c

MIMEType
application/octet-stream

FileVersion
2, 0, 0, 44

TimeStamp
2013:11:07 12:09:55+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
2, 0, 0, 44

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
94208

ProductName
BMA Mod 2.7 Install Program

ProductVersionNumber
2.0.0.44

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 929be606c22c6e618afc92415bc93238
SHA1 69dce5d7ae6481a02dbbfb599336bf16848fa4ee
SHA256 2903bdd8a5a5a3935ec61664868fe2cfb95846e04b0278871c231f0cbf7e7f2e
ssdeep
49152:EAtRK3hqtv1TLIylX5Kn7caR6uL0jZQxtWHUMNJphu:VDkQ9dIX7H0uLrtW0Mbu

authentihash a833bea89843ed1085b9b8b8e586bc73fb69e82e5213408da42c7258c527dafe
imphash 7dc26f5952a43f197f75b1954e7909a9
File size 2.4 MB ( 2533748 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (35.8%)
Win64 Executable (generic) (31.7%)
Windows screen saver (15.0%)
Win32 Dynamic Link Library (generic) (7.5%)
Win32 Executable (generic) (5.1%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-08-30 17:59:06 UTC ( vor 2 Jahre, 5 Monate )
Last submission 2017-01-23 16:59:07 UTC ( vor 1 Jahr )
Dateinamen BMA_Mod_2.7.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Searched windows
Runtime DLLs