× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 2a909e0d514393225682ba10912c66fbfa4d1f959e643f9dd3eef833205806a9
Dateiname: IFSetup.exe
Erkennungsrate: 4 / 67
Analyse-Datum: 2018-01-11 02:37:22 UTC ( vor 6 Tage )
Antivirus Ergebnis Aktualisierung
Cylance Unsafe 20180111
Jiangmin TrojanSpy.MSIL.net 20180111
NANO-Antivirus Trojan.Win32.Mlw.evlmvi 20180111
TotalDefense Win32/Inject.C!generic 20180110
Ad-Aware 20180111
AegisLab 20180111
AhnLab-V3 20180110
Alibaba 20180111
ALYac 20180111
Arcabit 20180111
Avast 20180111
Avast-Mobile 20180111
AVG 20180111
Avira (no cloud) 20180110
AVware 20180103
Baidu 20180110
BitDefender 20180111
Bkav 20180106
CAT-QuickHeal 20180110
ClamAV 20180110
CMC 20180110
Comodo 20180111
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cyren 20180111
DrWeb 20180111
eGambit 20180111
Emsisoft 20180111
Endgame 20171130
ESET-NOD32 20180111
F-Prot 20180111
F-Secure 20180111
Fortinet 20180111
GData 20180111
Ikarus 20180110
Sophos ML 20170914
K7AntiVirus 20180110
K7GW 20180110
Kaspersky 20180111
Kingsoft 20180111
Malwarebytes 20180111
MAX 20180111
McAfee 20180110
McAfee-GW-Edition 20180111
Microsoft 20180110
eScan 20180111
nProtect 20180111
Palo Alto Networks (Known Signatures) 20180111
Panda 20180110
Qihoo-360 20180111
Rising 20180111
SentinelOne (Static ML) 20171224
Sophos AV 20180110
SUPERAntiSpyware 20180111
Symantec 20180110
Symantec Mobile Insight 20180110
Tencent 20180111
TheHacker 20180108
TrendMicro 20180110
TrendMicro-HouseCall 20180111
Trustlook 20180111
VBA32 20180110
VIPRE 20180111
ViRobot 20180110
Webroot 20180111
WhiteArmor 20180110
Yandex 20180109
Zillya 20180110
ZoneAlarm by Check Point 20180111
Zoner 20180111
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT CAB
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-09-03 22:28:04
Entry Point 0x00001000
Number of sections 5
PE sections
Overlays
MD5 7608bcded2fd91bba2ef6f4d1a548bb3
File type data
Offset 456704
Size 1284633
Entropy 8.00
PE imports
RegCreateKeyExW
RegCloseKey
OpenProcessToken
GetUserNameW
RegConnectRegistryW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
RegSetValueExW
InitCommonControlsEx
ImageList_Destroy
ImageList_AddMasked
ImageList_SetBkColor
ImageList_GetIconSize
ImageList_Create
ImageList_Remove
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Add
SetDIBits
SetStretchBltMode
GetObjectType
GetDeviceCaps
ExcludeClipRect
DeleteDC
SetBkMode
CreateFontW
SetPixel
GetObjectW
BitBlt
CreateDIBSection
SetTextColor
CreatePatternBrush
GetObjectA
CreateBitmap
CreateDCW
GetStockObject
GetDIBits
CreateCompatibleDC
StretchBlt
SetBrushOrgEx
SelectObject
CreateSolidBrush
SetBkColor
DeleteObject
CreateCompatibleBitmap
MakeSureDirectoryPathExists
GetLastError
SetCurrentDirectoryW
HeapFree
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
ReleaseMutex
GetSystemInfo
LoadLibraryW
GlobalFree
WaitForSingleObject
GetVersionExW
FreeLibrary
MulDiv
HeapDestroy
HeapAlloc
TlsAlloc
GetVersionExA
GetFileAttributesW
GlobalAlloc
LoadLibraryA
GetLocalTime
CopyFileW
CreatePipe
GetCurrentProcess
SystemTimeToFileTime
FindNextFileW
GetFileSize
FindClose
SetFileTime
CreateThread
SetErrorMode
MultiByteToWideChar
HeapSize
SetEnvironmentVariableW
CreateDirectoryW
DeleteFileW
GetProcAddress
TerminateThread
RemoveDirectoryW
SetFileAttributesW
WideCharToMultiByte
GetModuleFileNameW
SetFilePointer
GetSystemDirectoryW
DeleteCriticalSection
ReadFile
WriteFile
CreateMutexW
CloseHandle
FindFirstFileW
DuplicateHandle
HeapReAlloc
GetModuleHandleW
GetDriveTypeW
InitializeCriticalSection
HeapCreate
GetTempPathW
CreateFileW
GetEnvironmentVariableW
CreateProcessW
LocalFileTimeToFileTime
GetDiskFreeSpaceExW
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
GetCurrentProcessId
SetLastError
LeaveCriticalSection
rand
malloc
srand
setlocale
memset
fclose
strcat
_stricmp
_wcsicmp
fprintf
_setjmp3
sscanf
fopen
strlen
_vsnwprintf
_wcsdup
fabs
mktime
fwrite
fseek
system
wcslen
wcscmp
ftell
exit
sprintf
memcmp
log10
ferror
__p__iob
localtime
fread
longjmp
_wcsnicmp
wcsncpy
gmtime
free
ceil
wcscat
atoi
wcsncmp
_wfopen
getenv
memcpy
memmove
floor
swscanf
wcscpy
_isnan
strcpy
time
CoUninitialize
CoInitialize
CoCreateGuid
CoCreateInstance
RevokeDragDrop
CoTaskMemFree
StringFromGUID2
SetupIterateCabinetW
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
ExtractIconW
RedrawWindow
GetForegroundWindow
DrawStateW
SetWindowPos
IsWindow
EndPaint
SetActiveWindow
GetDC
GetCursorPos
ReleaseDC
GetDlgCtrlID
SendMessageW
SendMessageA
UnregisterClassW
GetClientRect
DrawTextW
LoadImageW
GetActiveWindow
ShowCursor
GetWindowTextW
GetWindowTextLengthW
MsgWaitForMultipleObjects
DestroyWindow
GetParent
UpdateWindow
GetPropW
SetClassLongW
EnumWindows
GetMessageW
ShowWindow
DrawFrameControl
SetPropW
CreateIconFromResourceEx
PeekMessageW
EnableWindow
CharUpperW
TranslateMessage
IsWindowEnabled
GetWindow
GetIconInfo
RegisterClassW
IsZoomed
IsIconic
GetWindowLongA
FillRect
CreateAcceleratorTableW
GetSysColorBrush
OemToCharW
CreateWindowExW
GetWindowLongW
IsChild
MapWindowPoints
BeginPaint
DefWindowProcW
ClipCursor
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
EnumChildWindows
PostMessageW
DrawIconEx
SetWindowTextW
RemovePropW
ScreenToClient
DestroyAcceleratorTable
ValidateRect
CreateIconFromResource
LoadCursorW
LoadIconW
DispatchMessageW
ExitWindowsEx
SetFocus
GetWindowThreadProcessId
MessageBoxW
DefFrameProcW
RegisterClassExW
MoveWindow
GetWindowDC
AdjustWindowRectEx
GetSysColor
GetKeyState
DestroyIcon
IsWindowVisible
SetCursorPos
SystemParametersInfoW
InvalidateRect
CallWindowProcW
GetClassNameW
GetFocus
SetCursor
GetMenu
TranslateAcceleratorW
timeEndPeriod
timeBeginPeriod
Number of PE resources by type
RT_ICON 9
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 11
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2016:09:03 23:28:04+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
201728

LinkerVersion
2.5

EntryPoint
0x1000

InitializedDataSize
259072

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 e1fcc46f8c546435382709d11acad3f6
SHA1 c45a5806441cb6f1f1d73e5fba80efbdfb23479f
SHA256 2a909e0d514393225682ba10912c66fbfa4d1f959e643f9dd3eef833205806a9
ssdeep
24576:pHVasqIT4Av8WcBylvdNVYog0lgYYIuX72AXV4PbGi/wIX4SbiU878sO1g:vaaTfvvuX6q6Pb1IIX4SWU8X0g

authentihash 889975a37e54f0a954d048d99f802d2bd757f2225e4edab4880a4429e66607a9
imphash 1033e7ad4ef699f506cce0c38fc5b07c
File size 1.7 MB ( 1741337 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
Win16/32 Executable Delphi generic (2.7%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-09-05 17:31:50 UTC ( vor 1 Jahr, 4 Monate )
Last submission 2017-11-08 22:40:36 UTC ( vor 2 Monate, 1 Woche )
Dateinamen 2a909e0d514393225682ba10912c66fbfa4d1f959e643f9dd3eef833205806a9.exe
IFSetup_1_3-2.exe
IFSetup.exe
IFSetup.exe
IFSetup.exe
ifsetup.exe
IFSetup.exe
IFSetup 1.3.2.exe
IFSetup.exe
IFSetup.exe
IFSetup.exe
1021685
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Created mutexes
Opened mutexes
Runtime DLLs
UDP communications