× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 2a909e0d514393225682ba10912c66fbfa4d1f959e643f9dd3eef833205806a9
Dateiname: IFSetup.exe
Erkennungsrate: 4 / 67
Analyse-Datum: 2018-06-13 01:51:21 UTC ( vor 5 Tage, 4 Stunden )
Antivirus Ergebnis Aktualisierung
Cylance Unsafe 20180613
Jiangmin TrojanSpy.MSIL.net 20180613
TotalDefense Win32/Inject.C!generic 20180612
VBA32 Trojan.Miner 20180612
Ad-Aware 20180613
AegisLab 20180613
AhnLab-V3 20180612
Alibaba 20180613
ALYac 20180613
Antiy-AVL 20180613
Arcabit 20180613
Avast 20180613
Avast-Mobile 20180612
AVG 20180613
Avira (no cloud) 20180612
AVware 20180613
Babable 20180406
Baidu 20180612
BitDefender 20180613
Bkav 20180612
CAT-QuickHeal 20180612
ClamAV 20180612
CMC 20180612
Comodo 20180613
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cyren 20180613
DrWeb 20180613
eGambit 20180613
Emsisoft 20180613
Endgame 20180612
ESET-NOD32 20180613
F-Prot 20180613
F-Secure 20180613
Fortinet 20180613
GData 20180613
Sophos ML 20180601
K7AntiVirus 20180612
K7GW 20180612
Kaspersky 20180612
Kingsoft 20180613
Malwarebytes 20180612
MAX 20180613
McAfee 20180613
McAfee-GW-Edition 20180613
Microsoft 20180613
eScan 20180613
NANO-Antivirus 20180613
Palo Alto Networks (Known Signatures) 20180613
Panda 20180612
Qihoo-360 20180613
Rising 20180613
SentinelOne (Static ML) 20180225
Sophos AV 20180613
SUPERAntiSpyware 20180613
Symantec 20180612
Symantec Mobile Insight 20180605
TACHYON 20180613
Tencent 20180613
TheHacker 20180608
TrendMicro 20180613
TrendMicro-HouseCall 20180613
Trustlook 20180613
VIPRE 20180613
ViRobot 20180612
Webroot 20180613
Yandex 20180609
Zillya 20180612
ZoneAlarm by Check Point 20180613
Zoner 20180612
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT CAB
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-09-03 22:28:04
Entry Point 0x00001000
Number of sections 5
PE sections
Overlays
MD5 7608bcded2fd91bba2ef6f4d1a548bb3
File type data
Offset 456704
Size 1284633
Entropy 8.00
PE imports
RegCreateKeyExW
RegCloseKey
OpenProcessToken
GetUserNameW
RegConnectRegistryW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
RegSetValueExW
InitCommonControlsEx
ImageList_Destroy
ImageList_AddMasked
ImageList_SetBkColor
ImageList_GetIconSize
ImageList_Create
ImageList_Remove
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Add
SetDIBits
SetStretchBltMode
GetObjectType
GetDeviceCaps
ExcludeClipRect
DeleteDC
SetBkMode
CreateFontW
SetPixel
GetObjectW
BitBlt
CreateDIBSection
SetTextColor
CreatePatternBrush
GetObjectA
CreateBitmap
CreateDCW
GetStockObject
GetDIBits
CreateCompatibleDC
StretchBlt
SetBrushOrgEx
SelectObject
CreateSolidBrush
SetBkColor
DeleteObject
CreateCompatibleBitmap
MakeSureDirectoryPathExists
GetLastError
SetCurrentDirectoryW
HeapFree
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
ReleaseMutex
GetSystemInfo
LoadLibraryW
GlobalFree
WaitForSingleObject
GetVersionExW
FreeLibrary
MulDiv
HeapDestroy
HeapAlloc
TlsAlloc
GetVersionExA
GetFileAttributesW
GlobalAlloc
LoadLibraryA
GetLocalTime
CopyFileW
CreatePipe
GetCurrentProcess
SystemTimeToFileTime
FindNextFileW
GetFileSize
FindClose
SetFileTime
CreateThread
SetErrorMode
MultiByteToWideChar
HeapSize
SetEnvironmentVariableW
CreateDirectoryW
DeleteFileW
GetProcAddress
TerminateThread
RemoveDirectoryW
SetFileAttributesW
WideCharToMultiByte
GetModuleFileNameW
SetFilePointer
GetSystemDirectoryW
DeleteCriticalSection
ReadFile
WriteFile
CreateMutexW
CloseHandle
FindFirstFileW
DuplicateHandle
HeapReAlloc
GetModuleHandleW
GetDriveTypeW
InitializeCriticalSection
HeapCreate
GetTempPathW
CreateFileW
GetEnvironmentVariableW
CreateProcessW
LocalFileTimeToFileTime
GetDiskFreeSpaceExW
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
GetCurrentProcessId
SetLastError
LeaveCriticalSection
rand
malloc
srand
setlocale
memset
fclose
strcat
_stricmp
_wcsicmp
fprintf
_setjmp3
sscanf
fopen
strlen
_vsnwprintf
_wcsdup
fabs
mktime
fwrite
fseek
system
wcslen
wcscmp
ftell
exit
sprintf
memcmp
log10
ferror
__p__iob
localtime
fread
longjmp
_wcsnicmp
wcsncpy
gmtime
free
ceil
wcscat
atoi
wcsncmp
_wfopen
getenv
memcpy
memmove
floor
swscanf
wcscpy
_isnan
strcpy
time
CoUninitialize
CoInitialize
CoCreateGuid
CoCreateInstance
RevokeDragDrop
CoTaskMemFree
StringFromGUID2
SetupIterateCabinetW
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
ExtractIconW
RedrawWindow
GetForegroundWindow
DrawStateW
SetWindowPos
IsWindow
EndPaint
SetActiveWindow
GetDC
GetCursorPos
ReleaseDC
GetDlgCtrlID
SendMessageW
SendMessageA
UnregisterClassW
GetClientRect
DrawTextW
LoadImageW
GetActiveWindow
ShowCursor
GetWindowTextW
GetWindowTextLengthW
MsgWaitForMultipleObjects
DestroyWindow
GetParent
UpdateWindow
GetPropW
SetClassLongW
EnumWindows
GetMessageW
ShowWindow
DrawFrameControl
SetPropW
CreateIconFromResourceEx
PeekMessageW
EnableWindow
CharUpperW
TranslateMessage
IsWindowEnabled
GetWindow
GetIconInfo
RegisterClassW
IsZoomed
IsIconic
GetWindowLongA
FillRect
CreateAcceleratorTableW
GetSysColorBrush
OemToCharW
CreateWindowExW
GetWindowLongW
IsChild
MapWindowPoints
BeginPaint
DefWindowProcW
ClipCursor
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
EnumChildWindows
PostMessageW
DrawIconEx
SetWindowTextW
RemovePropW
ScreenToClient
DestroyAcceleratorTable
ValidateRect
CreateIconFromResource
LoadCursorW
LoadIconW
DispatchMessageW
ExitWindowsEx
SetFocus
GetWindowThreadProcessId
MessageBoxW
DefFrameProcW
RegisterClassExW
MoveWindow
GetWindowDC
AdjustWindowRectEx
GetSysColor
GetKeyState
DestroyIcon
IsWindowVisible
SetCursorPos
SystemParametersInfoW
InvalidateRect
CallWindowProcW
GetClassNameW
GetFocus
SetCursor
GetMenu
TranslateAcceleratorW
timeEndPeriod
timeBeginPeriod
Number of PE resources by type
RT_ICON 9
RT_GROUP_ICON 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 11
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2016:09:03 23:28:04+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
201728

LinkerVersion
2.5

EntryPoint
0x1000

InitializedDataSize
259072

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 e1fcc46f8c546435382709d11acad3f6
SHA1 c45a5806441cb6f1f1d73e5fba80efbdfb23479f
SHA256 2a909e0d514393225682ba10912c66fbfa4d1f959e643f9dd3eef833205806a9
ssdeep
24576:pHVasqIT4Av8WcBylvdNVYog0lgYYIuX72AXV4PbGi/wIX4SbiU878sO1g:vaaTfvvuX6q6Pb1IIX4SWU8X0g

authentihash 889975a37e54f0a954d048d99f802d2bd757f2225e4edab4880a4429e66607a9
imphash 1033e7ad4ef699f506cce0c38fc5b07c
File size 1.7 MB ( 1741337 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (39.9%)
Win64 Executable (generic) (35.3%)
Win32 Dynamic Link Library (generic) (8.4%)
Win32 Executable (generic) (5.7%)
Win16/32 Executable Delphi generic (2.6%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-09-05 17:31:50 UTC ( vor 1 Jahr, 9 Monate )
Last submission 2018-05-28 13:49:34 UTC ( vor 2 Wochen, 6 Tage )
Dateinamen 2a909e0d514393225682ba10912c66fbfa4d1f959e643f9dd3eef833205806a9.exe
IFSetup_1_3-2.exe
IFSetup.exe
IFSetup.exe
IFSetup.exe
ifsetup.exe
IFSetup.exe
IFSetup.exe
IFSetup 1.3.2.exe
IFSetup.exe
IFSetup.exe
IFSetup.exe
1021685
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Created mutexes
Opened mutexes
Runtime DLLs
UDP communications