× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 3351357048a83766ff96b5ae983b2541bfd14789eae311ab8b54068605dcb55a
Dateiname: SF_Main.xp
Erkennungsrate: 5 / 56
Analyse-Datum: 2017-02-05 17:48:19 UTC ( vor 2 Jahre, 2 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Avira (no cloud) TR/Crypt.TPM.Gen 20170205
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9935 20170125
Bkav HW32.Packed.3C6B 20170204
CrowdStrike Falcon (ML) malicious_confidence_88% (D) 20170130
Qihoo-360 HEUR/QVM19.1.0000.Malware.Gen 20170205
Ad-Aware 20170205
AegisLab 20170205
AhnLab-V3 20170205
Alibaba 20170122
ALYac 20170205
Antiy-AVL 20170205
Arcabit 20170204
Avast 20170205
AVG 20170205
AVware 20170205
BitDefender 20170205
CAT-QuickHeal 20170204
ClamAV 20170205
CMC 20170205
Comodo 20170205
Cyren 20170205
DrWeb 20170205
Emsisoft 20170205
ESET-NOD32 20170205
F-Prot 20170205
F-Secure 20170205
Fortinet 20170205
GData 20170205
Ikarus 20170205
Sophos ML 20170203
Jiangmin 20170203
K7AntiVirus 20170205
K7GW 20170205
Kaspersky 20170205
Kingsoft 20170205
Malwarebytes 20170205
McAfee 20170205
McAfee-GW-Edition 20170205
Microsoft 20170205
eScan 20170205
NANO-Antivirus 20170205
nProtect 20170205
Panda 20170205
Rising 20170205
Sophos AV 20170205
SUPERAntiSpyware 20170205
Symantec 20170205
Tencent 20170205
TheHacker 20170202
TrendMicro 20170205
TrendMicro-HouseCall 20170205
Trustlook 20170205
VBA32 20170203
VIPRE 20170205
ViRobot 20170205
WhiteArmor 20170202
Yandex 20170204
Zillya 20170204
Zoner 20170205
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2017

Product Sky-Fighter
Original name SF_Main.exe
Internal name SF_Main.exe
File version 5.0.0.0
Description Sky-Fighter Main Executeable
ReversingLabs Taggant packer details
Validity
Valid taggant block

Full file hash
Valid

PKI chain
Valid

Packer Themida (2.4.5)
Timestamp Feb 5 17:40:13 2017 GMT
User
Validity Valid
Serial Number 1E0BC75D883DDAD6E8DE9A23B0B6941E
SPV
Validity Valid
Serial Number 19D169BB9A9042C0607D960325D1D336
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-02-05 15:59:37
Entry Point 0x00955000
Number of sections 9
PE sections
PE imports
ImageList_EndDrag
ImmSetCompositionWindow
FreeLibrary
HeapFree
GetModuleHandleA
VirtualFree
HeapAlloc
GetCommandLineA
GetVersionExA
LoadLibraryA
VirtualAlloc
GetCurrentThreadId
GetProcessHeap
MessageBoxA
Number of PE resources by type
RT_ICON 6
RT_RCDATA 2
RT_MANIFEST 2
RT_GROUP_ICON 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 11
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
1043456

ImageVersion
0.0

ProductName
Sky-Fighter

FileVersionNumber
5.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Sky-Fighter Main Executeable

CharacterSet
Unicode

LinkerVersion
14.0

FileTypeExtension
exe

OriginalFileName
SF_Main.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
5.0.0.0

TimeStamp
2017:02:05 16:59:37+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
SF_Main.exe

ProductVersion
5.0.0.0

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Windows NT 32-bit

LegalCopyright
Copyright (C) 2017

MachineType
Intel 386 or later, and compatibles

CompanyName
Sky-Network

CodeSize
3578368

FileSubtype
0

ProductVersionNumber
5.0.0.0

EntryPoint
0x955000

ObjectFileType
Executable application

File identification
MD5 d502923e19dd446614d7dcc6a0782f99
SHA1 81c750df70c9d6aba9e4ce6fc61ae8d6f3f249ab
SHA256 3351357048a83766ff96b5ae983b2541bfd14789eae311ab8b54068605dcb55a
ssdeep
49152:LVjRwTLZL8tMWwRyelw0H/Y+c7rGs3gRWMWMsoG4lMj39IJNzyI/pAZyZNlx6D+Q:LzKRAen7uw3Wp4lMNcxTykZNz6S0Me3

authentihash 3278ab888a9b2b5396b597fa4705b45dd34c6f3076f10284f610220524181426
imphash b1e9998745df82818b92e921a2a75e35
File size 4.0 MB ( 4184064 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe

VirusTotal metadata
First submission 2017-02-05 17:48:19 UTC ( vor 2 Jahre, 2 Monate )
Last submission 2017-02-05 17:48:19 UTC ( vor 2 Jahre, 2 Monate )
Dateinamen SF_Main.exe
SF_Main.xp
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs
UDP communications