× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 37bbbe4ead9d251bc5af844247e878c4dbc53e2049e78c556946e53c6472485f
Dateiname: SiDiary6.exe
Erkennungsrate: 4 / 56
Analyse-Datum: 2015-05-17 19:11:41 UTC ( vor 3 Jahre, 9 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Avast Win32:Malware-gen 20150517
Avira (no cloud) BDS/Agent.9054720 20150517
DrWeb BACKDOOR.Trojan 20150517
TrendMicro-HouseCall Suspicious_GEN.F47V0517 20150517
Ad-Aware 20150517
AegisLab 20150517
Yandex 20150516
AhnLab-V3 20150517
Alibaba 20150517
ALYac 20150517
Antiy-AVL 20150517
AVG 20150517
AVware 20150517
Baidu-International 20150517
BitDefender 20150517
Bkav 20150516
ByteHero 20150517
CAT-QuickHeal 20150516
ClamAV 20150517
CMC 20150513
Comodo 20150517
Cyren 20150517
ESET-NOD32 20150517
F-Prot 20150517
F-Secure 20150517
Fortinet 20150517
GData 20150517
Ikarus 20150517
Jiangmin 20150516
K7AntiVirus 20150517
K7GW 20150517
Kaspersky 20150517
Kingsoft 20150517
Malwarebytes 20150517
McAfee 20150517
McAfee-GW-Edition 20150517
Microsoft 20150517
eScan 20150517
NANO-Antivirus 20150517
Norman 20150517
nProtect 20150515
Panda 20150517
Qihoo-360 20150517
Rising 20150517
Sophos AV 20150517
SUPERAntiSpyware 20150516
Symantec 20150517
Tencent 20150517
TheHacker 20150515
TotalDefense 20150517
TrendMicro 20150517
VBA32 20150515
VIPRE 20150517
ViRobot 20150517
Zillya 20150515
Zoner 20150515
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© 2003-2015 SINOVO GmbH & Co.KG

Publisher SINOVO GmbH & Co. KG
Product SiDiary®
Original name SiDiary6.exe
Internal name SiDiary6
File version 6.00.1296
Description SiDiary®
Comments Please check https://diabetes.sinovo.net for SiDiary Online Logbook!
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-03-24 12:07:21
Entry Point 0x0002C914
Number of sections 5
PE sections
PE imports
GdipGetImageHorizontalResolution
GdipGetImageEncodersSize
GdipImageSelectActiveFrame
GdipImageRotateFlip
GdipLoadImageFromFileICM
GdipGetImageType
GdipGetPropertyCount
GdipGetImagePixelFormat
GdipSetSmoothingMode
GdipCreateFromHDC2
GdipGetImageVerticalResolution
GdipGetImagePalette
GdipSetTextContrast
GdipDisposeImage
GdipSetRenderingOrigin
GdipGetDC
GdipSetImagePalette
GdiplusStartup
GdipGetRenderingOrigin
GdipDeleteGraphics
GdipGetEncoderParameterListSize
GdipGetSmoothingMode
GdipGetImageThumbnail
GdipCreateFromHDC
GdipRemovePropertyItem
GdipGetImagePaletteSize
GdipCreateBitmapFromHBITMAP
GdipDrawImageRect
GdipCreateFromHWND
GdipLoadImageFromFile
GdiplusShutdown
GdipGetImageWidth
GdipGetCompositingQuality
GdipGetImageDimension
GdipSetInterpolationMode
GdipGetTextContrast
GdipGetImageFlags
GdipGetImageRawFormat
GdipSetCompositingQuality
GdipGetImageHeight
GdipReleaseDC
GdipGetTextRenderingHint
GdipGetImageGraphicsContext
GdipSetTextRenderingHint
GdipGetInterpolationMode
RtlMoveMemory
lstrlenW
_adj_fdivr_m64
__vbaLateMemNamedCall
Ord(610)
Ord(645)
Ord(518)
Ord(647)
__vbaGenerateBoundsError
__vbaStrFixstr
_allmul
__vbaGet4
Ord(616)
EVENT_SINK_Invoke
__vbaGet3
Ord(527)
_adj_fprem
Ord(558)
Ord(596)
Ord(546)
__vbaAryMove
__vbaObjVar
__vbaNextEachCollAd
Ord(526)
__vbaGetOwner3
Ord(693)
__vbaVargVarMove
__vbaVerifyVarObj
Ord(301)
__vbaStopExe
__vbaUI1Var
__vbaVarAnd
__vbaRedim
__vbaForEachCollObj
__vbaRefVarAry
__vbaFileSeek
__vbaRecDestruct
__vbaCopyBytes
__vbaRaiseEvent
__vbaFailedFriend
_adj_fdiv_r
__vbaLsetFixstrFree
__vbaUI1I2
__vbaRecAnsiToUni
__vbaDateStr
Ord(320)
__vbaLateIdCallSt
__vbaVarIndexStore
__vbaFixstrConstruct
__vbaVarTstLt
__vbaMidStmtBstr
__vbaI4Var
Ord(517)
__vbaHresultCheckObj
__vbaI2Var
__vbaR8Str
_CIlog
__vbaVarMul
Ord(318)
Ord(595)
__vbaRecAssign
_adj_fptan
Ord(577)
__vbaFileClose
Ord(581)
Ord(317)
__vbaDerefAry
__vbaLineInputStr
__vbaLateIdCall
Ord(306)
Ord(661)
__vbaRecUniToAnsi
Ord(625)
__vbaFreeStr
Ord(670)
__vbaR4Var
Ord(631)
__vbaVarNot
__vbaStrI2
__vbaStrR8
Ord(588)
Ord(669)
__vbaFPFix
__vbaVarSetVarAddref
__vbaFreeStrList
__vbaForEachCollVar
__vbaI2I4
Ord(557)
_adj_fdiv_m16i
__vbaExceptHandler
__vbaStrDate
EVENT_SINK_QueryInterface
__vbaFpUI1
Ord(617)
__vbaVar2Vec
Ord(648)
Ord(516)
__vbaAryVarVarg
__vbaLateIdStAd
__vbaVarInt
__vbaCyVar
Ord(607)
__vbaLenBstr
Ord(525)
__vbaResume
Ord(650)
Ord(594)
Ord(561)
__vbaCheckType
Ord(576)
__vbaFpCDblR8
Ord(553)
__vbaInStr
_adj_fdiv_m32i
Ord(662)
__vbaFreeVarg
Ord(307)
__vbaVarTstLe
Ord(543)
DllFunctionCall
Zombie_GetTypeInfoCount
__vbaPowerR8
__vbaUbound
__vbaVarCmpGt
Ord(589)
Ord(571)
__vbaDerefAry1
__vbaVarSetObjAddref
__vbaFreeVar
__vbaBoolVarNull
__vbaStrI4
__vbaLbound
Ord(100)
__vbaR4Str
_CItan
__vbaFileOpen
__vbaVargVar
__vbaAryUnlock
__vbaI2Str
Ord(321)
Ord(696)
__vbaStrR4
Ord(606)
__vbaNew
__vbaAryLock
__vbaLsetFixstr
__vbaVarTstEq
__vbaLateMemCallSt
Ord(593)
__vbaExitEachColl
__vbaStrVarCopy
Ord(667)
__vbaVarDiv
Ord(539)
__vbaUnkVar
__vbaR4ForNextCheck
__vbaNameFile
__vbaOnError
__vbaVargVarCopy
Ord(579)
__vbaInStrVar
__vbaStrCat
__vbaNextEachCollVar
__vbaVarDup
_adj_fdivr_m32i
__vbaChkstk
Ord(523)
__vbaVarNeg
__vbaPrintFile
EVENT_SINK_Release
__vbaStrCmp
Ord(687)
Ord(570)
__vbaErase
__vbaBoolVar
__vbaVarCmpGe
Ord(587)
Ord(533)
__vbaVarAbs
Ord(605)
__vbaFreeObjList
Ord(302)
__vbaStrComp
Ord(629)
Ord(592)
__vbaVarIndexLoad
EVENT_SINK_GetIDsOfNames
Ord(319)
__vbaVarPow
Ord(583)
Ord(311)
Ord(538)
__vbaFreeVarList
Ord(613)
__vbaRecDestructAnsi
Ord(305)
Ord(578)
__vbaStrVarMove
__vbaVargParmRef
Ord(618)
__vbaExitProc
Ord(542)
Zombie_GetTypeInfo
__vbaVarOr
Ord(562)
__vbaCastObj
__vbaLateMemCallLd
Ord(529)
__vbaVarTstGe
Ord(520)
__vbaDateVar
Ord(651)
_adj_fdivr_m32
__vbaStrVarVal
__vbaVarSub
Ord(531)
Ord(660)
__vbaVarTstGt
__vbaVarIdiv
Ord(513)
_CIcos
EVENT_SINK2_AddRef
Ord(303)
__vbaI4Str
Ord(611)
Ord(612)
Ord(528)
__vbaR4Cy
__vbaStrErrVarCopy
__vbaVarCmpNe
__vbaVarMove
Ord(646)
__vbaErrorOverflow
__vbaStrUI1
Ord(622)
__vbaNew2
__vbaR8IntI4
__vbaLateIdSt
__vbaR8IntI2
__vbaI4Sgn
__vbaVarTstNe
__vbaVarCmpEq
__vbaAryDestruct
__vbaStrMove
Ord(652)
_adj_fprem1
Ord(619)
Ord(537)
Ord(698)
Ord(563)
_adj_fdiv_m32
Ord(535)
__vbaPrintObj
__vbaVarCmpLt
__vbaLenVar
__vbaEnd
Ord(308)
Ord(521)
Ord(644)
__vbaI4Abs
Ord(586)
__vbaPutOwner3
__vbaVarCat
Ord(572)
__vbaLateMemSt
__vbaObjSetAddref
_adj_fpatan
Ord(663)
EVENT_SINK_AddRef
Ord(547)
Ord(608)
Ord(568)
Ord(300)
__vbaObjIs
__vbaVarVargNofree
Ord(591)
Ord(681)
__vbaI4ErrVar
__vbaVarSetVar
Ord(632)
__vbaStr2Vec
Ord(313)
__vbaFPException
__vbaStrToUnicode
_adj_fdivr_m16i
Ord(552)
__vbaAryConstruct
__vbaVarAdd
__vbaFPInt
_adj_fdiv_m64
Ord(599)
__vbaVarMod
Ord(544)
__vbaCastObjVar
Ord(534)
Ord(519)
__vbaNextEachCollObj
__vbaRedimPreserve
Ord(309)
__vbaFreeObj
__vbaUI1I4
__vbaStrBool
_CIsin
_CIsqrt
__vbaVarCopy
Ord(614)
__vbaLenBstrB
__vbaStrCopy
__vbaBoolStr
_CIatan
__vbaI2Abs
Ord(600)
__vbaLateMemCall
Ord(573)
__vbaVarCmpLe
__vbaR8Var
__vbaLateMemStAd
Ord(580)
__vbaPut3
__vbaObjSet
__vbaSetSystemError
__vbaRedimVar
__vbaDateR8
__vbaForEachCollAd
EVENT_SINK2_Release
_CIexp
Ord(685)
__vbaStrToAnsi
__vbaFpR4
Ord(582)
Ord(532)
__vbaFpR8
__vbaFpI4
Ord(598)
__vbaFpI2
Ord(545)
__vbaLateIdCallLd
Number of PE resources by type
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
GERMAN 1
PE resources
ExifTool file metadata
LegalTrademarks
SiDiary , SINOVO

SubsystemVersion
4.0

Comments
Please check https://diabetes.sinovo.net for SiDiary Online Logbook!

LinkerVersion
4.2

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
6.0.0.1296

LanguageCode
German

FileFlagsMask
0x0000

FileDescription
SiDiary

CharacterSet
Unicode

InitializedDataSize
704512

FileOS
Win32

EntryPoint
0x2c914

MIMEType
application/octet-stream

LegalCopyright
2003-2015 SINOVO GmbH & Co.KG

FileVersion
6.00.1296

TimeStamp
2015:03:24 13:07:21+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
SiDiary6

ProductVersion
6.00.1296

UninitializedDataSize
0

OSVersion
4.0

OriginalFilename
SiDiary6.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
SINOVO GmbH & Co. KG

CodeSize
8633856

ProductName
SiDiary

ProductVersionNumber
6.0.0.1296

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 dc318956c4e97a618337b6ccdf4160e9
SHA1 1676b408d8248fc78f1b8994c2415dec8d5024d4
SHA256 37bbbe4ead9d251bc5af844247e878c4dbc53e2049e78c556946e53c6472485f
ssdeep
196608:JEGVFNMJYDhR5LJ/4O7w20TzcO3JBR3chzAE2QhidJNn8oSfiK0ToeSxxUCjdPCc:Jz/NMJYDD5h4O790TzcO3JBR3cpAE2ox

authentihash b487d7aa91ea070de4350488a319643ce4f34ea1de29fc92af768dfd8118b6c8
imphash 77d61a9b44bda1e66ccdedd2acc169f3
File size 8.6 MB ( 9054720 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 5 (68.2%)
InstallShield setup (13.3%)
Win32 Executable MS Visual C++ (generic) (9.6%)
Windows screen saver (4.0%)
Win32 Dynamic Link Library (generic) (2.0%)
Tags
peexe

VirusTotal metadata
First submission 2015-05-10 16:05:16 UTC ( vor 3 Jahre, 9 Monate )
Last submission 2015-05-20 06:26:26 UTC ( vor 3 Jahre, 9 Monate )
Dateinamen SiDiary6.exe
SiDiary6
SiDiary6.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Hooking activity
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.