× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 46621b44ad9ac14e104449b5141083a61ca07198e1c8f7c763ad9cdb8e834dcd
Dateiname: LMK.exe
Erkennungsrate: 15 / 64
Analyse-Datum: 2017-10-10 05:58:42 UTC ( vor 11 Monate, 2 Wochen ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
AegisLab Troj.W32.Gen.lJyT 20171010
Avira (no cloud) TR/Dropper.MSIL.Gen2 20171009
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9986 20170930
CAT-QuickHeal Trojan.Generic 20171009
CrowdStrike Falcon (ML) malicious_confidence_70% (D) 20170804
Endgame malicious (high confidence) 20170821
ESET-NOD32 a variant of Generik.EQGBAIV 20171010
Fortinet MSIL/Generic.AP.189EF30!tr 20171010
Jiangmin Trojan.Generic.agrjf 20171010
K7AntiVirus Riskware ( 0049f6ae1 ) 20171010
K7GW Riskware ( 0049f6ae1 ) 20171010
SentinelOne (Static ML) static engine - malicious 20171001
Symantec Trojan.Gen.2 20171010
TheHacker Trojan/Generik.EQGBAIV 20171007
Yandex Trojan.Agent!kFEUx9Kf0Q8 20171009
Ad-Aware 20171010
AhnLab-V3 20171010
Alibaba 20170911
ALYac 20171010
Antiy-AVL 20171010
Arcabit 20171010
Avast 20171010
Avast-Mobile 20171009
AVG 20171010
AVware 20171010
BitDefender 20171010
Bkav 20171009
ClamAV 20171010
CMC 20171009
Comodo 20171010
Cylance 20171010
Cyren 20171010
DrWeb 20171010
Emsisoft 20171010
F-Prot 20171010
F-Secure 20171010
GData 20171010
Ikarus 20171009
Sophos ML 20170914
Kaspersky 20171010
Kingsoft 20171010
Malwarebytes 20171010
MAX 20171010
McAfee 20171010
McAfee-GW-Edition 20171009
Microsoft 20171010
eScan 20171010
NANO-Antivirus 20171010
nProtect 20171010
Palo Alto Networks (Known Signatures) 20171010
Panda 20171009
Qihoo-360 20171010
Rising 20171010
Sophos AV 20171010
SUPERAntiSpyware 20171010
Symantec Mobile Insight 20171006
Tencent 20171010
TrendMicro 20171010
TrendMicro-HouseCall 20171010
Trustlook 20171010
VBA32 20171009
VIPRE 20171010
ViRobot 20171010
Webroot 20171010
WhiteArmor 20170927
ZoneAlarm by Check Point 20171010
Zoner 20171010
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Campbell Wild 1998-2016

Product ADRIFT Runner
Original name run500.exe
Internal name run500.exe
File version 5.0.35.3
Description ADRIFT Runner
Comments Interactive Fiction Development System for Windows RPX 1.4.5799.27545
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-06-07 08:02:54
Entry Point 0x004E048E
Number of sections 3
.NET details
Module Version ID b14e267f-5c1a-4767-81dd-7f58e5eaec71
PE sections
Overlays
MD5 cea283689ffea7661eefb466aa80f45f
File type data
Offset 5110272
Size 10605844
Entropy 7.70
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
PE resources
ExifTool file metadata
FileDescription
ADRIFT Runner

Comments
Interactive Fiction Development System for Windows

InitializedDataSize
4608

ImageVersion
0.0

ProductName
ADRIFT Runner

FileVersionNumber
5.0.35.3

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
11.0

FileTypeExtension
exe

OriginalFileName
run500.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
5.0.35.3

TimeStamp
2016:06:07 09:02:54+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
run500.exe

SubsystemVersion
4.0

ProductVersion
5.0.35.3

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Campbell Wild 1998-2016

MachineType
Intel 386 or later, and compatibles

CompanyName
Campbell Wild

CodeSize
5105152

FileSubtype
0

ProductVersionNumber
5.0.35.3

EntryPoint
0x4e048e

ObjectFileType
Executable application

AssemblyVersion
5.0.35.3

File identification
MD5 ca1c7f18fd3e5e5bd0780e60ab481fb8
SHA1 2aab50af5884643cb37872100e87dd0e2db36e84
SHA256 46621b44ad9ac14e104449b5141083a61ca07198e1c8f7c763ad9cdb8e834dcd
ssdeep
196608:gLrt9wgm7Pt/ptyAzpbrS0JLje27BWWxopGxdl9bjZWMHgYlguqHSdZe2GpR6WI/:g7w3RtyupvS0J/BfHTjq/HSdZU6NB

authentihash a24286445f60d4a17237cf2c1666091c9b34d9ee5146fa092b0ac8d27daa0b15
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 15.0 MB ( 15716116 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Windows screen saver (43.3%)
Win32 Dynamic Link Library (generic) (21.7%)
Win32 Executable (generic) (14.9%)
OS/2 Executable (generic) (6.7%)
Generic Win/DOS Executable (6.6%)
Tags
peexe assembly overlay

VirusTotal metadata
First submission 2017-10-10 05:58:42 UTC ( vor 11 Monate, 2 Wochen )
Last submission 2017-11-09 15:14:48 UTC ( vor 10 Monate, 2 Wochen )
Dateinamen run500.exe
LMK.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!