× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 4aa4457443ab28b4a335809d6d101be91baa6a5a96e3b414a73281c71665ec8a
Dateiname: Wextract
Erkennungsrate: 3 / 60
Analyse-Datum: 2017-05-18 21:21:57 UTC ( vor 4 Tage, 23 Stunden )
Antivirus Ergebnis Aktualisierung
CrowdStrike Falcon (ML) malicious_confidence_93% (W) 20170130
Invincea backdoor.msil.bladabindi.aj 20170516
TrendMicro-HouseCall Suspicious_GEN.F47V0420 20170518
Ad-Aware 20170518
AegisLab 20170518
AhnLab-V3 20170518
Alibaba 20170518
ALYac 20170518
Arcabit 20170518
Avast 20170518
AVG 20170518
Avira (no cloud) 20170518
AVware 20170518
Baidu 20170503
BitDefender 20170518
CAT-QuickHeal 20170518
ClamAV 20170518
CMC 20170518
Comodo 20170518
Cyren 20170518
DrWeb 20170518
Emsisoft 20170518
Endgame 20170515
ESET-NOD32 20170518
F-Prot 20170518
F-Secure 20170518
Fortinet 20170518
GData 20170518
Ikarus 20170518
Jiangmin 20170518
K7AntiVirus 20170518
K7GW 20170518
Kaspersky 20170518
Kingsoft 20170519
Malwarebytes 20170518
McAfee 20170518
McAfee-GW-Edition 20170518
Microsoft 20170518
eScan 20170519
NANO-Antivirus 20170518
nProtect 20170518
Palo Alto Networks (Known Signatures) 20170519
Panda 20170518
Qihoo-360 20170519
Rising 20170516
SentinelOne (Static ML) 20170516
Sophos 20170518
SUPERAntiSpyware 20170519
Symantec 20170518
Symantec Mobile Insight 20170518
Tencent 20170519
TheHacker 20170516
TotalDefense 20170518
TrendMicro 20170518
Trustlook 20170519
VBA32 20170518
VIPRE 20170518
ViRobot 20170518
Webroot 20170519
WhiteArmor 20170517
Yandex 20170518
Zillya 20170518
ZoneAlarm by Check Point 20170518
Zoner 20170518
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Internet Explorer
Original name WEXTRACT.EXE
Internal name Wextract
File version 11.00.14393.0 (rs1_release.160715-1616)
Description Win32 Cabinet Self-Extractor
Packers identified
F-PROT SFX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-07-16 01:42:10
Entry Point 0x00006BD0
Number of sections 5
PE sections
PE imports
GetTokenInformation
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges
FreeSid
RegQueryValueExA
AllocateAndInitializeSid
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
EqualSid
RegQueryInfoKeyA
Ord(23)
Ord(20)
Ord(21)
Ord(22)
GetDeviceCaps
GetLastError
GetCurrentDirectoryA
GetTempFileNameA
DosDateTimeToFileTime
LoadLibraryA
GetFileAttributesA
GlobalFree
WaitForSingleObject
LockResource
FreeLibrary
QueryPerformanceCounter
MulDiv
ExitProcess
SetFileTime
GetVersionExA
GlobalUnlock
RemoveDirectoryA
IsDBCSLeadByte
GetExitCodeProcess
GetStartupInfoA
GetVolumeInformationA
LoadLibraryExA
SizeofResource
CreateEventA
GetPrivateProfileStringA
WritePrivateProfileStringA
LocalAlloc
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
UnhandledExceptionFilter
_llseek
GetShortPathNameA
ExpandEnvironmentStringsA
SetEvent
GetModuleFileNameA
GlobalLock
TerminateThread
GetTempPathA
GetCurrentProcessId
CreateMutexA
GetModuleHandleA
_lclose
CreateThread
SetFilePointer
lstrcmpA
ReadFile
GetCurrentThreadId
SetUnhandledExceptionFilter
WriteFile
_lopen
FindFirstFileA
CompareStringA
ResetEvent
EnumResourceLanguagesA
FindNextFileA
GetSystemDirectoryA
GetDiskFreeSpaceA
GetModuleHandleW
GetProcAddress
FreeResource
SetFileAttributesA
GetDriveTypeA
LocalFree
TerminateProcess
CreateProcessA
GetSystemTimeAsFileTime
GetCurrentProcess
LoadResource
GlobalAlloc
LocalFileTimeToFileTime
FindClose
Sleep
FormatMessageA
CreateFileA
GetTickCount
GetVersion
FindResourceA
SetCurrentDirectoryA
GetSystemInfo
CloseHandle
CharPrevA
EndDialog
ShowWindow
MessageBeep
SetWindowPos
SendDlgItemMessageA
GetSystemMetrics
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
PeekMessageA
SetWindowLongA
CharUpperA
GetDC
ReleaseDC
SetWindowTextA
LoadStringA
SendMessageA
GetDlgItem
GetWindowLongA
CharNextA
GetDesktopWindow
CallWindowProcA
MsgWaitForMultipleObjects
SetForegroundWindow
ExitWindowsEx
DialogBoxIndirectParamA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
_cexit
?terminate@@YAXXZ
_vsnprintf
_ismbblead
_acmdln
_exit
__p__commode
memset
_amsg_exit
memcpy
memcpy_s
_except_handler4_common
exit
__p__fmode
_XcptFilter
__getmainargs
_initterm
_controlfp
__setusermatherr
__set_app_type
Number of PE resources by type
RT_RCDATA 14
RT_ICON 13
RT_DIALOG 6
RT_STRING 6
RT_VERSION 2
RT_MANIFEST 1
AVI 1
RT_GROUP_ICON 1
Number of PE resources by language
GERMAN 23
ENGLISH US 21
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.0

LinkerVersion
14.0

ImageVersion
10.0

FileSubtype
0

FileVersionNumber
11.0.14393.0

UninitializedDataSize
0

LanguageCode
German

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
508416

EntryPoint
0x6bd0

OriginalFileName
WEXTRACT.EXE .MUI

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. Alle Rechte vorbehalten.

FileVersion
11.00.14393.0 (rs1_release.160715-1616)

TimeStamp
2016:07:16 02:42:10+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Wextract

ProductVersion
11.00.14393.0

FileDescription
Win32 Cabinet Self-Extractor

OSVersion
10.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
26112

ProductName
Internet Explorer

ProductVersionNumber
11.0.14393.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 0846970fd640eee9c253173334ad0901
SHA1 fae8d3316a82c3b95fc37d5928abe37f678cb578
SHA256 4aa4457443ab28b4a335809d6d101be91baa6a5a96e3b414a73281c71665ec8a
ssdeep
6144:uop0yN90QE8ePvRaqwX+Dmo8S8fXTQnrhCyg45unbHW+FkvEwfF3nGzeg51IYbmD:Yy90WSaVymTXTQrhCy/5mNmyb5ux

authentihash 532e2895eb65913e7f136075144c238b2f7a5fa3083d44d5e834978df88be11e
imphash 1efe015ade03f54dd6d9b2ccea28b970
File size 523.0 KB ( 535552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2017-04-20 17:42:02 UTC ( vor 1 Monat )
Last submission 2017-04-20 17:42:02 UTC ( vor 1 Monat )
Dateinamen yabasic-2.78.0-setup.exe
Wextract
WEXTRACT.EXE
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!