× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 61dff14b0e580d4a419bbbe434c63bedbf57e5505cc191642968e9911e9c0b42
Dateiname: SourceMW.exe
Erkennungsrate: 2 / 69
Analyse-Datum: 2018-11-19 19:28:40 UTC ( vor 4 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Sophos ML heuristic 20181108
SentinelOne (Static ML) static engine - malicious 20181011
Acronis 20180726
Ad-Aware 20181119
AegisLab 20181119
AhnLab-V3 20181119
Alibaba 20180921
ALYac 20181119
Antiy-AVL 20181119
Arcabit 20181119
Avast 20181119
Avast-Mobile 20181119
AVG 20181119
Avira (no cloud) 20181119
AVware 20180925
Babable 20180918
Baidu 20181119
BitDefender 20181119
Bkav 20181119
CAT-QuickHeal 20181119
ClamAV 20181119
CMC 20181119
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181119
Cyren 20181119
DrWeb 20181119
eGambit 20181119
Emsisoft 20181119
Endgame 20181108
ESET-NOD32 20181119
F-Prot 20181119
F-Secure 20181119
Fortinet 20181119
GData 20181119
Ikarus 20181119
Jiangmin 20181119
K7AntiVirus 20181119
K7GW 20181119
Kaspersky 20181119
Kingsoft 20181119
Malwarebytes 20181119
MAX 20181119
McAfee 20181119
McAfee-GW-Edition 20181119
Microsoft 20181119
eScan 20181119
NANO-Antivirus 20181119
Palo Alto Networks (Known Signatures) 20181119
Panda 20181119
Qihoo-360 20181119
Rising 20181119
Sophos AV 20181119
SUPERAntiSpyware 20181114
Symantec 20181118
Symantec Mobile Insight 20181108
TACHYON 20181119
Tencent 20181119
TheHacker 20181118
TrendMicro 20181119
TrendMicro-HouseCall 20181119
Trustlook 20181119
VBA32 20181119
VIPRE 20181119
ViRobot 20181119
Webroot 20181119
Yandex 20181119
Zillya 20181119
ZoneAlarm by Check Point 20181119
Zoner 20181119
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-19 19:13:35
Entry Point 0x00004044
Number of sections 5
PE sections
PE imports
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
Sleep
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentThreadId
GetModuleHandleW
_except_handler4_common
__FrameUnwindFilter
_CorExeMain
_cexit
_configure_narrow_argv
_register_onexit_function
_seh_filter_dll
memset
terminate
_execute_onexit_table
abort
_initialize_onexit_table
_initialize_narrow_environment
_crt_at_quick_exit
_crt_atexit
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:11:19 20:13:35+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12800

LinkerVersion
14.16

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x4044

InitializedDataSize
797184

SubsystemVersion
6.0

ImageVersion
0.0

OSVersion
6.0

UninitializedDataSize
0

File identification
MD5 404b7b854a3b6aaa7ea902d247f63c9b
SHA1 834546fecb8970838e843cb86a1b8550a614894e
SHA256 61dff14b0e580d4a419bbbe434c63bedbf57e5505cc191642968e9911e9c0b42
ssdeep
6144:HZHllllllllllllyccccccaVFuXkGhx2uED9hfyQ0tdwHwlxjINf2Sv9U94KlllX:5/8kGhQuWhZ0tiHwlxA22Uf

authentihash 534fb3cf29e55909567440260fc0d67fcdc2d1c1cae0a76fa05112777eb0f9e3
imphash 255662b5d98320df765109d5e2331246
File size 791.0 KB ( 809984 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-11-19 19:28:40 UTC ( vor 4 Monate )
Last submission 2018-11-19 19:28:40 UTC ( vor 4 Monate )
Dateinamen SourceMW.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!