× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 65542b4caadba817a53484ae6603e02ac0d082fe1ba66a4911ad9e7d11e1ced4
Dateiname: Launcher.atm
Erkennungsrate: 2 / 55
Analyse-Datum: 2017-01-31 01:59:01 UTC ( vor 2 Jahre, 2 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
CrowdStrike Falcon (ML) malicious_confidence_78% (D) 20161024
Qihoo-360 HEUR/QVM19.1.0000.Malware.Gen 20170131
Ad-Aware 20170131
AegisLab 20170131
AhnLab-V3 20170130
Alibaba 20170122
ALYac 20170131
Antiy-AVL 20170131
Arcabit 20170131
Avast 20170131
AVG 20170131
Avira (no cloud) 20170130
AVware 20170131
Baidu 20170125
BitDefender 20170131
Bkav 20170123
CAT-QuickHeal 20170130
ClamAV 20170131
CMC 20170130
Comodo 20170130
Cyren 20170131
DrWeb 20170131
Emsisoft 20170130
ESET-NOD32 20170131
F-Prot 20170131
F-Secure 20170130
Fortinet 20170131
GData 20170130
Ikarus 20170130
Sophos ML 20170111
Jiangmin 20170130
K7AntiVirus 20170130
K7GW 20170131
Kaspersky 20170131
Kingsoft 20170131
Malwarebytes 20170130
McAfee 20170131
McAfee-GW-Edition 20170131
Microsoft 20170131
eScan 20170131
NANO-Antivirus 20170131
nProtect 20170131
Panda 20170130
Rising 20170131
Sophos AV 20170130
SUPERAntiSpyware 20170131
Symantec 20170130
Tencent 20170131
TheHacker 20170129
TrendMicro 20170131
TrendMicro-HouseCall 20170131
Trustlook 20170131
VBA32 20170130
VIPRE 20170131
ViRobot 20170130
WhiteArmor 20170123
Yandex 20170130
Zillya 20170130
Zoner 20170131
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2017

Product Sky-Fighter
Original name Launcher.atm
Internal name Launcher.atm
File version 5.0.0.0
Description Sky-Fighter Launcher
ReversingLabs Taggant packer details
Validity
Valid taggant block

Full file hash
Valid

PKI chain
Valid

Packer Themida (2.4.5)
Timestamp Jan 31 01:54:32 2017 GMT
User
Validity Valid
Serial Number 1E0BC75D883DDAD6E8DE9A23B0B6941E
SPV
Validity Valid
Serial Number 19D169BB9A9042C0607D960325D1D336
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-01-31 01:53:36
Entry Point 0x007E8000
Number of sections 9
PE sections
PE imports
ImageList_EndDrag
ImmSetCompositionWindow
FreeLibrary
HeapFree
GetModuleHandleA
VirtualFree
HeapAlloc
GetCommandLineA
GetVersionExA
LoadLibraryA
VirtualAlloc
GetCurrentThreadId
GetProcessHeap
MessageBoxA
Number of PE resources by type
BMP 17
RT_CURSOR 16
RT_GROUP_CURSOR 15
RT_STRING 14
RT_BITMAP 8
RT_ICON 6
RT_DIALOG 4
RT_MANIFEST 2
AFX_DIALOG_LAYOUT 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 85
NEUTRAL 1
PE resources
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
1612288

EntryPoint
0x7e8000

OriginalFileName
Launcher.atm

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2017

FileVersion
5.0.0.0

TimeStamp
2017:01:31 02:53:36+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Launcher.atm

ProductVersion
5.0.0.0

FileDescription
Sky-Fighter Launcher

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Sky-Network

CodeSize
1605120

ProductName
Sky-Fighter

ProductVersionNumber
5.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 2656c99a8c89ade2486fb19c12a265b4
SHA1 10fce487ebcf43945690a6d3e5e8816d265ee864
SHA256 65542b4caadba817a53484ae6603e02ac0d082fe1ba66a4911ad9e7d11e1ced4
ssdeep
98304:MG9aT8YBPYjcsWg7TDZ/rw1u/+IglXitWfvwG3:5aTscw/bglXitGIG3

authentihash ab593bc4f9cd354b7da4028132eab1f5a90e3b02812e598232f4d16d8f84a3a2
imphash b1e9998745df82818b92e921a2a75e35
File size 3.4 MB ( 3563520 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe

VirusTotal metadata
First submission 2017-01-31 01:59:01 UTC ( vor 2 Jahre, 2 Monate )
Last submission 2017-01-31 01:59:01 UTC ( vor 2 Jahre, 2 Monate )
Dateinamen Launcher.atm
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs
UDP communications