× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 746088381e03901270b47556c61c83ceae6ded623904d66055cca56082779fd8
Dateiname: Sky-Fighter.exe
Erkennungsrate: 4 / 54
Analyse-Datum: 2017-01-30 23:52:07 UTC ( vor 2 Jahre, 2 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9730 20170125
CrowdStrike Falcon (ML) malicious_confidence_86% (D) 20161024
Sophos ML virtool.win32.obfuscator.xz 20170111
Qihoo-360 HEUR/QVM19.1.0000.Malware.Gen 20170131
Ad-Aware 20170130
AegisLab 20170130
AhnLab-V3 20170130
Alibaba 20170122
ALYac 20170131
Antiy-AVL 20170130
Arcabit 20170130
Avast 20170130
AVG 20170130
Avira (no cloud) 20170130
AVware 20170130
BitDefender 20170130
Bkav 20170123
CAT-QuickHeal 20170130
ClamAV 20170130
CMC 20170130
Comodo 20170130
Cyren 20170130
Emsisoft 20170130
ESET-NOD32 20170131
F-Prot 20170130
F-Secure 20170130
Fortinet 20170130
GData 20170130
Ikarus 20170130
Jiangmin 20170130
K7AntiVirus 20170130
K7GW 20170130
Kaspersky 20170130
Kingsoft 20170131
Malwarebytes 20170130
McAfee 20170130
McAfee-GW-Edition 20170130
Microsoft 20170130
eScan 20170130
NANO-Antivirus 20170130
nProtect 20170130
Panda 20170130
Rising 20170130
Sophos AV 20170130
SUPERAntiSpyware 20170130
Symantec 20170130
Tencent 20170131
TheHacker 20170129
TrendMicro 20170131
Trustlook 20170131
VBA32 20170130
VIPRE 20170131
ViRobot 20170130
WhiteArmor 20170123
Yandex 20170130
Zillya 20170130
Zoner 20170130
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2017

Product Sky-Fighter
Original name Sky-Fighter.exe
Internal name Sky-Fighter.exe
File version 4.7.0.0
Description Sky-Fighter PreLauncher
ReversingLabs Taggant packer details
Validity
Valid taggant block

Full file hash
Valid

PKI chain
Valid

Packer Themida (2.4.5)
Timestamp Jan 30 22:15:27 2017 GMT
User
Validity Valid
Serial Number 1E0BC75D883DDAD6E8DE9A23B0B6941E
SPV
Validity Valid
Serial Number 19D169BB9A9042C0607D960325D1D336
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-01-30 22:02:32
Entry Point 0x00710000
Number of sections 9
PE sections
PE imports
ImageList_EndDrag
ImmSetCompositionWindow
FreeLibrary
HeapFree
GetModuleHandleA
VirtualFree
HeapAlloc
GetCommandLineA
GetVersionExA
LoadLibraryA
VirtualAlloc
GetCurrentThreadId
GetProcessHeap
MessageBoxA
Number of PE resources by type
RT_CURSOR 16
RT_GROUP_CURSOR 15
RT_STRING 14
RT_ICON 6
RT_BITMAP 5
RT_DIALOG 3
BMP 2
RT_MANIFEST 2
AFX_DIALOG_LAYOUT 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 65
NEUTRAL 1
PE resources
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.7.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
857600

EntryPoint
0x710000

OriginalFileName
Sky-Fighter.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2017

FileVersion
4.7.0.0

TimeStamp
2017:01:30 23:02:32+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Sky-Fighter.exe

ProductVersion
4.7.0.0

FileDescription
Sky-Fighter PreLauncher

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Sky-Network

CodeSize
1559552

ProductName
Sky-Fighter

ProductVersionNumber
4.7.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 7b9cd2bc7da86ef0adec1c91a5d4f1aa
SHA1 4c8b5c61f4f258220e47044d3a64f87595711e8b
SHA256 746088381e03901270b47556c61c83ceae6ded623904d66055cca56082779fd8
ssdeep
49152:ca7idFY7C8BVqlC7/hjeyu89k/rm+sh7w7EtKBf/Q0Rl6XGon2Hge4b9q7QQFKWX:c8i0bqIqyDk/rmF2MTIlJa2gXMpn7P3

authentihash a9cf6a2996394f949f796129a60730405a106496c4540a17ca9617a1387defa7
imphash b1e9998745df82818b92e921a2a75e35
File size 3.2 MB ( 3323904 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe

VirusTotal metadata
First submission 2017-01-30 23:52:07 UTC ( vor 2 Jahre, 2 Monate )
Last submission 2017-01-30 23:52:07 UTC ( vor 2 Jahre, 2 Monate )
Dateinamen Sky-Fighter.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs