× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 95c262880e271de8e0e765c39c431b6d62e4d2db80f8a8dd0442d8a30ad074f4
Dateiname: EasyPort.exe
Erkennungsrate: 6 / 55
Analyse-Datum: 2017-01-28 21:30:02 UTC ( vor 2 Jahre, 2 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
AVG Luhe.Fiha.A 20170128
AVware Trojan.Win32.Generic.pak!cobra 20170128
ClamAV Win.Trojan.Hacktool-1767 20170128
CrowdStrike Falcon (ML) malicious_confidence_86% (D) 20161024
Qihoo-360 HEUR/QVM10.1.0000.Malware.Gen 20170128
VIPRE Trojan.Win32.Generic.pak!cobra 20170128
Ad-Aware 20170128
AegisLab 20170128
AhnLab-V3 20170128
Alibaba 20170122
ALYac 20170128
Antiy-AVL 20170128
Arcabit 20170128
Avast 20170128
Avira (no cloud) 20170128
Baidu 20170125
BitDefender 20170128
Bkav 20170123
CAT-QuickHeal 20170128
CMC 20170128
Comodo 20170128
Cyren 20170128
DrWeb 20170128
Emsisoft 20170128
ESET-NOD32 20170128
F-Prot 20170128
F-Secure 20170128
Fortinet 20170128
GData 20170128
Ikarus 20170128
Sophos ML 20170111
Jiangmin 20170128
K7AntiVirus 20170128
K7GW 20170128
Kaspersky 20170128
Kingsoft 20170128
Malwarebytes 20170128
McAfee 20170128
McAfee-GW-Edition 20170128
Microsoft 20170128
eScan 20170128
NANO-Antivirus 20170128
nProtect 20170128
Panda 20170128
Rising 20170128
Sophos AV 20170128
SUPERAntiSpyware 20170128
Symantec 20170128
Tencent 20170128
TheHacker 20170128
TrendMicro 20170128
Trustlook 20170128
VBA32 20170127
ViRobot 20170128
WhiteArmor 20170123
Yandex 20170128
Zillya 20170128
Zoner 20170128
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-04-30 09:07:00
Entry Point 0x0001CC88
Number of sections 4
PE sections
Overlays
MD5 fd7836bb6081b947f3ff0aeeea214921
File type data
Offset 289280
Size 4818
Entropy 5.69
PE imports
RegCreateKeyExW
RegCloseKey
OpenProcessToken
RegSetValueExW
RegOpenKeyExW
SetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControlsEx
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
GetDeviceCaps
DeleteDC
SelectObject
StretchBlt
GetObjectW
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
WaitForSingleObject
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
OpenFileMappingW
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
GetStringTypeA
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
InitializeCriticalSection
FindClose
InterlockedDecrement
MoveFileW
GetFullPathNameW
SetLastError
GetSystemTime
DeviceIoControl
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
SetThreadPriority
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
SetFileAttributesW
CreateThread
SetEnvironmentVariableW
MoveFileExW
SetUnhandledExceptionFilter
TerminateProcess
CreateSemaphoreW
WriteConsoleA
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
GetNumberFormatW
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
FreeLibrary
GetStartupInfoA
SystemTimeToFileTime
GetDateFormatW
SetEvent
DeleteFileW
GetProcAddress
CreateFileMappingW
CompareStringW
WriteFile
RemoveDirectoryW
ExpandEnvironmentStringsW
FindNextFileW
CreateDirectoryW
ResetEvent
FindFirstFileW
GetProcessAffinityMask
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
DosDateTimeToFileTime
LCMapStringW
GetShortPathNameW
HeapCreate
GetConsoleCP
LCMapStringA
GetTimeFormatW
GetEnvironmentStringsW
IsDBCSLeadByte
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
RaiseException
ReleaseSemaphore
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetLongPathNameW
IsValidCodePage
UnmapViewOfFile
FindResourceW
VirtualFree
Sleep
VirtualAlloc
CreateHardLinkW
VariantInit
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
SHAutoComplete
MapWindowPoints
SetFocus
GetParent
UpdateWindow
EndDialog
LoadBitmapW
SetWindowTextW
DefWindowProcW
IsWindow
GetWindowTextW
GetMessageW
ShowWindow
SetWindowPos
wvsprintfW
GetSystemMetrics
SetWindowLongW
MessageBoxW
SendMessageW
GetWindowRect
RegisterClassExW
CharUpperW
DialogBoxParamW
SendDlgItemMessageW
GetDlgItemTextW
PostMessageW
GetSysColor
SetDlgItemTextW
GetDC
GetWindowLongW
ReleaseDC
DestroyIcon
TranslateMessage
IsWindowVisible
LoadStringW
GetClientRect
GetDlgItem
GetWindow
OemToCharBuffA
DispatchMessageW
PeekMessageW
GetClassNameW
CopyRect
WaitForInputIdle
LoadCursorW
LoadIconW
FindWindowExW
CreateWindowExW
EnableWindow
SetForegroundWindow
DestroyWindow
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromString
OleInitialize
OleUninitialize
Number of PE resources by type
RT_STRING 8
RT_DIALOG 6
RT_ICON 5
RT_MANIFEST 1
RT_BITMAP 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 16
NEUTRAL DEFAULT 6
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2013:04:30 10:07:00+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
150528

LinkerVersion
9.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x1cc88

InitializedDataSize
137728

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 e9cbb1775d509cfbddbc31a33398c689
SHA1 def0cb4554aea3937202e63531e8cb5f686d2e06
SHA256 95c262880e271de8e0e765c39c431b6d62e4d2db80f8a8dd0442d8a30ad074f4
ssdeep
3072:8JyAx2rO3XLwU8FAdrFQvgI117ECEULbdo+kXcwbBq81W1OOOO7OOOOO/kyHux:8X3XLz8FAhNI8C5KXcsrNux

authentihash 352cbd76fb874d6c76abc0047efc20f170fa766391e9ebdf36fb990d65a403cc
imphash 3eaa732d4dae53340f9646bdd85dac41
File size 287.2 KB ( 294098 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID WinRAR Self Extracting archive (4.x-5.x) (91.4%)
Win32 Executable MS Visual C++ (generic) (3.4%)
Win64 Executable (generic) (3.0%)
Win32 Dynamic Link Library (generic) (0.7%)
Win32 Executable (generic) (0.5%)
Tags
peexe overlay

VirusTotal metadata
First submission 2017-01-28 21:30:02 UTC ( vor 2 Jahre, 2 Monate )
Last submission 2019-01-31 12:05:10 UTC ( vor 2 Monate, 3 Wochen )
Dateinamen 95c262880e271de8e0e765c39c431b6d62e4d2db80f8a8dd0442d8a30ad074f4.bin
EasyPort.exe
EasyPort.ex
EasyPort.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs