× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 98b10c6bdae42e3692fff8b3ee743e985305cb5a7057bf5f411bcf77ce0f853c
Dateiname: Minecraft-Modder_v2.0.1_de.exe
Erkennungsrate: 0 / 45
Analyse-Datum: 2013-03-16 17:29:21 UTC ( vor 5 Jahre, 9 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Yandex 20130315
AhnLab-V3 20130316
AntiVir 20130316
Antiy-AVL 20130316
Avast 20130316
AVG 20130316
BitDefender 20130316
ByteHero 20130315
CAT-QuickHeal 20130316
ClamAV 20130316
Commtouch 20130316
Comodo 20130316
DrWeb 20130316
Emsisoft 20130316
eSafe 20130313
ESET-NOD32 20130316
F-Prot 20130316
F-Secure 20130316
Fortinet 20130316
GData 20130316
Ikarus 20130316
Jiangmin 20130316
K7AntiVirus 20130315
Kaspersky 20130316
Kingsoft 20130311
Malwarebytes 20130316
McAfee 20130316
McAfee-GW-Edition 20130316
Microsoft 20130316
eScan 20130316
NANO-Antivirus 20130316
Norman 20130316
nProtect 20130316
Panda 20130316
PCTools 20130315
Sophos AV 20130316
SUPERAntiSpyware 20130316
Symantec 20130316
TheHacker 20130315
TotalDefense 20130315
TrendMicro 20130316
TrendMicro-HouseCall 20130316
VBA32 20130315
VIPRE 20130316
ViRobot 20130315
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT ZIP
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-03-16 15:49:12
Entry Point 0x00001290
Number of sections 6
PE sections
PE imports
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegCloseKey
GetLastError
WaitForSingleObject
GetExitCodeProcess
CopyFileA
ExitProcess
GetModuleFileNameA
GetCurrentProcess
LockResource
GetCurrentDirectoryA
GetCommandLineA
GetProcAddress
CreateMutexA
FindResourceExA
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
CloseHandle
SetEnvironmentVariableA
LocalFree
GlobalMemoryStatus
CreateProcessA
GetEnvironmentVariableA
LoadResource
FormatMessageA
SetLastError
ShellExecuteA
GetWindowThreadProcessId
GetMessageA
FindWindowExA
CreateWindowExA
LoadImageA
TranslateMessage
GetWindowLongA
DispatchMessageA
GetWindowRect
EnumWindows
SendMessageA
SetForegroundWindow
KillTimer
SetTimer
PostQuitMessage
GetWindowTextA
ShowWindow
GetSystemMetrics
UpdateWindow
SetWindowPos
MessageBoxA
__p__fmode
__p__environ
memset
fclose
strcat
atexit
strncat
_setmode
printf
fopen
strlen
strncpy
_cexit
_itoa
strtok
_chdir
_open
_onexit
_findclose
_unlink
_close
strchr
strrchr
strpbrk
atoi
__getmainargs
_stat
strstr
_read
_findnext
strcmp
_findfirst
strcpy
_mkdir
fwrite
fprintf
__set_app_type
signal
_iob
Number of PE resources by type
RT_RCDATA 12
RT_ICON 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL DEFAULT 14
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2013:03:16 15:49:12+00:00

FileType
Win32 EXE

PEType
PE32

CodeSize
18944

LinkerVersion
2.56

EntryPoint
0x1290

InitializedDataSize
23552

SubsystemVersion
4.0

ImageVersion
1.0

OSVersion
4.0

UninitializedDataSize
36352

File identification
MD5 c127eb9d4a2cb77879256f6a2ca25961
SHA1 9b6de74299ca04a0988ac51c0305577aee344ebe
SHA256 98b10c6bdae42e3692fff8b3ee743e985305cb5a7057bf5f411bcf77ce0f853c
ssdeep
6144:mhlk7HbBrsp8YJm1vfJq4r9SOpQsy+GFXPmMwV:mCYVJm1vRq+TaB+MXPxwV

File size 237.3 KB ( 242977 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Generic (38.3%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
Tags
peexe

VirusTotal metadata
First submission 2013-03-16 17:29:21 UTC ( vor 5 Jahre, 9 Monate )
Last submission 2013-03-17 18:10:12 UTC ( vor 5 Jahre, 9 Monate )
Dateinamen Minecraft-Modder_v2.0.1_de.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!