× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 9a3ada4ebc2c4384e3b7c4047024cbab488b5b35c7282fae537056a3829b91de
Dateiname: GoodGame Empire Hack V1.0.exe
Erkennungsrate: 1 / 48
Analyse-Datum: 2013-09-17 17:15:02 UTC ( vor 3 Jahre, 7 Monate )
Antivirus Ergebnis Aktualisierung
Bkav HW32.CDB.4a9e 20130917
Yandex 20130917
AhnLab-V3 20130917
AntiVir 20130917
Antiy-AVL 20130917
Avast 20130917
AVG 20130917
Baidu-International 20130917
BitDefender 20130917
ByteHero 20130917
CAT-QuickHeal 20130917
ClamAV 20130917
Commtouch 20130917
Comodo 20130917
DrWeb 20130917
Emsisoft 20130917
ESET-NOD32 20130917
F-Prot 20130917
F-Secure 20130917
Fortinet 20130917
GData 20130917
Ikarus 20130917
Jiangmin 20130903
K7AntiVirus 20130917
K7GW 20130917
Kaspersky 20130917
Kingsoft 20130829
Malwarebytes 20130917
McAfee 20130917
McAfee-GW-Edition 20130917
Microsoft 20130917
eScan 20130917
NANO-Antivirus 20130917
Norman 20130917
nProtect 20130917
Panda 20130917
PCTools 20130917
Rising 20130917
Sophos 20130917
SUPERAntiSpyware 20130917
Symantec 20130917
TheHacker 20130917
TotalDefense 20130916
TrendMicro 20130917
TrendMicro-HouseCall 20130917
VBA32 20130917
VIPRE 20130917
ViRobot 20130917
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
File version 3, 3, 8, 1
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-01-29 21:32:28
Entry Point 0x000B3E60
Number of sections 3
PE sections
PE imports
ImageList_Remove
GetSaveFileNameW
LineTo
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
WNetGetConnectionW
EnumProcesses
DragFinish
LoadUserProfileW
VerQueryValueW
FtpOpenFileW
timeGetTime
Ord(16)
CoInitialize
Number of PE resources by type
RT_STRING 7
RT_ICON 4
RT_GROUP_ICON 4
RT_DIALOG 1
RT_MANIFEST 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
ENGLISH UK 17
ENGLISH US 2
PE resources
ExifTool file metadata
UninitializedDataSize
462848

InitializedDataSize
12288

ImageVersion
0.0

FileVersionNumber
3.3.8.1

LanguageCode
English (British)

FileFlagsMask
0x0017

CharacterSet
Unicode

LinkerVersion
10.0

MIMEType
application/octet-stream

FileVersion
3, 3, 8, 1

TimeStamp
2012:01:29 22:32:28+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

CompiledScript
AutoIt v3 Script: 3, 3, 8, 1

MachineType
Intel 386 or later, and compatibles

CodeSize
274432

FileSubtype
0

ProductVersionNumber
3.3.8.1

EntryPoint
0xb3e60

ObjectFileType
Unknown

File identification
MD5 1233009fb3a5d53340ed794c79479f96
SHA1 e9886006ca42be65627d83a47aa8b0f936729877
SHA256 9a3ada4ebc2c4384e3b7c4047024cbab488b5b35c7282fae537056a3829b91de
ssdeep
6144:duIlWqB+ihabs7Ch9KwyF5LeLodp2D1Mmakda0qLdn83RP:w6Wq4aaE6KwyF5L0Y2D1PqLdnARP

File size 292.1 KB ( 299123 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID AutoIt3 compiled script executable (88.6%)
UPX compressed Win32 Executable (5.3%)
Win32 EXE Yoda's Crypter (4.6%)
Win32 Executable (generic) (0.7%)
Generic Win/DOS Executable (0.3%)
Tags
peexe

VirusTotal metadata
First submission 2013-09-17 17:15:02 UTC ( vor 3 Jahre, 7 Monate )
Last submission 2013-09-17 17:15:02 UTC ( vor 3 Jahre, 7 Monate )
Dateinamen GoodGame Empire Hack V1.0.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!