× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 9cc20846f8d10446c81564ded54f1b9d3ca8b5d7c53c3fc8ad0fdef4804814b0
Dateiname: VelumRegattaScoring17EXE.exe
Erkennungsrate: 0 / 61
Analyse-Datum: 2017-04-07 15:59:28 UTC ( vor 1 Jahr, 3 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Ad-Aware 20170407
AegisLab 20170407
AhnLab-V3 20170407
Alibaba 20170407
ALYac 20170407
Antiy-AVL 20170407
Arcabit 20170407
Avast 20170407
AVG 20170407
Avira (no cloud) 20170407
AVware 20170407
Baidu 20170406
BitDefender 20170407
Bkav 20170407
CAT-QuickHeal 20170407
ClamAV 20170407
CMC 20170407
Comodo 20170407
CrowdStrike Falcon (ML) 20170130
Cyren 20170407
DrWeb 20170407
Emsisoft 20170407
Endgame 20170407
ESET-NOD32 20170407
F-Prot 20170407
F-Secure 20170407
Fortinet 20170407
GData 20170407
Ikarus 20170407
Sophos ML 20170203
Jiangmin 20170407
K7AntiVirus 20170407
K7GW 20170407
Kaspersky 20170407
Kingsoft 20170407
Malwarebytes 20170407
McAfee 20170407
McAfee-GW-Edition 20170407
Microsoft 20170407
eScan 20170407
NANO-Antivirus 20170407
nProtect 20170407
Palo Alto Networks (Known Signatures) 20170407
Panda 20170407
Qihoo-360 20170407
Rising None
SentinelOne (Static ML) 20170330
Sophos AV 20170407
SUPERAntiSpyware 20170407
Symantec 20170407
Symantec Mobile Insight 20170406
Tencent 20170407
TheHacker 20170406
TrendMicro-HouseCall 20170407
Trustlook 20170407
VBA32 20170407
VIPRE 20170407
ViRobot 20170407
Webroot 20170407
WhiteArmor 20170327
Yandex 20170406
Zillya 20170407
ZoneAlarm by Check Point 20170407
Zoner 20170407
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT UPX, ZIP
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-03-15 06:27:58
Entry Point 0x0000913F
Number of sections 5
PE sections
Overlays
MD5 b4142159dd9a5525c4d212c79cbadd87
File type application/zip
Offset 74752
Size 3525012
Entropy 8.00
PE imports
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
GetDeviceCaps
GetObjectA
DeleteDC
SelectObject
StretchBlt
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
GetLastError
HeapFree
GetStdHandle
DosDateTimeToFileTime
ReadFile
FileTimeToSystemTime
lstrlenA
GetModuleFileNameW
WaitForSingleObject
LoadLibraryA
FreeLibrary
FindFirstFileW
HeapAlloc
SystemTimeToFileTime
GetVersionExA
GetModuleFileNameA
IsDBCSLeadByte
GetCPInfo
GetDateFormatA
FileTimeToLocalFileTime
GetCurrentDirectoryA
CreateFileMappingA
GetLocaleInfoA
CreateDirectoryA
DeleteFileA
OpenFileMappingA
ExitProcess
MultiByteToWideChar
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
SetFileAttributesA
SetFilePointer
GetTempPathA
SetEndOfFile
lstrcmpiA
CloseHandle
WideCharToMultiByte
MapViewOfFile
GetModuleHandleA
FindNextFileW
GetFileAttributesA
WriteFile
FindFirstFileA
GetTimeFormatA
GetCommandLineA
FindNextFileA
HeapReAlloc
MoveFileExA
ExpandEnvironmentStringsA
SetEnvironmentVariableA
GetFullPathNameA
MoveFileA
GetFileAttributesW
GetNumberFormatA
UnmapViewOfFile
CreateFileW
GlobalAlloc
LocalFileTimeToFileTime
FindClose
Sleep
GetFileType
SetFileAttributesW
SetFileTime
CreateFileA
GetTickCount
FindResourceA
SetCurrentDirectoryA
SetLastError
CompareStringA
VariantInit
SHGetFileInfoA
ShellExecuteExA
SHChangeNotify
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHFileOperationA
SetFocus
MapWindowPoints
GetParent
UpdateWindow
EndDialog
CharUpperA
DefWindowProcA
ShowWindow
GetSystemMetrics
LoadBitmapA
SetWindowPos
SendDlgItemMessageA
CharLowerA
OemToCharBuffA
GetWindowRect
DispatchMessageA
EnableWindow
SetMenu
SetDlgItemTextA
PostMessageA
GetDlgItemTextA
MessageBoxA
PeekMessageA
SetWindowLongA
wvsprintfA
TranslateMessage
DialogBoxParamA
GetWindow
GetSysColor
GetDC
RegisterClassExA
ReleaseDC
SetWindowTextA
DestroyIcon
GetWindowLongA
IsWindowVisible
SendMessageA
GetWindowTextA
GetClientRect
GetDlgItem
IsWindow
LoadIconA
wsprintfA
FindWindowExA
CreateWindowExA
LoadCursorA
OemToCharA
CharToOemBuffA
LoadStringA
CopyRect
WaitForInputIdle
GetClassNameA
GetMessageA
DestroyWindow
CharToOemA
CreateStreamOnHGlobal
OleUninitialize
CoCreateInstance
OleInitialize
CLSIDFromString
Number of PE resources by type
RT_DIALOG 6
RT_STRING 5
RT_ICON 4
RT_MANIFEST 1
RT_BITMAP 1
RT_GROUP_ICON 1
Number of PE resources by language
GERMAN 11
ENGLISH US 7
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2010:03:15 07:27:58+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
49152

LinkerVersion
9.0

EntryPoint
0x913f

InitializedDataSize
130048

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 afc16c58a76be6cbb5635378a758dfa9
SHA1 2fe8c490624112f48ac79b67aca9f3c54332472c
SHA256 9cc20846f8d10446c81564ded54f1b9d3ca8b5d7c53c3fc8ad0fdef4804814b0
ssdeep
98304:hSjVvRfC0j/I+7cmIxEc2ScvJ03s43D5WqPC4UDiMZAS7TR6:hsdhC0j/b+u0HDpC4U1Zxc

authentihash 0c772fa16bb8be06936b9e7870c18f6379a74705cd85d80b3824293f2a7f7cd4
imphash 4088dfe1893fc3f918b97c40d5535da7
File size 3.4 MB ( 3599764 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe upx overlay

VirusTotal metadata
First submission 2017-04-07 15:59:28 UTC ( vor 1 Jahr, 3 Monate )
Last submission 2017-04-07 15:59:28 UTC ( vor 1 Jahr, 3 Monate )
Dateinamen VelumRegattaScoring17EXE.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs
UDP communications