× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: a3bf375198e1193239cdf571845b07fa6ebd652c4c96929e0e2485c5aa85afdc
Dateiname: ExifView.exe
Erkennungsrate: 0 / 56
Analyse-Datum: 2015-05-02 13:53:05 UTC ( vor 3 Jahre, 10 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Ad-Aware 20150502
AegisLab 20150502
Yandex 20150502
AhnLab-V3 20150502
Alibaba 20150502
ALYac 20150502
Antiy-AVL 20150502
Avast 20150502
AVG 20150502
Avira (no cloud) 20150501
AVware 20150502
Baidu-International 20150502
BitDefender 20150502
Bkav 20150425
ByteHero 20150502
CAT-QuickHeal 20150502
ClamAV 20150502
CMC 20150501
Comodo 20150502
Cyren 20150502
DrWeb 20150502
Emsisoft 20150502
ESET-NOD32 20150502
F-Prot 20150502
F-Secure 20150502
Fortinet 20150502
GData 20150502
Ikarus 20150502
Jiangmin 20150430
K7AntiVirus 20150502
K7GW 20150502
Kaspersky 20150502
Kingsoft 20150502
McAfee 20150502
McAfee-GW-Edition 20150501
Microsoft 20150502
eScan 20150502
NANO-Antivirus 20150502
Norman 20150502
nProtect 20150430
Panda 20150502
Qihoo-360 20150502
Rising 20150502
Sophos AV 20150502
SUPERAntiSpyware 20150502
Symantec 20150502
Tencent 20150502
TheHacker 20150501
TotalDefense 20150430
TrendMicro 20150502
TrendMicro-HouseCall 20150502
VBA32 20150501
VIPRE 20150502
ViRobot 20150502
Zillya 20150501
Zoner 20150430
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2011-2012

Product ExifView
Original name ExifView.exe
Internal name ExifView.exe
File version 1.1.0.0
Description ExifView
Comments ExifView
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-11-03 21:18:19
Entry Point 0x000749BE
Number of sections 3
.NET details
Module Version ID 4e5e2f02-5825-485d-8186-02f9027e0c81
TypeLib ID 99f67748-5462-44d4-b663-acd85d603dd6
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 12
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 15
PE resources
ExifTool file metadata
LegalTrademarks
PB-Software - Pascal Betke

SubsystemVersion
4.0

Comments
ExifView

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.1.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
ExifView

CharacterSet
Unicode

InitializedDataSize
116736

EntryPoint
0x749be

OriginalFileName
ExifView.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2011-2012

FileVersion
1.1.0.0

TimeStamp
2012:11:03 22:18:19+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
ExifView.exe

ProductVersion
1.1.0.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
PB-Software - Pascal Betke

CodeSize
463872

ProductName
ExifView

ProductVersionNumber
1.1.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.1.0.0

Compressed bundles
File identification
MD5 cbd5fe57399b135b18d9658c0c6b6167
SHA1 eee147139907a449ae0eb0e51b30927edf124be4
SHA256 a3bf375198e1193239cdf571845b07fa6ebd652c4c96929e0e2485c5aa85afdc
ssdeep
12288:nPYYSX8C18z6csfKdGjKsYmQqV8kx2m3KsYc:nJCOz6cfNsHQqVtATsL

authentihash 4ea9aa0efc60c6240b3c9fecebbfc2931c8ee6b31f59c595af65ec24e0628b1b
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 573.0 KB ( 586752 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (81.0%)
Win32 Dynamic Link Library (generic) (7.2%)
Win32 Executable (generic) (4.9%)
OS/2 Executable (generic) (2.2%)
Generic Win/DOS Executable (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2015-05-02 13:53:05 UTC ( vor 3 Jahre, 10 Monate )
Last submission 2015-05-02 13:53:05 UTC ( vor 3 Jahre, 10 Monate )
Dateinamen ExifView.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!