× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: ab864733b440466898f526c079048bb0d08fc043b34d916e7b66921c06253d78
Dateiname: Q-Dir.exe
Erkennungsrate: 0 / 64
Analyse-Datum: 2017-07-07 09:27:51 UTC ( vor 5 Monate, 1 Woche )
Antivirus Ergebnis Aktualisierung
Ad-Aware 20170707
AegisLab 20170707
AhnLab-V3 20170707
Alibaba 20170707
ALYac 20170707
Antiy-AVL 20170707
Arcabit 20170707
Avast 20170707
AVG 20170707
Avira (no cloud) 20170707
AVware 20170707
Baidu 20170707
BitDefender 20170707
Bkav 20170706
CAT-QuickHeal 20170707
ClamAV 20170707
CMC 20170707
Comodo 20170707
CrowdStrike Falcon (ML) 20170420
Cylance 20170707
Cyren 20170707
DrWeb 20170707
Emsisoft 20170707
Endgame 20170706
ESET-NOD32 20170707
F-Prot 20170707
F-Secure 20170707
Fortinet 20170629
GData 20170707
Ikarus 20170707
Sophos ML 20170607
Jiangmin 20170707
K7AntiVirus 20170707
K7GW 20170707
Kaspersky 20170707
Kingsoft 20170707
Malwarebytes 20170707
MAX 20170707
McAfee 20170707
McAfee-GW-Edition 20170706
Microsoft 20170707
eScan 20170707
NANO-Antivirus 20170707
nProtect 20170707
Palo Alto Networks (Known Signatures) 20170707
Panda 20170706
Qihoo-360 20170707
Rising 20170707
SentinelOne (Static ML) 20170516
Sophos AV 20170707
SUPERAntiSpyware 20170707
Symantec 20170707
Symantec Mobile Insight 20170707
Tencent 20170707
TheHacker 20170704
TotalDefense 20170707
TrendMicro 20170707
TrendMicro-HouseCall 20170707
Trustlook 20170707
VBA32 20170705
VIPRE 20170707
ViRobot 20170707
Webroot 20170707
WhiteArmor 20170706
Yandex 20170706
Zillya 20170707
ZoneAlarm by Check Point 20170707
Zoner 20170707
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2006-2017

Product Q-Dir SoftwareOK.com
Original name Q-Dir.exe
Internal name Q-Dir 6.57.0
File version 6, 5, 7, 0
Description Q-Dir
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-05-26 18:18:24
Entry Point 0x00089A0C
Number of sections 5
PE sections
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
OpenProcessToken
RegSetValueExW
GetUserNameW
RegEnumKeyExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyW
RegDeleteKeyW
RegQueryValueExW
ImageList_GetImageCount
DestroyPropertySheetPage
InitCommonControlsEx
ImageList_Destroy
CreateStatusWindowW
ImageList_AddMasked
ImageList_SetBkColor
ImageList_LoadImageW
ImageList_Draw
ImageList_GetImageInfo
CreatePropertySheetPageW
ImageList_Remove
ImageList_Create
_TrackMouseEvent
PropertySheetW
ImageList_GetIcon
ImageList_ReplaceIcon
Ord(8)
GetWindowExtEx
SetMapMode
CreateFontIndirectW
PatBlt
GetClipBox
GetTextExtentPoint32W
SaveDC
LPtoDP
SetStretchBltMode
DeleteEnhMetaFile
GetPixel
Rectangle
GetDeviceCaps
ExcludeClipRect
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
StretchBlt
EndDoc
CreateSolidBrush
StartPage
DeleteObject
IntersectClipRect
CreateDCW
CreateDIBSection
SetTextColor
OffsetWindowOrgEx
CreatePatternBrush
CreateEnhMetaFileW
ExtTextOutW
GetObjectW
CreateBitmap
MoveToEx
BitBlt
SetViewportOrgEx
GetViewportExtEx
LineTo
SelectClipRgn
CreateCompatibleDC
StartDocW
GetBkColor
CloseEnhMetaFile
SetBrushOrgEx
EndPage
CreatePen
AbortDoc
SetWindowExtEx
GetEnhMetaFileHeader
SetWindowOrgEx
DPtoLP
GetStockObject
SelectObject
SetBkColor
ResetDCW
SetViewportExtEx
CreateCompatibleBitmap
GetDriveTypeW
HeapDestroy
DebugBreak
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetLogicalDrives
lstrcatW
GetLocaleInfoW
WideCharToMultiByte
GetProcAddress
GetDiskFreeSpaceW
InterlockedExchange
WriteFile
EnumDateFormatsW
InitializeCriticalSection
OutputDebugStringW
GlobalHandle
GetLogicalDriveStringsW
FindClose
InterlockedDecrement
MoveFileW
SetFileAttributesW
GetEnvironmentVariableW
SetLastError
CopyFileW
GetUserDefaultLangID
LoadResource
RemoveDirectoryW
ExitProcess
WritePrivateProfileSectionW
MultiByteToWideChar
FlushInstructionCache
GetPrivateProfileStringW
GetFullPathNameW
CreateThread
GetSystemDirectoryW
CreateMutexW
MulDiv
TerminateProcess
GlobalAlloc
GetCurrentThreadId
InterlockedIncrement
GetNumberFormatW
EnterCriticalSection
TerminateThread
LoadLibraryW
GetVersionExW
FreeLibrary
lstrcmpiW
GlobalSize
GetWindowsDirectoryW
GetFileSize
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetPrivateProfileIntW
GetTempFileNameW
GetProfileStringW
GetTimeFormatW
lstrcpyW
GetModuleFileNameW
FindNextFileW
FindFirstFileW
lstrcmpW
GlobalLock
SetVolumeLabelW
GetPrivateProfileSectionW
CreateFileW
LeaveCriticalSection
GetLastError
GetShortPathNameW
lstrlenA
GlobalFree
FindResourceW
CompareStringW
GlobalUnlock
lstrlenW
EnumTimeFormatsW
SizeofResource
GetCurrentProcessId
LockResource
SetFileTime
WritePrivateProfileStringW
lstrcpynW
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetModuleHandleW
FreeResource
GetTempPathW
Sleep
AlphaBlend
_purecall
__wgetmainargs
malloc
rand
realloc
fread
fclose
__dllonexit
_controlfp
swprintf
_wfullpath
_except_handler3
clock
??2@YAPAXI@Z
fwrite
_onexit
wcslen
wcscmp
exit
sprintf
_ftol
wcsrchr
__setusermatherr
__p__commode
_XcptFilter
_wcsicmp
__set_app_type
wcschr
_adjust_fdiv
iswspace
??3@YAXPAX@Z
free
ceil
wcscat
_wfopen
calloc
_initterm
memmove
wcscpy
iswdigit
_wchdir
__p__fmode
time
wcsstr
_exit
_wcmdln
_wtoi
LoadRegTypeLib
OleCreateFontIndirect
SysStringLen
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString
VariantInit
DragQueryFileW
SHBrowseForFolderW
Shell_NotifyIconW
Ord(18)
Ord(68)
Ord(190)
SHGetPathFromIDListW
Ord(88)
Ord(17)
ShellExecuteExW
SHGetFileInfoW
SHGetDesktopFolder
SHGetMalloc
Ord(155)
DragAcceptFiles
Ord(4)
SHGetSpecialFolderPathW
Ord(2)
Ord(25)
DragFinish
SHFileOperationW
ShellExecuteW
SHGetSettings
Ord(21)
ExtractIconExW
SHGetSpecialFolderLocation
Ord(16)
SHAppBarMessage
PathRelativePathToW
StrCpyW
RedrawWindow
GetMessagePos
InsertMenuItemW
DestroyWindow
MoveWindow
DestroyMenu
PostQuitMessage
SetWindowPos
SetScrollPos
IsWindow
EndPaint
ScrollWindowEx
WindowFromPoint
SetMenuItemInfoW
SetActiveWindow
GetDC
GetCursorPos
ReleaseDC
GetDlgCtrlID
SendMessageW
SendMessageA
GetClientRect
DrawTextW
GetScrollPos
CallNextHookEx
LoadImageW
GetActiveWindow
OpenClipboard
GetWindowTextW
RegisterClipboardFormatW
GetWindowTextLengthW
LoadAcceleratorsW
InvalidateRgn
PtInRect
DrawEdge
GetClassInfoExW
UpdateWindow
GetPropW
SetClassLongW
EnumWindows
GetMessageW
ShowWindow
DrawFrameControl
SetPropW
GetMenuState
PeekMessageW
EnableWindow
SetWindowPlacement
CharUpperW
GetSystemMenu
GetClipboardData
TranslateMessage
IsWindowEnabled
GetWindow
GetMenuDefaultItem
SetClipboardData
CreateCursor
LoadStringA
SetParent
GetMenuStringW
IsZoomed
GetWindowPlacement
LoadStringW
EnableMenuItem
TrackPopupMenuEx
GetSubMenu
SetTimer
IsDialogMessageW
FillRect
CreateAcceleratorTableW
GetSysColorBrush
CreateWindowExW
GetWindowLongW
CharNextW
IsChild
SetFocus
RegisterWindowMessageW
DrawAnimatedRects
BeginPaint
OffsetRect
DefWindowProcW
DrawIcon
keybd_event
KillTimer
MapVirtualKeyW
MapWindowPoints
GetParent
LoadBitmapW
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetMenuDefaultItem
SetCapture
ReleaseCapture
CharLowerW
PostMessageW
GetScrollInfo
CreateDialogParamW
CreatePopupMenu
CheckMenuItem
DrawFocusRect
DrawIconEx
SetWindowTextW
GetDlgItem
RemovePropW
FindWindowW
ClientToScreen
GetAsyncKeyState
TrackPopupMenu
DialogBoxIndirectParamW
GetMenuItemCount
GetDesktopWindow
SetWindowsHookExW
LoadCursorW
LoadIconW
FindWindowExW
GetMenuItemID
InsertMenuW
SetForegroundWindow
GetMenuItemInfoW
EmptyClipboard
CreateDialogIndirectParamW
IntersectRect
EndDialog
CopyRect
GetCapture
ScreenToClient
MessageBeep
LoadMenuW
RemoveMenu
wvsprintfW
MessageBoxW
GetMenu
RegisterClassExW
UnhookWindowsHookEx
SetRectEmpty
DialogBoxParamW
AppendMenuW
GetWindowDC
DestroyCursor
mouse_event
SendMessageTimeoutW
GetSysColor
SetDlgItemTextW
SetScrollInfo
GetKeyState
GetWindowThreadProcessId
MenuItemFromPoint
GetDoubleClickTime
DestroyIcon
IsWindowVisible
SystemParametersInfoW
DispatchMessageW
FrameRect
SetRect
DeleteMenu
InvalidateRect
CallWindowProcW
GetClassNameW
ModifyMenuW
IsRectEmpty
IsMenu
GetFocus
wsprintfW
CloseClipboard
SetCursor
SetMenu
TranslateAcceleratorW
PlaySoundW
timeGetTime
GetPrinterW
ClosePrinter
OpenPrinterW
GetSaveFileNameW
PageSetupDlgW
PrintDlgW
GetOpenFileNameW
ChooseColorW
CreateStreamOnHGlobal
OleUninitialize
CoCreateInstance
CoInitialize
OleInitialize
RevokeDragDrop
ReleaseStgMedium
RegisterDragDrop
CLSIDFromProgID
OleLockRunning
DoDragDrop
StringFromCLSID
OleSetClipboard
CoUninitialize
OleGetClipboard
CoTaskMemFree
CLSIDFromString
CoTaskMemAlloc
Number of PE resources by type
RT_DIALOG 38
IMG 27
RT_BITMAP 27
RT_ICON 25
Struct(241) 25
RT_GROUP_ICON 25
RT_MENU 5
RT_ACCELERATOR 3
Struct(240) 2
RT_STRING 2
WAVE 1
RT_MANIFEST 1
TEXTINCLUDE 1
RT_VERSION 1
PNG 1
Number of PE resources by language
GERMAN 182
GERMAN LIECHTENSTEIN 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
905216

ImageVersion
0.0

ProductName
Q-Dir SoftwareOK.com

FileVersionNumber
6.5.7.0

UninitializedDataSize
0

LanguageCode
German

FileFlagsMask
0x003f

Company
Nenad Hrg (SoftwareOK.de)

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
Q-Dir.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6, 5, 7, 0

TimeStamp
2017:05:26 19:18:24+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Q-Dir 6.57.0

ProductVersion
6, 5, 7, 0

FileDescription
Q-Dir

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 2006-2017

MachineType
Intel 386 or later, and compatibles

CompanyName
Nenad Hrg (SoftwareOK.com)

CodeSize
0

FileSubtype
0

ProductVersionNumber
6.5.7.0

EntryPoint
0x89a0c

ObjectFileType
Dynamic link library

File identification
MD5 fb3884b952686cb801b3dc93c9d252df
SHA1 1e2c0f43b143b18179e0ab16c637491eab88bcf0
SHA256 ab864733b440466898f526c079048bb0d08fc043b34d916e7b66921c06253d78
ssdeep
12288:opJDwapTg7ytLUzIpjOZSRxSDxkyRCTvwtdymCs4q/jk3pjg0J+JJnZDHX:ofw+6EFxSgTvwtduqriNJkJn1

authentihash 5d364231463791724daae988a29b6fd70975fc8c67afc350e334a69690bc79d0
imphash e98a25abac3fd631effb74f99297f8e2
File size 848.0 KB ( 868352 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (34.8%)
Win32 Executable MS Visual C++ (generic) (25.2%)
Win64 Executable (generic) (22.3%)
Windows screen saver (10.6%)
Win32 Executable (generic) (3.6%)
Tags
peexe

VirusTotal metadata
First submission 2017-05-26 18:38:44 UTC ( vor 6 Monate, 2 Wochen )
Last submission 2017-07-07 09:27:51 UTC ( vor 5 Monate, 1 Woche )
Dateinamen Q-Dir_uc.exe
Q-Dir.exe
Q-Dir.exe
Q-Dir.exe
Q-Dir.exe
Q-Dir_Installer_UC.exe
Q-Dir.exe
Q-Dir.exe
Q-Dir.exe
Q-Dir.exe
AB864733B440466898F526C079048BB0D08FC043B34D916E7B66921C06253D78
q-dir.exe
Q-Dir.exe
Q-Dir.exe
Q-Dir 6.57.0
Behaviour characterization
Zemana
dll-injection

Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created mutexes
Opened mutexes
Searched windows
Runtime DLLs