× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: ab864733b440466898f526c079048bb0d08fc043b34d916e7b66921c06253d78
Dateiname: Q-Dir.exe
Erkennungsrate: 0 / 62
Analyse-Datum: 2017-06-22 09:05:26 UTC ( vor 1 Woche )
Antivirus Ergebnis Aktualisierung
Ad-Aware 20170622
AegisLab 20170622
AhnLab-V3 20170622
Alibaba 20170622
ALYac 20170622
Antiy-AVL 20170622
Arcabit 20170622
Avast 20170622
AVG 20170622
Avira (no cloud) 20170622
AVware 20170622
Baidu 20170622
BitDefender 20170622
Bkav 20170622
CAT-QuickHeal 20170622
ClamAV 20170622
CMC 20170619
Comodo 20170622
CrowdStrike Falcon (ML) 20170420
Cyren 20170622
DrWeb 20170622
Emsisoft 20170622
Endgame 20170615
ESET-NOD32 20170622
F-Prot 20170622
F-Secure 20170622
Fortinet 20170622
GData 20170622
Ikarus 20170622
Invincea 20170607
Jiangmin 20170622
K7AntiVirus 20170622
K7GW 20170622
Kaspersky 20170622
Kingsoft 20170622
Malwarebytes 20170622
McAfee 20170622
McAfee-GW-Edition 20170622
Microsoft 20170622
eScan 20170622
NANO-Antivirus 20170622
nProtect 20170622
Palo Alto Networks (Known Signatures) 20170622
Panda 20170621
Qihoo-360 20170622
Rising None
SentinelOne (Static ML) 20170516
Sophos 20170622
SUPERAntiSpyware 20170622
Symantec 20170622
Symantec Mobile Insight 20170621
Tencent 20170622
TheHacker 20170621
TotalDefense 20170622
TrendMicro 20170622
TrendMicro-HouseCall 20170622
Trustlook 20170622
VBA32 20170622
VIPRE 20170622
ViRobot 20170622
Webroot 20170622
WhiteArmor 20170616
Yandex 20170621
Zillya 20170619
ZoneAlarm by Check Point 20170622
Zoner 20170622
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2006-2017

Product Q-Dir SoftwareOK.com
Original name Q-Dir.exe
Internal name Q-Dir 6.57.0
File version 6, 5, 7, 0
Description Q-Dir
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-05-26 18:18:24
Entry Point 0x00089A0C
Number of sections 5
PE sections
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
OpenProcessToken
RegSetValueExW
GetUserNameW
RegEnumKeyExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyW
RegDeleteKeyW
RegQueryValueExW
ImageList_GetImageCount
DestroyPropertySheetPage
InitCommonControlsEx
ImageList_Destroy
CreateStatusWindowW
ImageList_AddMasked
ImageList_SetBkColor
ImageList_LoadImageW
ImageList_Draw
ImageList_GetImageInfo
CreatePropertySheetPageW
ImageList_Remove
ImageList_Create
_TrackMouseEvent
PropertySheetW
ImageList_GetIcon
ImageList_ReplaceIcon
Ord(8)
GetWindowExtEx
SetMapMode
CreateFontIndirectW
PatBlt
GetClipBox
GetTextExtentPoint32W
SaveDC
LPtoDP
SetStretchBltMode
DeleteEnhMetaFile
GetPixel
Rectangle
GetDeviceCaps
ExcludeClipRect
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
StretchBlt
EndDoc
CreateSolidBrush
StartPage
DeleteObject
IntersectClipRect
CreateDCW
CreateDIBSection
SetTextColor
OffsetWindowOrgEx
CreatePatternBrush
CreateEnhMetaFileW
ExtTextOutW
GetObjectW
CreateBitmap
MoveToEx
BitBlt
SetViewportOrgEx
GetViewportExtEx
LineTo
SelectClipRgn
CreateCompatibleDC
StartDocW
GetBkColor
CloseEnhMetaFile
SetBrushOrgEx
EndPage
CreatePen
AbortDoc
SetWindowExtEx
GetEnhMetaFileHeader
SetWindowOrgEx
DPtoLP
GetStockObject
SelectObject
SetBkColor
ResetDCW
SetViewportExtEx
CreateCompatibleBitmap
GetDriveTypeW
HeapDestroy
DebugBreak
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetLogicalDrives
lstrcatW
GetLocaleInfoW
WideCharToMultiByte
GetProcAddress
GetDiskFreeSpaceW
InterlockedExchange
WriteFile
EnumDateFormatsW
InitializeCriticalSection
OutputDebugStringW
GlobalHandle
GetLogicalDriveStringsW
FindClose
InterlockedDecrement
MoveFileW
SetFileAttributesW
GetEnvironmentVariableW
SetLastError
CopyFileW
GetUserDefaultLangID
LoadResource
RemoveDirectoryW
ExitProcess
WritePrivateProfileSectionW
MultiByteToWideChar
FlushInstructionCache
GetPrivateProfileStringW
GetFullPathNameW
CreateThread
GetSystemDirectoryW
CreateMutexW
MulDiv
TerminateProcess
GlobalAlloc
GetCurrentThreadId
InterlockedIncrement
GetNumberFormatW
EnterCriticalSection
TerminateThread
LoadLibraryW
GetVersionExW
FreeLibrary
lstrcmpiW
GlobalSize
GetWindowsDirectoryW
GetFileSize
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetPrivateProfileIntW
GetTempFileNameW
GetProfileStringW
GetTimeFormatW
lstrcpyW
GetModuleFileNameW
FindNextFileW
FindFirstFileW
lstrcmpW
GlobalLock
SetVolumeLabelW
GetPrivateProfileSectionW
CreateFileW
LeaveCriticalSection
GetLastError
GetShortPathNameW
lstrlenA
GlobalFree
FindResourceW
CompareStringW
GlobalUnlock
lstrlenW
EnumTimeFormatsW
SizeofResource
GetCurrentProcessId
LockResource
SetFileTime
WritePrivateProfileStringW
lstrcpynW
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetModuleHandleW
FreeResource
GetTempPathW
Sleep
AlphaBlend
_purecall
__wgetmainargs
malloc
rand
realloc
fread
fclose
__dllonexit
_controlfp
swprintf
_wfullpath
_except_handler3
clock
??2@YAPAXI@Z
fwrite
_onexit
wcslen
wcscmp
exit
sprintf
_ftol
wcsrchr
__setusermatherr
__p__commode
_XcptFilter
_wcsicmp
__set_app_type
wcschr
_adjust_fdiv
iswspace
??3@YAXPAX@Z
free
ceil
wcscat
_wfopen
calloc
_initterm
memmove
wcscpy
iswdigit
_wchdir
__p__fmode
time
wcsstr
_exit
_wcmdln
_wtoi
LoadRegTypeLib
OleCreateFontIndirect
SysStringLen
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString
VariantInit
DragQueryFileW
SHBrowseForFolderW
Shell_NotifyIconW
Ord(18)
Ord(68)
Ord(190)
SHGetPathFromIDListW
Ord(88)
Ord(17)
ShellExecuteExW
SHGetFileInfoW
SHGetDesktopFolder
SHGetMalloc
Ord(155)
DragAcceptFiles
Ord(4)
SHGetSpecialFolderPathW
Ord(2)
Ord(25)
DragFinish
SHFileOperationW
ShellExecuteW
SHGetSettings
Ord(21)
ExtractIconExW
SHGetSpecialFolderLocation
Ord(16)
SHAppBarMessage
PathRelativePathToW
StrCpyW
RedrawWindow
GetMessagePos
InsertMenuItemW
DestroyWindow
MoveWindow
DestroyMenu
PostQuitMessage
SetWindowPos
SetScrollPos
IsWindow
EndPaint
ScrollWindowEx
WindowFromPoint
SetMenuItemInfoW
SetActiveWindow
GetDC
GetCursorPos
ReleaseDC
GetDlgCtrlID
SendMessageW
SendMessageA
GetClientRect
DrawTextW
GetScrollPos
CallNextHookEx
LoadImageW
GetActiveWindow
OpenClipboard
GetWindowTextW
RegisterClipboardFormatW
GetWindowTextLengthW
LoadAcceleratorsW
InvalidateRgn
PtInRect
DrawEdge
GetClassInfoExW
UpdateWindow
GetPropW
SetClassLongW
EnumWindows
GetMessageW
ShowWindow
DrawFrameControl
SetPropW
GetMenuState
PeekMessageW
EnableWindow
SetWindowPlacement
CharUpperW
GetSystemMenu
GetClipboardData
TranslateMessage
IsWindowEnabled
GetWindow
GetMenuDefaultItem
SetClipboardData
CreateCursor
LoadStringA
SetParent
GetMenuStringW
IsZoomed
GetWindowPlacement
LoadStringW
EnableMenuItem
TrackPopupMenuEx
GetSubMenu
SetTimer
IsDialogMessageW
FillRect
CreateAcceleratorTableW
GetSysColorBrush
CreateWindowExW
GetWindowLongW
CharNextW
IsChild
SetFocus
RegisterWindowMessageW
DrawAnimatedRects
BeginPaint
OffsetRect
DefWindowProcW
DrawIcon
keybd_event
KillTimer
MapVirtualKeyW
MapWindowPoints
GetParent
LoadBitmapW
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetMenuDefaultItem
SetCapture
ReleaseCapture
CharLowerW
PostMessageW
GetScrollInfo
CreateDialogParamW
CreatePopupMenu
CheckMenuItem
DrawFocusRect
DrawIconEx
SetWindowTextW
GetDlgItem
RemovePropW
FindWindowW
ClientToScreen
GetAsyncKeyState
TrackPopupMenu
DialogBoxIndirectParamW
GetMenuItemCount
GetDesktopWindow
SetWindowsHookExW
LoadCursorW
LoadIconW
FindWindowExW
GetMenuItemID
InsertMenuW
SetForegroundWindow
GetMenuItemInfoW
EmptyClipboard
CreateDialogIndirectParamW
IntersectRect
EndDialog
CopyRect
GetCapture
ScreenToClient
MessageBeep
LoadMenuW
RemoveMenu
wvsprintfW
MessageBoxW
GetMenu
RegisterClassExW
UnhookWindowsHookEx
SetRectEmpty
DialogBoxParamW
AppendMenuW
GetWindowDC
DestroyCursor
mouse_event
SendMessageTimeoutW
GetSysColor
SetDlgItemTextW
SetScrollInfo
GetKeyState
GetWindowThreadProcessId
MenuItemFromPoint
GetDoubleClickTime
DestroyIcon
IsWindowVisible
SystemParametersInfoW
DispatchMessageW
FrameRect
SetRect
DeleteMenu
InvalidateRect
CallWindowProcW
GetClassNameW
ModifyMenuW
IsRectEmpty
IsMenu
GetFocus
wsprintfW
CloseClipboard
SetCursor
SetMenu
TranslateAcceleratorW
PlaySoundW
timeGetTime
GetPrinterW
ClosePrinter
OpenPrinterW
GetSaveFileNameW
PageSetupDlgW
PrintDlgW
GetOpenFileNameW
ChooseColorW
CreateStreamOnHGlobal
OleUninitialize
CoCreateInstance
CoInitialize
OleInitialize
RevokeDragDrop
ReleaseStgMedium
RegisterDragDrop
CLSIDFromProgID
OleLockRunning
DoDragDrop
StringFromCLSID
OleSetClipboard
CoUninitialize
OleGetClipboard
CoTaskMemFree
CLSIDFromString
CoTaskMemAlloc
Number of PE resources by type
RT_DIALOG 38
IMG 27
RT_BITMAP 27
RT_ICON 25
Struct(241) 25
RT_GROUP_ICON 25
RT_MENU 5
RT_ACCELERATOR 3
Struct(240) 2
RT_STRING 2
WAVE 1
RT_MANIFEST 1
TEXTINCLUDE 1
RT_VERSION 1
PNG 1
Number of PE resources by language
GERMAN 182
GERMAN LIECHTENSTEIN 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.5.7.0

UninitializedDataSize
0

LanguageCode
German

FileFlagsMask
0x003f

Company
Nenad Hrg (SoftwareOK.de)

CharacterSet
Unicode

InitializedDataSize
905216

EntryPoint
0x89a0c

OriginalFileName
Q-Dir.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2006-2017

FileVersion
6, 5, 7, 0

TimeStamp
2017:05:26 19:18:24+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Q-Dir 6.57.0

ProductVersion
6, 5, 7, 0

FileDescription
Q-Dir

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Nenad Hrg (SoftwareOK.com)

CodeSize
0

ProductName
Q-Dir SoftwareOK.com

ProductVersionNumber
6.5.7.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 fb3884b952686cb801b3dc93c9d252df
SHA1 1e2c0f43b143b18179e0ab16c637491eab88bcf0
SHA256 ab864733b440466898f526c079048bb0d08fc043b34d916e7b66921c06253d78
ssdeep
12288:opJDwapTg7ytLUzIpjOZSRxSDxkyRCTvwtdymCs4q/jk3pjg0J+JJnZDHX:ofw+6EFxSgTvwtduqriNJkJn1

authentihash 5d364231463791724daae988a29b6fd70975fc8c67afc350e334a69690bc79d0
imphash e98a25abac3fd631effb74f99297f8e2
File size 848.0 KB ( 868352 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (34.8%)
Win32 Executable MS Visual C++ (generic) (25.2%)
Win64 Executable (generic) (22.3%)
Windows screen saver (10.6%)
Win32 Executable (generic) (3.6%)
Tags
peexe

VirusTotal metadata
First submission 2017-05-26 18:38:44 UTC ( vor 1 Monat )
Last submission 2017-06-15 09:04:23 UTC ( vor 2 Wochen )
Dateinamen Q-Dir_uc.exe
Q-Dir.exe
Q-Dir.exe
Q-Dir.exe
Q-Dir.exe
Q-Dir_Installer_UC.exe
Q-Dir.exe
Q-Dir.exe
Q-Dir.exe
Q-Dir.exe
AB864733B440466898F526C079048BB0D08FC043B34D916E7B66921C06253D78
q-dir.exe
Q-Dir.exe
Q-Dir.exe
Q-Dir 6.57.0
Behaviour characterization
Zemana
dll-injection

Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created mutexes
Opened mutexes
Searched windows
Runtime DLLs