× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0190c0d55fa76ccf6f414a9cc98f7196f978cfc7a89142284acaf58b7d34f88a
File name: sam.exe
Detection ratio: 1 / 53
Analysis date: 2015-11-06 20:44:40 UTC ( 3 years, 2 months ago ) View latest
Antivirus Result Update
Avira (no cloud) TR/Dropper.Gen 20151106
AegisLab 20151106
Yandex 20151106
AhnLab-V3 20151106
Alibaba 20151106
ALYac 20151109
Antiy-AVL 20151106
Arcabit 20151106
Avast 20151106
AVG 20151106
Baidu-International 20151106
BitDefender 20151106
Bkav 20151106
ByteHero 20151106
CAT-QuickHeal 20151106
ClamAV 20151103
CMC 20151106
Comodo 20151106
Cyren 20151109
DrWeb 20151106
Emsisoft 20151106
ESET-NOD32 20151106
F-Prot 20151106
F-Secure 20151109
Fortinet 20151106
GData 20151106
Ikarus 20151106
Jiangmin 20151105
K7AntiVirus 20151106
K7GW 20151106
Kaspersky 20151106
Malwarebytes 20151106
McAfee 20151106
McAfee-GW-Edition 20151106
Microsoft 20151109
eScan 20151106
NANO-Antivirus 20151106
nProtect 20151106
Panda 20151106
Qihoo-360 20151106
Rising 20151105
Sophos AV 20151109
SUPERAntiSpyware 20151106
Symantec 20151106
Tencent 20151106
TheHacker 20151103
TrendMicro 20151109
TrendMicro-HouseCall 20151109
VBA32 20151105
VIPRE 20151106
ViRobot 20151106
Zillya 20151105
Zoner 20151106
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-11-05 21:13:10
Entry Point 0x00001376
Number of sections 4
PE sections
PE imports
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
GetModuleFileNameW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetStringTypeW
GetCurrentProcessId
WriteConsoleW
GetCPInfo
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
GetStartupInfoW
SetFilePointerEx
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
EncodePointer
GetProcessHeap
SetStdHandle
WideCharToMultiByte
TlsFree
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
WriteFile
CloseHandle
IsProcessorFeaturePresent
GetACP
HeapReAlloc
DecodePointer
GetModuleHandleW
HeapAlloc
TerminateProcess
GetModuleHandleExW
IsValidCodePage
OutputDebugStringW
CreateFileW
TlsGetValue
Sleep
GetFileType
TlsSetValue
GetTickCount
GetCurrentThreadId
SetLastError
LeaveCriticalSection
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2015:11:05 22:13:10+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
45568

LinkerVersion
12.0

EntryPoint
0x1376

InitializedDataSize
46080

SubsystemVersion
6.0

ImageVersion
0.0

OSVersion
6.0

UninitializedDataSize
0

File identification
MD5 c910131db634dde167729cc55989bc9e
SHA1 c2718befe83d2476623728cf51e3c9a89cd94b22
SHA256 0190c0d55fa76ccf6f414a9cc98f7196f978cfc7a89142284acaf58b7d34f88a
ssdeep
1536:vtCtnFL0m7a8EYbFW/I2pHv2JcQ2sWjcdKkie:UtV7OYqU5di

authentihash 0e391682bd11183884ac2e9ef56447902d2f1af477a9e2075b290e16b9e8e97a
imphash c9a183e476bdf748a3a49a431bb043f4
File size 71.5 KB ( 73216 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2015-11-06 20:44:40 UTC ( 3 years, 2 months ago )
Last submission 2015-11-06 20:44:40 UTC ( 3 years, 2 months ago )
File names sam.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!