× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 022d7de0f61fdf59a8d3983958588e81eb5304b7396ca63540b04d5e0595698e
File name: Newbies-setup.exe
Detection ratio: 0 / 65
Analysis date: 2018-01-12 19:56:06 UTC ( 8 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware 20180112
AegisLab 20180112
AhnLab-V3 20180112
Alibaba 20180112
ALYac 20180112
Antiy-AVL 20180112
Arcabit 20180112
Avast 20180112
Avast-Mobile 20180112
AVG 20180112
Avira (no cloud) 20180112
AVware 20180103
Baidu 20180112
BitDefender 20180112
Bkav 20180112
CAT-QuickHeal 20180112
ClamAV 20180112
CMC 20180111
Comodo 20180112
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20180112
Cyren 20180112
DrWeb 20180112
eGambit 20180112
Emsisoft 20180112
Endgame 20171130
ESET-NOD32 20180112
F-Prot 20180112
F-Secure 20180112
Fortinet 20180112
GData 20180112
Sophos ML 20170914
Jiangmin 20180112
K7AntiVirus 20180112
K7GW 20180112
Kaspersky 20180112
Kingsoft 20180112
Malwarebytes 20180112
MAX 20180112
McAfee 20180112
McAfee-GW-Edition 20180112
Microsoft 20180112
eScan 20180112
NANO-Antivirus 20180112
nProtect 20180112
Palo Alto Networks (Known Signatures) 20180112
Panda 20180112
Qihoo-360 20180112
Rising 20180112
SentinelOne (Static ML) 20171224
Sophos AV 20180112
SUPERAntiSpyware 20180112
Symantec 20180112
Symantec Mobile Insight 20180111
Tencent 20180112
TheHacker 20180112
TotalDefense 20180112
TrendMicro 20180112
TrendMicro-HouseCall 20180112
Trustlook 20180112
VBA32 20180112
VIPRE 20180112
ViRobot 20180112
Webroot 20180112
Yandex 20180112
Zillya 20180112
Zoner 20180112
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-04-02 19:23:45
Entry Point 0x00009472
Number of sections 4
PE sections
Overlays
MD5 a4fd786f57eed0672f7037c109e763e8
File type data
Offset 77824
Size 5889742
Entropy 8.00
PE imports
LookupPrivilegeValueA
RegOpenKeyA
RegCloseKey
OpenProcessToken
RegSetValueExA
RegQueryValueA
RegQueryValueExA
AdjustTokenPrivileges
RegOpenKeyExA
RegCreateKeyA
AddFontResourceA
GetSystemPaletteEntries
CreateFontIndirectA
GetObjectA
DeleteDC
SetBkMode
CreateDIBPatternBrush
IntersectClipRect
BitBlt
RealizePalette
SetTextColor
GetDeviceCaps
CreatePalette
GetStockObject
SelectPalette
ExtTextOutA
CreateCompatibleDC
StretchDIBits
SelectObject
CreateSolidBrush
SetBkColor
DeleteObject
CreateCompatibleBitmap
SetFilePointer
GetLastError
HeapFree
GetStdHandle
LCMapStringW
SetHandleCount
lstrlenA
GetFileAttributesA
GlobalFree
FreeLibrary
LCMapStringA
HeapReAlloc
HeapDestroy
HeapAlloc
IsBadWritePtr
GetStringTypeW
GlobalUnlock
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
GlobalHandle
RtlUnwind
GetModuleFileNameA
GetShortPathNameA
GetACP
FreeEnvironmentStringsA
HeapCompact
GetCurrentProcess
GetEnvironmentStrings
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
lstrcatA
SetFileTime
DeleteFileA
GetWindowsDirectoryA
UnhandledExceptionFilter
MultiByteToWideChar
WinExec
FreeEnvironmentStringsW
GetCommandLineA
GlobalLock
HeapSize
GetFullPathNameA
CreateDirectoryA
GetTempPathA
RaiseException
CreateFileA
GetCPInfo
GetStringTypeA
GetModuleHandleA
FindFirstFileA
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
ReadFile
GetSystemDirectoryA
GetDiskFreeSpaceA
MoveFileExA
GetProcAddress
SetEnvironmentVariableA
SetFileAttributesA
GetDriveTypeA
MoveFileA
TerminateProcess
WideCharToMultiByte
GetEnvironmentVariableA
HeapCreate
GlobalAlloc
VirtualFree
FindClose
GetFileType
IsBadCodePtr
ExitProcess
GetVersion
IsBadReadPtr
VirtualAlloc
SetCurrentDirectoryA
GetOEMCP
CloseHandle
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
SetFocus
GetMessageA
RegisterClassA
GetParent
DrawTextA
BeginPaint
CreateDialogIndirectParamA
DefWindowProcA
KillTimer
RegisterWindowMessageA
PostQuitMessage
FindWindowA
SetWindowPos
SendDlgItemMessageA
GetSystemMetrics
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
PostMessageA
GetDlgItemTextA
MessageBoxA
SetWindowLongA
AdjustWindowRectEx
TranslateMessage
GetWindow
UpdateWindow
GetSysColor
CheckDlgButton
GetDC
ReleaseDC
SetWindowTextA
GetWindowLongA
ShowWindow
GetLastActivePopup
IsWindowVisible
SendMessageA
GetClientRect
CreateWindowExA
GetDlgItem
BringWindowToTop
IsIconic
ScreenToClient
LoadIconA
wsprintfA
SetTimer
LoadCursorA
OemToCharA
FillRect
IsDlgButtonChecked
RedrawWindow
EndPaint
ExitWindowsEx
IsDialogMessageA
DestroyWindow
GetFileVersionInfoSizeA
VerFindFileA
GetFileVersionInfoA
VerQueryValueA
GetSaveFileNameA
OleUninitialize
CoCreateInstance
OleInitialize
Number of PE resources by type
RT_ICON 2
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2002:04:02 20:23:45+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
49152

LinkerVersion
6.0

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

EntryPoint
0x9472

InitializedDataSize
28672

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 5658a25c4c23e539bde19c6e44bba05f
SHA1 87862d6950e6e8805dc6d14fed35ee1beaca1c3b
SHA256 022d7de0f61fdf59a8d3983958588e81eb5304b7396ca63540b04d5e0595698e
ssdeep
98304:EF63wGzE588lNOsqe4WfYbugaVZYpvk5CnTIEI/udFQSQeQ/xXUe4lItDqTMo:263VzE5jnOsqzWfxgvk5IMkjQSQZH4lT

authentihash 922e1274d6401e22db67784dc7b4296426b0996b7a7ef5522701ed6a4ec97059
imphash bb12bc0f728f9edb7a9d94985565a67e
File size 5.7 MB ( 5967566 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (35.0%)
Win64 Executable (generic) (31.0%)
Windows screen saver (14.7%)
Win32 Dynamic Link Library (generic) (7.3%)
Win32 Executable (generic) (5.0%)
Tags
peexe overlay

VirusTotal metadata
First submission 2010-03-28 18:04:44 UTC ( 8 years, 5 months ago )
Last submission 2018-05-22 15:01:50 UTC ( 4 months ago )
File names Install-Newbies-US.exe
022D7DE0F61FDF59A8D3983958588E81EB5304B7396CA63540B04D5E0595698E
Newbies-setup.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Searched windows
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.