× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0489d816866a9a69469c81ff2dad626abd4cda0f5deb3b942c0b0db841b25d70
File name: Episode 5 Turkce Yama v1.00.exe
Detection ratio: 1 / 54
Analysis date: 2016-07-07 09:10:26 UTC ( 2 years, 10 months ago )
Antivirus Result Update
McAfee-GW-Edition BehavesLike.Win32.Tool.tc 20160707
Ad-Aware 20160707
AegisLab 20160707
AhnLab-V3 20160706
Alibaba 20160707
ALYac 20160708
Antiy-AVL 20160708
Arcabit 20160707
Avast 20160707
AVG 20160707
Avira (no cloud) 20160707
AVware 20160707
Baidu 20160706
BitDefender 20160707
Bkav 20160706
CAT-QuickHeal 20160707
ClamAV 20160707
CMC 20160704
Comodo 20160707
Cyren 20160707
DrWeb 20160707
Emsisoft 20160707
ESET-NOD32 20160707
F-Prot 20160707
F-Secure 20160707
Fortinet 20160707
GData 20160707
Ikarus 20160707
Jiangmin 20160707
K7AntiVirus 20160707
K7GW 20160707
Kaspersky 20160707
Kingsoft 20160707
Malwarebytes 20160707
McAfee 20160707
Microsoft 20160707
eScan 20160707
NANO-Antivirus 20160707
nProtect 20160707
Panda 20160706
Qihoo-360 20160707
Sophos AV 20160707
SUPERAntiSpyware 20160707
Symantec 20160707
Tencent 20160707
TheHacker 20160707
TotalDefense 20160707
TrendMicro 20160707
TrendMicro-HouseCall 20160707
VBA32 20160706
VIPRE 20160707
ViRobot 20160707
Zillya 20160707
Zoner 20160707
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2013 - OyunCeviri.com

Product The Walking Dead - Episode 5 Türkçe Yama
File version 1.00
Description The Walking Dead - Episode 5 TR v1.00
Comments Oyunlar artýk Türkçe :)
Packers identified
F-PROT NSIS, docwrite, UPX, appended
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-12-05 22:50:46
Entry Point 0x0003B400
Number of sections 3
PE sections
Overlays
MD5 2cf4140cb1aeb3062566e71a350a428e
File type data
Offset 26624
Size 2004977
Entropy 8.00
PE imports
RegEnumKeyA
SetBkMode
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
ShellExecuteA
VerQueryValueA
CoTaskMemFree
Number of PE resources by type
RT_DIALOG 4
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 7
NEUTRAL 1
PE resources
ExifTool file metadata
LegalTrademarks
The Walking Dead - Episode 5 Telltale Games

SubsystemVersion
4.0

Comments
Oyunlar art k T rk e :)

LinkerVersion
6.0

ImageVersion
6.0

CompanyWebsite
http://www.oyunceviri.com

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x0000

FileDescription
The Walking Dead - Episode 5 TR v1.00

CharacterSet
Windows, Latin1

InitializedDataSize
8192

EntryPoint
0x3b400

MIMEType
application/octet-stream

LegalCopyright
2013 - OyunCeviri.com

FileVersion
1.0

TimeStamp
2009:12:05 23:50:46+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0

UninitializedDataSize
221184

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
OyunCeviri.com

CodeSize
20480

ProductName
The Walking Dead - Episode 5 T rk e Yama

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 767945b6823f4b570a6fc0ae4773bb5f
SHA1 aec90eb786e4ca11c9d6731e083083bbdf980395
SHA256 0489d816866a9a69469c81ff2dad626abd4cda0f5deb3b942c0b0db841b25d70
ssdeep
49152:DfR0qnRxb2nZJpy1SZbSvPya+bH4VSEjX:DZLRxynZJInyLYVZjX

authentihash 0ac9f75bb928f224553b5ffe0b9c7d383f304fe173474818dddab9d45f5aae13
imphash 2134f794bcda54794e74b7208adb2204
File size 1.9 MB ( 2031601 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (42.3%)
Win32 EXE Yoda's Crypter (36.7%)
Win32 Dynamic Link Library (generic) (9.1%)
Win32 Executable (generic) (6.2%)
Generic Win/DOS Executable (2.7%)
Tags
nsis peexe upx overlay

VirusTotal metadata
First submission 2013-02-21 10:31:17 UTC ( 6 years, 3 months ago )
Last submission 2015-01-12 13:38:34 UTC ( 4 years, 4 months ago )
File names The Walking Dead - Episode 5_TR_Yama_v1.00.exe
Episode 5 Turkce Yama v1.00.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Deleted files
Set keys
Created mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
UDP communications