× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 05aef45416055234a5ccdabe50780315b44d850af8b02d9caa0c26c0758724f2
File name: 35035f204d72a82719a6068de79a55f8cd111775
Detection ratio: 0 / 54
Analysis date: 2016-02-02 01:14:22 UTC ( 3 years ago ) View latest
Antivirus Result Update
Ad-Aware 20160201
AegisLab 20160201
Yandex 20160201
AhnLab-V3 20160201
Alibaba 20160201
ALYac 20160202
Antiy-AVL 20160201
Arcabit 20160201
Avast 20160202
AVG 20160202
Avira (no cloud) 20160201
Baidu-International 20160201
BitDefender 20160201
Bkav 20160201
ByteHero 20160202
CAT-QuickHeal 20160201
ClamAV 20160201
Comodo 20160201
Cyren 20160201
DrWeb 20160201
Emsisoft 20160201
ESET-NOD32 20160201
F-Prot 20160129
F-Secure 20160201
Fortinet 20160201
GData 20160201
Ikarus 20160201
Jiangmin 20160201
K7AntiVirus 20160201
K7GW 20160201
Kaspersky 20160201
Malwarebytes 20160201
McAfee 20160201
McAfee-GW-Edition 20160201
Microsoft 20160201
eScan 20160201
NANO-Antivirus 20160201
nProtect 20160201
Panda 20160201
Qihoo-360 20160202
Rising 20160201
Sophos AV 20160201
SUPERAntiSpyware 20160201
Symantec 20160201
Tencent 20160202
TheHacker 20160130
TotalDefense 20160201
TrendMicro 20160201
TrendMicro-HouseCall 20160201
VBA32 20160201
VIPRE 20160201
ViRobot 20160201
Zillya 20160201
Zoner 20160201
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-03-15 19:16:22
Entry Point 0x0000EE46
Number of sections 4
PE sections
PE imports
PolyPolyline
GetCharABCWidthsW
PathToRegion
CreatePen
GetBkMode
CreateFontIndirectA
GetCharABCWidthsA
GetMetaRgn
GetClipBox
UnrealizeObject
SetMetaFileBitsEx
GetPixel
EnumFontsA
CreateMetaFileW
GetObjectA
CreateDCA
GetCharacterPlacementW
CreateDiscardableBitmap
GetCharWidthW
RectInRegion
SetWorldTransform
GetTextExtentExPointW
CreateSolidBrush
OffsetClipRgn
GetCharWidthA
GetFontLanguageInfo
CopyEnhMetaFileA
PtVisible
SetTextColor
OffsetWindowOrgEx
ExtFloodFill
GetLogColorSpaceA
GetCurrentObject
FillRgn
DeleteColorSpace
GetStockObject
GetPath
PlayEnhMetaFile
ScaleWindowExtEx
AbortPath
StrokePath
GetDIBits
SetTextAlign
CreateRoundRectRgn
RoundRect
CreateDIBSection
EqualRgn
DeleteObject
PolyBezier
EnumICMProfilesA
CloseFigure
GetBkColor
StartDocA
GetEnhMetaFileW
RealizePalette
RemoveFontResourceW
SetWindowOrgEx
Polyline
EnumICMProfilesW
ExtCreatePen
SetPixelV
SetTextCharacterExtra
SetViewportExtEx
CreatePenIndirect
GetLastError
GetStartupInfoA
GetNamedPipeInfo
AddAtomA
ContinueDebugEvent
HeapAlloc
GetThreadTimes
GetModuleHandleA
Ord(324)
Ord(3825)
Ord(3147)
Ord(2124)
Ord(1775)
Ord(4425)
Ord(4627)
Ord(3597)
Ord(3738)
Ord(4853)
Ord(4353)
Ord(3136)
Ord(1040)
Ord(2982)
Ord(561)
Ord(3079)
Ord(3262)
Ord(1064)
Ord(1057)
Ord(5241)
Ord(1576)
Ord(1089)
Ord(2055)
Ord(5065)
Ord(5307)
Ord(1069)
Ord(3798)
Ord(3259)
Ord(1031)
Ord(3081)
Ord(2648)
Ord(5280)
Ord(1004)
Ord(2446)
Ord(3830)
Ord(4079)
Ord(4407)
Ord(4078)
Ord(2725)
Ord(2554)
Ord(5289)
Ord(2396)
Ord(6376)
Ord(1066)
Ord(4837)
Ord(3831)
Ord(6374)
Ord(3346)
Ord(5302)
Ord(1727)
Ord(1168)
Ord(2976)
Ord(2985)
Ord(4234)
Ord(2385)
Ord(815)
Ord(4486)
Ord(641)
Ord(4698)
Ord(4998)
Ord(5163)
Ord(3922)
Ord(1046)
Ord(5277)
Ord(2514)
Ord(5265)
Ord(3749)
Ord(5300)
Ord(2512)
Ord(5199)
Ord(4441)
Ord(4274)
Ord(5261)
Ord(4465)
Ord(5731)
_adjust_fdiv
__p__fmode
__CxxFrameHandler
_acmdln
__p__commode
_setmbcp
__dllonexit
_onexit
_inpd
_CIcos
__getmainargs
islower
_initterm
_controlfp
gets
_ismbcpunct
__setusermatherr
__set_app_type
Number of PE resources by type
RT_DIALOG 10
RT_RCDATA 6
RT_ICON 3
RT_GROUP_ICON 3
Boqv5 1
ga114I 1
o037i0C4 1
RT_MENU 1
gC81L 1
RT_VERSION 1
I0fj05o 1
Number of PE resources by language
SAAMI SYS DEFAULT 18
ENGLISH AUS 11
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.69.141.217

UninitializedDataSize
0

LanguageCode
Unknown (REVE)

FileFlagsMask
0x003f

CharacterSet
Unknown (RTING)

InitializedDataSize
122880

EntryPoint
0xee46

MIMEType
application/octet-stream

LegalCopyright
2012 (C) 2011

FileVersion
Virgin 0,217,1,176

TimeStamp
2004:03:15 20:16:22+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Roads

ProductVersion
0,249,143,3

FileDescription
Tranche Wake Seniors

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Software995

CodeSize
61440

ProductName
Slasher Sold

ProductVersionNumber
0.226.184.186

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 e595be9071dcf15ff829c597b930a5e4
SHA1 35035f204d72a82719a6068de79a55f8cd111775
SHA256 05aef45416055234a5ccdabe50780315b44d850af8b02d9caa0c26c0758724f2
ssdeep
3072:VrmSktYH4GDVSidSrT6ewwZUR4Up3USpNo+2RKnUFkIh9tR3vnX3tFvcv:gG3dmTJUR4Up3USpNo+SHthX3tFvcv

authentihash 6479bb80780938fc35c15b50a10654b9db93c22b0460794477b702ae203e9560
imphash 8b8702c70e2cff6edcda6008de846163
File size 184.0 KB ( 188416 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-02-02 01:14:22 UTC ( 3 years ago )
Last submission 2018-05-25 17:40:58 UTC ( 9 months ago )
File names e595be9071dcf15ff829c597b930a5e4
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R021C0DB516.

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!