× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0671d60ef6d1e35725094a2c13d33b0aa516b55507089fb5a82d6e89ab8d48c2
File name: dsefix.exe
Detection ratio: 0 / 51
Analysis date: 2014-06-08 08:39:23 UTC ( 3 years, 5 months ago ) View latest
Antivirus Result Update
Ad-Aware 20140608
AegisLab 20140608
Yandex 20140607
AhnLab-V3 20140607
AntiVir 20140607
Antiy-AVL 20140608
Avast 20140608
AVG 20140607
Baidu-International 20140608
BitDefender 20140608
Bkav 20140606
ByteHero 20140608
CAT-QuickHeal 20140607
ClamAV 20140608
CMC 20140607
Commtouch 20140608
Comodo 20140608
DrWeb 20140608
Emsisoft 20140608
ESET-NOD32 20140608
F-Prot 20140608
F-Secure 20140608
Fortinet 20140608
GData 20140608
Ikarus 20140608
K7AntiVirus 20140606
K7GW 20140606
Kaspersky 20140608
Kingsoft 20140608
Malwarebytes 20140608
McAfee 20140608
McAfee-GW-Edition 20140607
Microsoft 20140608
eScan 20140608
NANO-Antivirus 20140608
Norman 20140608
nProtect 20140605
Panda 20140607
Qihoo-360 20140608
Rising 20140607
Sophos AV 20140608
SUPERAntiSpyware 20140607
Symantec 20140608
Tencent 20140608
TheHacker 20140606
TotalDefense 20140608
TrendMicro 20140608
TrendMicro-HouseCall 20140608
VBA32 20140607
VIPRE 20140608
ViRobot 20140607
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
PE header basic information
Target machine x64
Compilation timestamp 2014-06-08 08:36:32
Entry Point 0x000020E0
Number of sections 6
PE sections
PE imports
DeviceIoControl
GetCurrentProcess
GetFileSizeEx
VirtualAllocEx
GetSystemDirectoryW
ReadFile
GetCommandLineW
VirtualFree
ExitProcess
CloseHandle
VirtualFreeEx
CreateFileA
OutputDebugStringA
VirtualAlloc
GetSystemDirectoryA
RtlInitUnicodeString
NtUnloadDriver
NtCreateKey
memset
NtClose
__C_specific_handler
memcpy
NtWriteFile
NtDeleteFile
RtlGetVersion
NtQuerySystemInformation
RtlAllocateHeap
NtSetValueKey
NtDeleteKey
NtCreateFile
RtlFreeHeap
NtLoadDriver
NtFlushBuffersFile
RtlFreeUnicodeString
RtlDosPathNameToNtPathName_U
NtOpenKey
NtOpenProcessToken
NtEnumerateKey
NtAdjustPrivilegesToken
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
AMD AMD64

TimeStamp
2014:06:08 09:36:32+01:00

FileType
Win64 EXE

PEType
PE32+

CodeSize
7680

LinkerVersion
11.0

FileTypeExtension
exe

InitializedDataSize
74752

SubsystemVersion
6.0

EntryPoint
0x20e0

OSVersion
6.0

ImageVersion
6.0

UninitializedDataSize
0

PE resource-wise parents
Compressed bundles
File identification
MD5 117721569e2a347d69fc20ab8204b71d
SHA1 54072c09151e66509b93fb0ed9154e7dfc2fae71
SHA256 0671d60ef6d1e35725094a2c13d33b0aa516b55507089fb5a82d6e89ab8d48c2
ssdeep
768:zMkDaNfBoMkD7TfQS7D8ueMKxp0pO/Qw+FKebe3vFQFftSJfghVotiTAlLwJid9g:zOB43d38uezp0Dw+49tKMgVxAlIit6

authentihash dcc5a5aea41ab51f174628d254b094f0e2790ad46bc31ad11f41cdbcb4859f2f
imphash 75b42fffa4b28c107b1c15836c218452
File size 81.5 KB ( 83456 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI) Mono/.Net assembly

TrID Generic Win/DOS Executable (50.0%)
DOS Executable Generic (49.9%)
Tags
64bits peexe assembly via-tor

VirusTotal metadata
First submission 2014-06-08 08:39:23 UTC ( 3 years, 5 months ago )
Last submission 2016-06-01 04:15:35 UTC ( 1 year, 5 months ago )
File names dsefix.exe
dsefix(1).exe
file-7551807_exe
dsefix.exe
dsefix.exe
dsefix.exe.VIRUS
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R0CBC0OJT15.

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!