× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 06c17389ae0037d509d4325eb25e3bad6034407bbdd29ec0dfe7e5464ca99532
File name: EImproved-2.2-INSTALLER-EXE.exe
Detection ratio: 1 / 61
Analysis date: 2017-03-20 21:50:04 UTC ( 2 years ago ) View latest
Antivirus Result Update
SentinelOne (Static ML) static engine - malicious 20170315
Ad-Aware 20170320
AegisLab 20170320
AhnLab-V3 20170320
Alibaba 20170320
ALYac 20170320
Antiy-AVL 20170320
Arcabit 20170320
Avast 20170320
AVG 20170320
Avira (no cloud) 20170320
AVware 20170320
Baidu 20170320
BitDefender 20170320
Bkav 20170320
CAT-QuickHeal 20170320
ClamAV 20170320
CMC 20170317
Comodo 20170320
CrowdStrike Falcon (ML) 20170130
Cyren 20170320
DrWeb 20170320
Emsisoft 20170320
Endgame 20170317
ESET-NOD32 20170320
F-Prot 20170320
F-Secure 20170320
Fortinet 20170320
GData 20170320
Ikarus 20170320
Sophos ML 20170203
Jiangmin 20170320
K7AntiVirus 20170320
K7GW 20170320
Kaspersky 20170320
Kingsoft 20170320
Malwarebytes 20170320
McAfee 20170320
McAfee-GW-Edition 20170320
Microsoft 20170320
eScan 20170320
NANO-Antivirus 20170320
nProtect 20170320
Palo Alto Networks (Known Signatures) 20170320
Panda 20170320
Qihoo-360 20170320
Rising 20170320
Sophos AV 20170320
SUPERAntiSpyware 20170320
Symantec 20170320
Tencent 20170320
TheHacker 20170318
TrendMicro 20170320
TrendMicro-HouseCall 20170320
Trustlook 20170320
VBA32 20170320
VIPRE 20170320
ViRobot 20170320
Webroot 20170320
WhiteArmor 20170315
Yandex 20170320
Zillya 20170320
ZoneAlarm by Check Point 20170320
Zoner 20170320
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Internet Explorer
Original name WEXTRACT.EXE .MUI
Internal name Wextract
File version 11.00.14393.0 (rs1_release.160715-1616)
Description Win32 Cabinet Self-Extractor
Packers identified
F-PROT SFX
PE header basic information
Target machine x64
Compilation timestamp 2016-07-16 02:26:56
Entry Point 0x00007B10
Number of sections 6
PE sections
PE imports
GetTokenInformation
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges
FreeSid
RegQueryValueExA
AllocateAndInitializeSid
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
EqualSid
RegQueryInfoKeyA
Ord(23)
Ord(20)
Ord(21)
Ord(22)
GetDeviceCaps
GetLastError
GetTempFileNameA
DosDateTimeToFileTime
LoadLibraryA
GetCurrentThreadId
GetFileAttributesA
GlobalFree
WaitForSingleObject
LockResource
FreeLibrary
QueryPerformanceCounter
MulDiv
ExitProcess
SetFileTime
GetVersionExA
GlobalUnlock
RemoveDirectoryA
IsDBCSLeadByte
GetExitCodeProcess
GetCurrentProcess
GetVolumeInformationA
LoadLibraryExA
SizeofResource
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
LocalAlloc
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
RtlVirtualUnwind
GetWindowsDirectoryA
UnhandledExceptionFilter
_llseek
GetShortPathNameA
ExpandEnvironmentStringsA
SetEvent
GetModuleFileNameA
GlobalLock
TerminateThread
GetStartupInfoW
GetTempPathA
CreateMutexA
_lclose
CreateThread
SetFilePointer
lstrcmpA
ReadFile
GetCurrentProcessId
CreateEventA
WriteFile
_lopen
FindFirstFileA
CompareStringA
ResetEvent
EnumResourceLanguagesA
FindNextFileA
GetSystemDirectoryA
GetDiskFreeSpaceA
GetModuleHandleW
GetProcAddress
FreeResource
SetFileAttributesA
GetDriveTypeA
LocalFree
TerminateProcess
CreateProcessA
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
LoadResource
RtlLookupFunctionEntry
GlobalAlloc
LocalFileTimeToFileTime
FindClose
Sleep
FormatMessageA
GetTickCount
CreateFileA
RtlCaptureContext
GetVersion
FindResourceA
SetCurrentDirectoryA
GetSystemInfo
CloseHandle
CharPrevA
EndDialog
SetWindowLongPtrA
ShowWindow
MessageBeep
SetWindowPos
SendDlgItemMessageA
GetSystemMetrics
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
PeekMessageA
CharUpperA
GetDC
ReleaseDC
SetWindowTextA
LoadStringA
SendMessageA
GetDlgItem
GetWindowLongPtrA
CharNextA
GetDesktopWindow
CallWindowProcA
MsgWaitForMultipleObjects
SetForegroundWindow
ExitWindowsEx
DialogBoxIndirectParamA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
_cexit
?terminate@@YAXXZ
_vsnprintf
_ismbblead
__C_specific_handler
_acmdln
_exit
__getmainargs
memset
memcpy
memcpy_s
_amsg_exit
exit
_XcptFilter
_commode
_initterm
_fmode
__setusermatherr
__set_app_type
Number of PE resources by type
RT_RCDATA 14
RT_ICON 13
RT_DIALOG 12
RT_STRING 12
RT_VERSION 2
RT_MANIFEST 1
AVI 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 33
SPANISH MODERN 23
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.0

LinkerVersion
14.0

ImageVersion
10.0

FileSubtype
0

FileVersionNumber
11.0.14393.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
155648

EntryPoint
0x7b10

OriginalFileName
WEXTRACT.EXE .MUI

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
11.00.14393.0 (rs1_release.160715-1616)

TimeStamp
2016:07:16 03:26:56+01:00

FileType
Win64 EXE

PEType
PE32+

InternalName
Wextract

ProductVersion
11.00.14393.0

FileDescription
Win32 Cabinet Self-Extractor

OSVersion
10.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
AMD AMD64

CompanyName
Microsoft Corporation

CodeSize
30208

ProductName
Internet Explorer

ProductVersionNumber
11.0.14393.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 97672828fb2600a839f74efbab22dd79
SHA1 aa658885f32a35cb09f106b72cb045f873910729
SHA256 06c17389ae0037d509d4325eb25e3bad6034407bbdd29ec0dfe7e5464ca99532
ssdeep
3072:t29+hIl2/Zp115GWp1icKAArDZz4N9GhbkrNEkiei7R8IgG+sXiq:Ew3vp0yN90QE1SZG+s7

authentihash 33d226cec481de84794772faecdf2f11b036bb62d7caf013b4ac3a0f0493f542
imphash f26f5bea701561745dea20a33c88cd5f
File size 182.5 KB ( 186880 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI) Mono/.Net assembly

TrID Win64 Executable (generic) (87.3%)
Generic Win/DOS Executable (6.3%)
DOS Executable Generic (6.3%)
Tags
64bits peexe assembly

VirusTotal metadata
First submission 2017-03-20 21:50:04 UTC ( 2 years ago )
Last submission 2017-03-20 21:50:04 UTC ( 2 years ago )
File names EImproved-2.2-INSTALLER-EXE.exe
Wextract
WEXTRACT.EXE .MUI
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!