× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0ad15451659c36251aab6a53557a0cae5a655052b2892c409c2fa367999668dc
File name: DmC_Devil_May_Cry_Turkce_Yama_1.0.exe
Detection ratio: 0 / 63
Analysis date: 2017-07-15 00:52:43 UTC ( 1 year, 8 months ago ) View latest
Antivirus Result Update
Ad-Aware 20170715
AegisLab 20170714
AhnLab-V3 20170714
Alibaba 20170714
ALYac 20170714
Antiy-AVL 20170715
Arcabit 20170714
Avast 20170715
AVG 20170715
Avira (no cloud) 20170714
AVware 20170715
Baidu 20170714
BitDefender 20170715
Bkav 20170714
CAT-QuickHeal 20170714
ClamAV 20170715
CMC 20170714
Comodo 20170715
CrowdStrike Falcon (ML) 20170710
Cylance 20170715
Cyren 20170714
DrWeb 20170714
Emsisoft 20170714
Endgame 20170713
ESET-NOD32 20170714
F-Prot 20170715
F-Secure 20170714
Fortinet 20170629
GData 20170714
Ikarus 20170714
Sophos ML 20170607
Jiangmin 20170714
K7AntiVirus 20170714
K7GW 20170715
Kaspersky 20170714
Kingsoft 20170715
Malwarebytes 20170714
MAX 20170714
McAfee 20170715
McAfee-GW-Edition 20170715
Microsoft 20170714
eScan 20170715
NANO-Antivirus 20170714
nProtect 20170715
Palo Alto Networks (Known Signatures) 20170715
Panda 20170714
Qihoo-360 20170715
Rising 20170715
SentinelOne (Static ML) 20170516
Sophos AV 20170714
SUPERAntiSpyware 20170715
Symantec 20170714
Symantec Mobile Insight 20170713
Tencent 20170715
TheHacker 20170712
TrendMicro 20170715
TrendMicro-HouseCall 20170714
Trustlook 20170715
VBA32 20170714
VIPRE 20170714
ViRobot 20170714
Webroot 20170715
WhiteArmor 20170713
Yandex 20170714
Zillya 20170714
ZoneAlarm by Check Point 20170715
Zoner 20170715
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2013

Product DMC Devil May Cry Türkçe Yama
File version 1.00
Description DMC Devil May Cry TR v1.00
Comments Türkçe Yama
Packers identified
F-PROT NSIS, appended, UPX, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-12-05 22:50:46
Entry Point 0x0003C400
Number of sections 3
PE sections
Overlays
MD5 53ef1796c19ff10e1a28f2a6e114bc70
File type data
Offset 26112
Size 483362
Entropy 8.00
PE imports
RegEnumKeyA
SetBkMode
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
ShellExecuteA
VerQueryValueA
CoTaskMemFree
Number of PE resources by type
RT_DIALOG 4
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 7
NEUTRAL 1
PE resources
ExifTool file metadata
CodeSize
20480

SubsystemVersion
4.0

Comments
T rk e Yama

LinkerVersion
6.0

ImageVersion
6.0

CompanyWebsite
http://www.oyunceviri.com

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x0000

FileDescription
DMC Devil May Cry TR v1.00

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
8192

EntryPoint
0x3c400

MIMEType
application/octet-stream

LegalCopyright
2013

FileVersion
1.0

TimeStamp
2009:12:05 14:50:46-08:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0

UninitializedDataSize
225280

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
T rk e Yama

LegalTrademarks
DMC Devil May Cry Capcom

ProductName
DMC Devil May Cry T rk e Yama

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 690bb44d98c540388beed4a5fb6a2843
SHA1 2dc4261d8ce1b8b337392bec89659e7574493e93
SHA256 0ad15451659c36251aab6a53557a0cae5a655052b2892c409c2fa367999668dc
ssdeep
12288:aN423r3HdpeVyT1NfSkcauOZY6oxDBpWZjvAvu5glwJ7UUxhd3/fLKalX:a33r3HzeVyZNfSnauF6ApWZjvAvOhN1X

authentihash fabb3dbac7a08037f3dc8b022d48d483ebe0a3e74163845c9e00991da921b705
imphash 2134f794bcda54794e74b7208adb2204
File size 497.5 KB ( 509474 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (38.2%)
Win32 EXE Yoda's Crypter (37.5%)
Win32 Dynamic Link Library (generic) (9.2%)
Win32 Executable (generic) (6.3%)
OS/2 Executable (generic) (2.8%)
Tags
nsis peexe upx overlay

VirusTotal metadata
First submission 2013-03-18 14:02:14 UTC ( 6 years ago )
Last submission 2017-07-15 00:52:43 UTC ( 1 year, 8 months ago )
File names Devil May Cry 5 Trke Yama v1.00.exe
Devil May Cry 5 Türkçe Yama v1.00.exe
file-5814530_exe
Devil May Cry 5 Türkçe Yama v1.00.exe
DmC_Devil_May_Cry_Turkce_Yama_1.0.exe
DMC_Devil_May_Cry_Turkce_Yama_v1.00.exe
Devil May Cry 5 Türkçe Yama v1.00.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspicious_GEN.F47V0923.

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Deleted files
Set keys
Created mutexes
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
UDP communications