× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0d962b791730e20cc8b70cc387659ec791e52e7e5a8c5592f30c8120ffd3c3d9
File name: skyforge-8339-jetelecharge.exe
Detection ratio: 0 / 61
Analysis date: 2017-05-16 15:26:25 UTC ( 7 months ago ) View latest
Antivirus Result Update
Ad-Aware 20170516
AegisLab 20170516
AhnLab-V3 20170516
Alibaba 20170516
ALYac 20170516
Antiy-AVL 20170516
Arcabit 20170516
Avast 20170516
AVG 20170516
Avira (no cloud) 20170516
AVware 20170516
Baidu 20170503
BitDefender 20170516
Bkav 20170516
CAT-QuickHeal 20170516
ClamAV 20170515
CMC 20170516
Comodo 20170516
CrowdStrike Falcon (ML) 20170130
Cyren 20170516
DrWeb 20170516
Emsisoft 20170516
Endgame 20170515
ESET-NOD32 20170516
F-Prot 20170516
F-Secure 20170516
Fortinet 20170516
GData 20170516
Ikarus 20170516
Sophos ML 20170413
Jiangmin 20170516
K7AntiVirus 20170516
K7GW 20170516
Kaspersky 20170516
Kingsoft 20170516
Malwarebytes 20170516
McAfee 20170516
McAfee-GW-Edition 20170516
Microsoft 20170516
eScan 20170516
NANO-Antivirus 20170516
nProtect 20170516
Palo Alto Networks (Known Signatures) 20170516
Panda 20170516
Qihoo-360 20170516
Rising 20170516
SentinelOne (Static ML) 20170516
Sophos AV 20170516
SUPERAntiSpyware 20170516
Symantec 20170516
Tencent 20170516
TheHacker 20170514
TotalDefense 20170516
TrendMicro-HouseCall 20170516
Trustlook 20170516
VBA32 20170516
VIPRE 20170516
ViRobot 20170516
Webroot 20170516
WhiteArmor 20170512
Yandex 20170515
Zillya 20170516
ZoneAlarm by Check Point 20170516
Zoner 20170516
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (C) 2016 MY.COM B.V.

Product MY.COM GAME CENTER
Original name MyComGames.exe
Internal name MyComSetup.exe
File version 3.0.180.33400
Description MY.COM GAME CENTER
Signature verification Signed file, verified signature
Signing date 1:53 PM 4/29/2016
Signers
[+] my.com .BV
Status Valid
Issuer Symantec Class 3 SHA256 Code Signing CA
Valid from 1:00 AM 1/16/2015
Valid to 12:59 AM 1/16/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint DE659D778F2EB1D26B54807F7CBD571A18D0826B
Serial number 4E 29 F8 7C 0D 48 C2 DC 1A 8A 96 6D A4 09 85 D6
[+] Symantec Class 3 SHA256 Code Signing CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 12/10/2013
Valid to 12:59 AM 12/10/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint 007790F6561DAD89B0BCD85585762495E358F8A5
Serial number 3D 78 D7 F9 76 49 60 B2 61 7D F4 F0 1E CA 86 2A
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT UPX_LZMA
PEiD UPX 2.93 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-04-29 12:02:00
Entry Point 0x00C90FD0
Number of sections 3
PE sections
Overlays
MD5 2351d03893a1de225614ff1602936546
File type data
Offset 5225472
Size 13168
Entropy 7.34
PE imports
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
NetWkstaGetInfo
CoInitialize
VariantCopy
ShellExecuteExW
CharNextW
VerQueryValueW
InternetOpenA
PE exports
Number of PE resources by type
RT_RCDATA 18
RT_ICON 12
RT_STRING 9
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 29
NEUTRAL 11
NEUTRAL SYS DEFAULT 2
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
2.25

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.0.180.33400

UninitializedDataSize
7987200

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
36864

EntryPoint
0xc90fd0

OriginalFileName
MyComGames.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2016 MY.COM B.V.

FileVersion
3.0.180.33400

TimeStamp
2016:04:29 13:02:00+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MyComSetup.exe

ProductVersion
3.0.180.33400

FileDescription
MY.COM GAME CENTER

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
MY.COM B.V.

CodeSize
5189632

ProductName
MY.COM GAME CENTER

ProductVersionNumber
3.0.180.33400

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 d95a21fcccde29ac62180f31744dc861
SHA1 f005af9a2966650e11624311cd31c39d40e1a01f
SHA256 0d962b791730e20cc8b70cc387659ec791e52e7e5a8c5592f30c8120ffd3c3d9
ssdeep
98304:/HdCtVkuDZQcVgE9r41MsdjPlzi+oWIfP+5ljmtB6TUrMP:1YtQYTr41tdLPmP+bdpP

authentihash 4da81980c709567c7a4da0a124887ac3e3a41f8d230f698b1941c72e68f8f1be
imphash c66ded1f2430307aebe404672bb8278a
File size 5.0 MB ( 5238640 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (38.2%)
Win32 EXE Yoda's Crypter (37.5%)
Win32 Dynamic Link Library (generic) (9.2%)
Win32 Executable (generic) (6.3%)
Win16/32 Executable Delphi generic (2.9%)
Tags
peexe signed upx overlay

VirusTotal metadata
First submission 2016-04-29 13:01:28 UTC ( 1 year, 7 months ago )
Last submission 2017-05-16 15:26:25 UTC ( 7 months ago )
File names MyComSetup.exe
skyforge-8339-jetelecharge.exe
SkyforgeLoader_fr.exe
skyforge-8339-jetelecharge.exe
MyComGames.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Shell commands
Created mutexes
Opened mutexes
Searched windows
Runtime DLLs
UDP communications