× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0db0c0d43af301e41f135fda7326cdefc6b01de1b06e57cd4de08bd0f3bb6903
File name: info.ex
Detection ratio: 6 / 42
Analysis date: 2012-02-01 16:03:31 UTC ( 6 years, 8 months ago ) View latest
Antivirus Result Update
BitDefender Gen:Variant.Kazy.54038 20120201
DrWeb Trojan.Fakealert.27220 20120201
F-Secure Gen:Variant.Kazy.54038 20120201
GData Gen:Variant.Kazy.54038 20120201
Panda Suspicious file 20120131
VIPRE Trojan.Win32.Generic.pak!cobra 20120201
AhnLab-V3 20120131
AntiVir 20120201
Antiy-AVL 20120131
Avast 20120201
AVG 20120201
CAT-QuickHeal 20120131
ClamAV 20120201
Commtouch 20120201
Comodo 20120201
Emsisoft 20120201
eSafe 20120130
eTrust-Vet 20120201
F-Prot 20120201
Fortinet 20120201
Ikarus 20120201
Jiangmin 20120201
K7AntiVirus 20120131
Kaspersky 20120201
McAfee 20120201
McAfee-GW-Edition 20120201
Microsoft 20120201
NOD32 20120201
Norman 20120201
nProtect 20120201
PCTools 20120201
Prevx 20120201
Rising 20120118
Sophos AV 20120201
SUPERAntiSpyware 20120201
Symantec 20120201
TheHacker 20120131
TrendMicro 20120201
TrendMicro-HouseCall 20120201
VBA32 20120131
ViRobot 20120201
VirusBuster 20120201
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) Corp 1999-2012. All rights reserved.

Publisher Microsoft Corp
Original name EVW.EXE
Internal name CV.EXE
File version 66.20268
Description Windows View
PE header basic information
Number of sections 6
PE sections
PE imports
RegCloseKey, RegCreateKeyExW, RegOpenKeyExW, RegQueryValueExW, RegSetValueExW, InitializeSecurityDescriptor, CopySid, GetLengthSid, SetSecurityDescriptorOwner, SetSecurityDescriptorGroup, RegDeleteKeyW, RegEnumKeyExW, LsaOpenPolicy, LsaLookupNames, GetSidSubAuthorityCount, GetSidSubAuthority, LsaFreeMemory, LsaOpenAccount, LsaCreateAccount, LsaGetSystemAccessAccount, LsaSetSystemAccessAccount, LsaClose, GetSecurityDescriptorLength, GetSecurityDescriptorControl, AllocateAndInitializeSid, MakeSelfRelativeSD, FreeSid, MapGenericMask, ControlService, StartServiceW, EnumDependentServicesW, ChangeServiceConfigW, QueryServiceStatusEx, RevertToSelf, IsWellKnownSid, RegConnectRegistryW, QueryServiceStatus, GetUserNameW, RegDeleteValueW, EnumServicesStatusW, OpenSCManagerW, OpenServiceW, QueryServiceConfigW, CloseServiceHandle, AddAccessAllowedAce, InitializeAcl, SetSecurityDescriptorDacl
-, -, -, -, -, -
CMP_UnregisterNotification, CM_Free_Log_Conf, CM_Disconnect_Machine, CM_Free_Res_Des, CM_Disable_DevNode, CM_Get_Hardware_Profile_Info_ExW, CM_Get_HW_Prof_Flags_ExW, CM_Connect_MachineW, CM_Set_HW_Prof_Flags_ExW
DeleteObject
GetComputerNameExW, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, LocalAlloc, PulseEvent, ResumeThread, CreateThread, Sleep, lstrcpyW, CreateEventW, DuplicateHandle, WaitForSingleObject, lstrcmpW, SetEvent, GetComputerNameW, WideCharToMultiByte, LoadLibraryA, CreateProcessW, FreeLibrary, OutputDebugStringA, SetLastError, LoadLibraryW, GetProcAddress, GetModuleHandleA, GlobalAlloc, IsBadReadPtr, IsBadStringPtrW, GlobalFree, IsBadWritePtr, GetSystemWindowsDirectoryW, LocalFree, DeleteCriticalSection, InitializeCriticalSection, GlobalLock, GlobalUnlock, FormatMessageW, GetCurrentThread, GetModuleFileNameW, GetModuleHandleW, InterlockedDecrement, InterlockedIncrement, MultiByteToWideChar, lstrcmpiW, GetCurrentProcess, CloseHandle, GetLastError, lstrlenW, GetCurrentThreadId, EnterCriticalSection, LeaveCriticalSection, GetExitCodeProcess, lstrcpynW, GetWindowsDirectoryW, GetCommandLineW
-, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
-, -, -, -, -, -, -, -, -, -, -
-, -, -, SHChangeNotify, -, -, -
SetWindowsHookExW, CallNextHookEx, UnhookWindowsHookEx, GetDlgCtrlID, GetWindowRect, KillTimer, SetTimer, DialogBoxParamW, MsgWaitForMultipleObjects, TranslateMessage, DispatchMessageW, PeekMessageW, EnumThreadWindows, GetDesktopWindow, GetFocus, SetActiveWindow, SetWindowTextW, ShowWindow, GetParent, PostMessageW, LoadIconW, GetSystemMetrics, LoadBitmapW, SetDlgItemTextW, GetDlgItem, EnableWindow, EndDialog, IsDlgButtonChecked, GetDlgItemTextW, GetWindowLongW, SendMessageW, SetWindowLongW, SetFocus, WinHelpW, IsWindowVisible, GetClientRect, MessageBoxW, RegisterClipboardFormatW, LoadStringW, wsprintfW, GetActiveWindow
free, iswspace, _terminate@@YAXXZ, _onexit, __dllonexit, __1type_info@@UAE@XZ, _adjust_fdiv, _initterm, _CxxThrowException, calloc, _wtoi64, _wcsnicmp, _stricmp, wcschr, _purecall, _except_handler3, wcsncmp, memmove, wcslen, _wcsicmp, __RTDynamicCast, wcscpy, wcscmp, __CxxFrameHandler, malloc
ReleaseStgMedium, CoInitialize, CoUninitialize, CreateStreamOnHGlobal, GetHGlobalFromStream, CoTaskMemAlloc, StringFromGUID2, StringFromCLSID, CoTaskMemFree, CoCreateInstance
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
0

ImageVersion
20.3

FileVersionNumber
6.0.2028.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Windows View

CharacterSet
Unicode

LinkerVersion
9.0

FileOS
Win32

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
66.20268

TimeStamp
2012:02:01 10:47:32+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
CV.EXE

ProductVersion
66.0628

SubsystemVersion
5.0

OSVersion
5.0

OriginalFilename
EVW.EXE

LegalCopyright
Copyright Corp 1999-2012. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corp

CodeSize
8192

FileSubtype
0

ProductVersionNumber
6.0.2028.0

EntryPoint
0x2a80

ObjectFileType
Executable application

File identification
MD5 98896ea1400666fab3ff2e631e9887ed
SHA1 b16482e958693f9adc99fb1fcab868d9cb557540
SHA256 0db0c0d43af301e41f135fda7326cdefc6b01de1b06e57cd4de08bd0f3bb6903
ssdeep
6144:KicorCJ2DCxSFgVk/oV2vTG+N3wwfUTz21QSzPkST0QAefEdrdgHVPi/DFwu5H:frCEDCxluN39q4QMr0em/D/5H

File size 439.0 KB ( 449536 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
VirusTotal metadata
First submission 2012-02-01 12:37:32 UTC ( 6 years, 8 months ago )
Last submission 2012-02-04 15:36:08 UTC ( 6 years, 8 months ago )
File names 98896ea1400666fab3ff2e631e9887ed
about.exe
nJKYVsNDdEKo._e_x_e
info.ex
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!