× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0eb673dbfc5e6a7b6d4a23ebda6031d8ec17ab46193166251829776b10b26c93
File name: HibernateOnPowerFail
Detection ratio: 0 / 57
Analysis date: 2015-02-26 01:10:03 UTC ( 6 months, 1 week ago )
Antivirus Result Update
ALYac 20150226
AVG 20150226
AVware 20150226
Ad-Aware 20150226
AegisLab 20150226
Agnitum 20150225
AhnLab-V3 20150225
Alibaba 20150225
Antiy-AVL 20150225
Avast 20150226
Avira 20150226
Baidu-International 20150225
BitDefender 20150226
Bkav 20150225
ByteHero 20150226
CAT-QuickHeal 20150225
CMC 20150223
ClamAV 20150226
Comodo 20150226
Cyren 20150226
DrWeb 20150226
ESET-NOD32 20150226
Emsisoft 20150226
F-Prot 20150226
F-Secure 20150225
Fortinet 20150226
GData 20150226
Ikarus 20150226
Jiangmin 20150225
K7AntiVirus 20150225
K7GW 20150226
Kaspersky 20150225
Kingsoft 20150226
Malwarebytes 20150226
McAfee 20150226
McAfee-GW-Edition 20150226
MicroWorld-eScan 20150226
Microsoft 20150226
NANO-Antivirus 20150226
Norman 20150225
Panda 20150225
Qihoo-360 20150226
Rising 20150225
SUPERAntiSpyware 20150226
Sophos 20150226
Symantec 20150226
Tencent 20150226
TheHacker 20150225
TotalDefense 20150226
TrendMicro 20150226
TrendMicro-HouseCall 20150226
VBA32 20150225
VIPRE 20150226
ViRobot 20150225
Zillya 20150226
Zoner 20150223
nProtect 20150225
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2011 Axel Walthelm

Publisher www.walthelm.net
Product www.visionventions.com
Original name HibernateOnPowerFail.exe
Internal name HibernateOnPowerFail
File version 0.9.0.1
Description Hibernate notebook when power offline
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-05-15 18:20:49
Link date 7:20 PM 5/15/2011
Entry Point 0x0000145C
Number of sections 2
PE sections
PE imports
CloseServiceHandle
StartServiceW
OpenProcessToken
SetServiceStatus
QueryServiceStatus
OpenSCManagerW
OpenServiceW
AdjustTokenPrivileges
ControlService
StartServiceCtrlDispatcherW
LookupPrivilegeValueW
DeleteService
CreateProcessAsUserW
CreateServiceW
GetLastError
HeapFree
GetModuleFileNameW
WaitForSingleObject
SetEvent
HeapAlloc
LoadLibraryA
GetCurrentProcess
GetCommandLineW
GetProcAddress
GetSystemPowerStatus
GetProcessHeap
CreateThread
SetSystemPowerState
InterlockedExchange
CloseHandle
GetModuleHandleW
FreeLibrary
TerminateProcess
CreateEventW
InterlockedDecrement
Sleep
ExitProcess
InterlockedIncrement
MessageBoxW
RegisterClassExW
GetMessageW
DefWindowProcW
MessageBoxA
CreateWindowExW
TranslateMessage
DispatchMessageW
DestroyWindow
Number of PE resources by type
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
NEUTRAL DEFAULT 1
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
13824

ImageVersion
0.0

ProductName
www.visionventions.com

FileVersionNumber
0.9.0.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
ASCII

LinkerVersion
6.0

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
0.9.0.1

TimeStamp
2011:05:15 19:20:49+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
HibernateOnPowerFail

ProductVersion
0.9.0.1

FileDescription
Hibernate notebook when power offline

OSVersion
4.0

OriginalFilename
HibernateOnPowerFail.exe

LegalCopyright
2011 Axel Walthelm

MachineType
Intel 386 or later, and compatibles

CompanyName
www.walthelm.net

CodeSize
0

FileSubtype
0

ProductVersionNumber
0.9.0.1

EntryPoint
0x145c

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 b422c9b7de1f1e4e2524e8dab14ab88c
SHA1 502c53c663a4b92b009b109660b10aa3a45837d0
SHA256 0eb673dbfc5e6a7b6d4a23ebda6031d8ec17ab46193166251829776b10b26c93
ssdeep
192:TCxugT5DcyhsFfv+HQAnjAKFxA8BDkowVnij0W57DF5LTqex:TCxPVNC+HQodDkpBij0Wxeex

authentihash f0a6bfae8e8ddc50bce6d567ec2e75a24259eae9efeaa4ef9fa76a1c2a09838a
imphash c1af09c99e6f073fbfa10084f841b698
File size 14.5 KB ( 14848 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2012-08-06 12:13:30 UTC ( 3 years ago )
Last submission 2013-10-22 00:40:16 UTC ( 1 year, 10 months ago )
File names HibernateOnPowerFail
0eb673dbfc5e6a7b6d4a23ebda6031d8ec17ab46193166251829776b10b26c93
HibernateOnPowerFail.exe
file-4342320_exe
HibernateOnPowerFail.exe
HibernateOnPowerFail.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/doc/pua.html .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!