× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 111ccef7f31f9842db04beae896137a39797c812b3fb8831b5f58c9840a08473
File name: Spelunky 24 Trainer.exe
Detection ratio: 1 / 42
Analysis date: 2012-02-06 15:29:29 UTC ( 5 years, 1 month ago ) View latest
Antivirus Result Update
McAfee-GW-Edition Heuristic.LooksLike.Win32.Suspicious.F 20120205
AhnLab-V3 20120206
AntiVir 20120206
Antiy-AVL 20120206
Avast 20120206
AVG 20120206
BitDefender 20120206
ByteHero 20120126
CAT-QuickHeal 20120206
ClamAV 20120206
Commtouch 20120206
Comodo 20120206
DrWeb 20120206
Emsisoft 20120206
eSafe 20120202
eTrust-Vet 20120206
F-Prot 20120201
F-Secure 20120206
Fortinet 20120206
GData 20120206
Ikarus 20120206
Jiangmin 20120206
K7AntiVirus 20120203
Kaspersky 20120206
McAfee 20120206
Microsoft 20120206
NOD32 20120206
Norman 20120206
nProtect 20120206
PCTools 20120205
Prevx 20120206
Rising 20120206
Sophos 20120206
SUPERAntiSpyware 20120203
Symantec 20120206
TheHacker 20120206
TrendMicro 20120206
TrendMicro-HouseCall 20120206
VBA32 20120206
VIPRE 20120206
ViRobot 20120206
VirusBuster 20120206
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2012 t2Eservo. All Rights Reserved.

Product Spelunky +24 Trainer
File version 1.0.0.0
Description Spelunky PC game trainer
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-02-05 10:20:48
Entry Point 0x000321E8
Number of sections 3
PE sections
PE imports
OpenProcessToken
InitCommonControls
SetBkMode
GetProcAddress
GetModuleHandleA
EnumProcesses
ShellExecuteA
Number of PE resources by type
RT_BITMAP 4
RT_ICON 3
RT_DIALOG 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
2.56

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
27648

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
ASCII

InitializedDataSize
158208

EntryPoint
0x321e8

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2012 t2Eservo. All Rights Reserved.

FileVersion
1.0.0.0

TimeStamp
2012:02:05 11:20:48+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0.0.0

FileDescription
Spelunky PC game trainer

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
t2Eservo

CodeSize
43520

ProductName
Spelunky +24 Trainer

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 6351bf2aba2fb4478b4f3deee4c76533
SHA1 c3e47de5b4e80b04ad706b4b7412dc45aad9df1e
SHA256 111ccef7f31f9842db04beae896137a39797c812b3fb8831b5f58c9840a08473
ssdeep
1536:GchqrKxLZB2zh+01VPyPGO+4ongiXSK7rPJtTJ0ulZF:G+ZB2N+OPG8NSOrh/

authentihash 915c649be854c2aa65909c4dc57e54eff601a1e0dc4618ac8355f804978e0c19
imphash 8f33516fec20690e907603ce6049bf7b
File size 87.5 KB ( 89600 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe

VirusTotal metadata
First submission 2012-02-05 11:41:50 UTC ( 5 years, 1 month ago )
Last submission 2014-12-29 04:52:17 UTC ( 2 years, 2 months ago )
File names SpelunkyTrainer.exe
111ccef7f31f9842db04beae896137a39797c812b3fb8831b5f58c9840a08473.log
Spelunky +24 Trainer.exe
Spelunky 24 Trainer.exe
file-3508529_exe
c3e47de5b4e80b04ad706b4b7412dc45aad9df1e.bin
6351bf2aba2fb4478b4f3deee4c76533
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!