× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 12359624ee184639aef4ccca03751ae9ce1371512de52a3a4bfda1970edd0c60
File name: vti-rescan
Detection ratio: 12 / 44
Analysis date: 2012-12-27 06:42:16 UTC ( 5 years, 11 months ago ) View latest
Antivirus Result Update
AntiVir TR/Drop.Injector.gmtj 20121226
Avast Win32:FakeAV-EEX [Trj] 20121227
AVG Win32/Cryptor 20121226
CAT-QuickHeal TrojanDropper.Injector.gmtj 20121227
ESET-NOD32 a variant of Win32/Injector.YYR 20121226
Fortinet W32/Injector.YYR!tr 20121227
GData Win32:FakeAV-EEX 20121227
Ikarus Trojan.SuspectCRC 20121227
Kaspersky Trojan-Dropper.Win32.Injector.gmtj 20121227
Panda Trj/CI.A 20121226
TrendMicro-HouseCall TROJ_GEN.R47B1LM 20121227
VIPRE Trojan.Win32.Generic!BT 20121227
Yandex 20121226
AhnLab-V3 20121226
Antiy-AVL 20121226
BitDefender 20121227
ByteHero 20121226
Commtouch 20121227
Comodo 20121227
DrWeb 20121227
Emsisoft 20121227
eSafe 20121226
F-Prot 20121226
F-Secure 20121227
Jiangmin 20121221
K7AntiVirus 20121226
Kingsoft 20121225
Malwarebytes 20121227
McAfee 20121227
McAfee-GW-Edition 20121226
Microsoft 20121227
eScan 20121227
NANO-Antivirus 20121227
Norman 20121226
nProtect 20121226
PCTools 20121227
Rising 20121227
Sophos AV 20121227
SUPERAntiSpyware 20121227
Symantec 20121227
TheHacker 20121226
TotalDefense 20121226
TrendMicro 20121227
ViRobot 20121227
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright City Computer International

Product HostMaintenanceDaemonTime
Original name HostMaintenanceDaemonTime.exe
Internal name HostMaintenanceDaemonTime
File version 11.10.5.12
Description HostMaintenanceDaemonTime
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-03-07 10:00:41
Entry Point 0x00043573
Number of sections 4
PE sections
Overlays
MD5 406afa9a89a4d9e0c2dcdd77bd0a535a
File type ASCII text
Offset 3387392
Size 7104606
Entropy 0.00
PE imports
MoveToEx
ExtTextOutW
SetMapMode
DeleteDC
GetPixel
GetCharacterPlacementW
CreatePen
GetBkMode
GetCharWidthW
SelectPalette
GetCharABCWidthsFloatA
CreateSolidBrush
Polyline
ExtTextOutA
DeleteObject
CreateCompatibleBitmap
Rectangle
GetStdHandle
GetConsoleOutputCP
GetFileAttributesA
HeapDestroy
VerifyVersionInfoW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetCPInfo
GetStringTypeA
InterlockedExchange
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
FormatMessageW
InitializeCriticalSection
TlsGetValue
SetLastError
GetModuleFileNameW
SetConsoleActiveScreenBuffer
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
UnhandledExceptionFilter
MultiByteToWideChar
GetModuleHandleA
CreateSemaphoreA
CreateSemaphoreW
TerminateProcess
VirtualQuery
GetCurrentThreadId
SleepEx
HeapFree
EnterCriticalSection
SetHandleCount
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetDateFormatA
GetDateFormatW
GetProcAddress
CompareStringW
WriteFile
GetBinaryTypeW
FindFirstFileA
CompareStringA
GetBinaryTypeA
EscapeCommFunction
GetPrivateProfileSectionW
LocalSize
GetCurrencyFormatA
GetFileType
TlsSetValue
ExitProcess
GetCurrencyFormatW
LeaveCriticalSection
GetLastError
FlushConsoleInputBuffer
LCMapStringW
SetConsoleMode
GetSystemInfo
LCMapStringA
GetEnvironmentStringsW
EnumTimeFormatsW
GetEnvironmentStrings
GetCurrentProcessId
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
TlsFree
SetFilePointer
SetCommBreak
CloseHandle
GetACP
IsBadStringPtrW
HeapCreate
OpenSemaphoreA
VirtualFree
Sleep
IsBadReadPtr
IsBadStringPtrA
GetProcessVersion
VirtualAlloc
CommandLineToArgvW
UpdateWindow
HideCaret
KillTimer
RegisterWindowMessageA
DefWindowProcA
ShowWindow
SetClassLongA
GetClipboardData
EnableWindow
SetWindowPlacement
PostMessageA
SetWindowPos
SetKeyboardState
DestroyCaret
SetActiveWindow
SetScrollInfo
GetCursorPos
MapDialogRect
CreatePopupMenu
CheckMenuItem
SetClipboardData
IsZoomed
SendMessageA
CloseClipboard
GetDlgItem
WinHelpA
LoadCursorA
EnableMenuItem
InvalidateRect
GetWindowLongA
SetTimer
SetWindowTextA
GetKeyboardLayout
ShowCursor
CreateCaret
CheckDlgButton
SetForegroundWindow
Number of PE resources by type
RT_ICON 6
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 8
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
7.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.2.5.7

LanguageCode
English (British)

FileFlagsMask
0x0000

FileDescription
HostMaintenanceDaemonTime

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
2908160

EntryPoint
0x43573

OriginalFileName
HostMaintenanceDaemonTime.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright City Computer International

FileVersion
11.10.5.12

TimeStamp
2009:03:07 11:00:41+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
HostMaintenanceDaemonTime

ProductVersion
11.10.5.12

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
City Computer International

CodeSize
483328

ProductName
HostMaintenanceDaemonTime

ProductVersionNumber
9.5.9.3

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 a0552d1bc1a4897141cfa56f75c04857
SHA1 93cf1d65e0374410a9a827256a923fdb8f5f38ca
SHA256 12359624ee184639aef4ccca03751ae9ce1371512de52a3a4bfda1970edd0c60
ssdeep
49152:zxgla2pJmv+gJMUBzKGAUdw4PMU0HhJHK4do/zDjmA3seuOly:zxgbmvPMq+GRMU0BJq+ormA3sROly

authentihash 2439503ff08ad1885172162612fc189dc8574d7d4f1221605892da0986827730
imphash 8ef14f5d6201a6d2ccee10bfc5bcec0c
File size 10.0 MB ( 10491998 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 EXE PECompact compressed (generic) (35.3%)
Win32 Executable MS Visual C++ (generic) (26.5%)
Win64 Executable (generic) (23.5%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
Tags
peexe overlay

VirusTotal metadata
First submission 2012-12-02 19:26:39 UTC ( 6 years ago )
Last submission 2018-11-10 05:41:20 UTC ( 1 month ago )
File names HostMaintenanceDaemonTime.exe
SpeedCommander.v14.40.Incl.Keygen-MESMERiZE.ex
SpeedCommander.v14.40.Incl.Keygen-MESMERiZE.exe
SpeedCommander.v14.40.Incl.Keygen-MESMERiZE.exe_
SpeedCommander.v14.40.Incl.Keygen-MESMERiZE.exe_
SpeedCommander.v14.40.Incl.Keygen-MESMERiZE.exe
vti-rescan
93cf1d65e0374410a9a827256a923fdb8f5f38ca_SpeedCommander.v14.40.Incl.Keygen-MESMERiZE.ex
SpeedCommander.v14.40.Incl.Keygen-MESMERiZE.exe
HostMaintenanceDaemonTime
SpeedCommander.v14.40.Incl.Keygen-MESMERiZE.exe_
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R047C0DAU16.

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Created processes
Opened mutexes
Runtime DLLs