× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 12bcae20e6ec070e1bf84b99d600dbd891fe816e3de540af685352bb47661879
File name: game4free.exe
Detection ratio: 5 / 57
Analysis date: 2015-10-06 15:37:39 UTC ( 3 years, 4 months ago ) View latest
Antivirus Result Update
ESET-NOD32 Win32/Sopinar.C 20151006
Kaspersky Trojan.Win32.Inject.vjal 20151006
Panda Generic Suspicious 20151006
Qihoo-360 HEUR/QVM07.1.Malware.Gen 20151006
Sophos AV Mal/Generic-S 20151006
Ad-Aware 20151006
AegisLab 20151006
Yandex 20151004
AhnLab-V3 20151006
Alibaba 20150927
ALYac 20151006
Antiy-AVL 20151006
Arcabit 20151006
Avast 20151006
AVG 20151006
Avira (no cloud) 20151006
AVware 20151006
Baidu-International 20151006
BitDefender 20151006
Bkav 20151006
ByteHero 20151006
CAT-QuickHeal 20151005
ClamAV 20151006
CMC 20151005
Comodo 20151006
Cyren 20151006
DrWeb 20151006
Emsisoft 20151006
F-Prot 20151006
F-Secure 20151006
Fortinet 20151006
GData 20151006
Ikarus 20151006
Jiangmin 20151005
K7AntiVirus 20151006
K7GW 20151006
Kingsoft 20151006
Malwarebytes 20151006
McAfee 20151006
McAfee-GW-Edition 20151006
Microsoft 20151006
eScan 20151006
NANO-Antivirus 20151006
nProtect 20151006
Rising 20151006
SUPERAntiSpyware 20151006
Symantec 20151006
Tencent 20151006
TheHacker 20151006
TotalDefense 20151006
TrendMicro 20151006
TrendMicro-HouseCall 20151006
VBA32 20151006
VIPRE 20151006
ViRobot 20151006
Zillya 20151006
Zoner 20151006
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-08-03 19:57:40
Entry Point 0x0000F6F5
Number of sections 4
PE sections
PE imports
RegEnumValueW
RegSetValueExW
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyW
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExW
CryptDestroyHash
GetLastError
GetEnvironmentVariableA
HeapFree
GetStdHandle
GetCurrentThread
LCMapStringW
SetHandleCount
WaitForSingleObject
FreeLibrary
QueryPerformanceCounter
HeapDestroy
ExitProcess
IsBadWritePtr
TlsAlloc
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
DeleteCriticalSection
LeaveCriticalSection
EnumSystemLocalesA
EnterCriticalSection
GetEnvironmentStrings
GetLocaleInfoA
LCMapStringA
GetCurrentProcess
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FatalAppExitA
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineA
GetUserDefaultLCID
InterlockedCompareExchange
TlsFree
GetLocaleInfoW
CompareStringW
HeapAlloc
InitializeCriticalSection
WideCharToMultiByte
GetStringTypeA
SetFilePointer
InterlockedExchange
WriteFile
GetStartupInfoA
CompareStringA
IsValidLocale
GetACP
HeapReAlloc
GetStringTypeW
GetProcAddress
SetEnvironmentVariableA
GetOEMCP
TerminateProcess
GetTimeZoneInformation
IsValidCodePage
HeapCreate
SetLastError
VirtualFree
InterlockedDecrement
Sleep
GetFileType
TlsSetValue
GetCurrentThreadId
GetVersion
InterlockedIncrement
VirtualAlloc
GetModuleHandleA
CloseHandle
SHQueryValueExW
GetSubMenu
SetWindowLongW
CheckMenuItem
SendMessageW
ReleaseDC
InflateRect
GetActiveWindow
DestroyIcon
SetMenuItemInfoA
SetWindowTextW
PostMessageW
SetActiveWindow
Number of PE resources by type
RT_MANIFEST 1
RT_STRING 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2014:08:03 20:57:40+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
98304

LinkerVersion
7.1

EntryPoint
0xf6f5

InitializedDataSize
32768

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 0b1166369536bfd204774cae3fe83a68
SHA1 c8761af1a8ccf01bd44b8559a7dc0682c33a194b
SHA256 12bcae20e6ec070e1bf84b99d600dbd891fe816e3de540af685352bb47661879
ssdeep
3072:9akculMWdZIa5n6l5LtnLICPAhI7DBA31pwkOnRvhZ7Ls+:0kcUdZIa5n6jB0hIfBw1prOnRL

authentihash 085774c47229c07266aa37ca4aa81b94c6311e644ce03192c6617c209dc7498e
imphash 4caa43d2969846c9cee9e6b1cd21eb0a
File size 128.0 KB ( 131072 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2015-10-06 12:44:56 UTC ( 3 years, 4 months ago )
Last submission 2015-10-06 15:37:39 UTC ( 3 years, 4 months ago )
File names ponnedel.exe
game4free.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Created mutexes
Runtime DLLs