× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 14aafe1a9bf25808976754cc3788efebb1e1fd5aa3f75c14b392af350a701c4b
File name: 1360549673-MercedesCarScreensaver.exe
Detection ratio: 0 / 56
Analysis date: 2015-10-24 11:02:13 UTC ( 3 years ago )
Antivirus Result Update
Ad-Aware 20151029
AegisLab 20151029
Yandex 20151028
AhnLab-V3 20151029
Alibaba 20151029
ALYac 20151029
Antiy-AVL 20151029
Arcabit 20151029
Avast 20151029
AVG 20151029
Avira (no cloud) 20151029
AVware 20151029
Baidu-International 20151029
BitDefender 20151029
Bkav 20151029
ByteHero 20151029
CAT-QuickHeal 20151029
ClamAV 20151029
CMC 20151029
Comodo 20151029
Cyren 20151029
DrWeb 20151029
Emsisoft 20151029
ESET-NOD32 20151029
F-Prot 20151029
F-Secure 20151029
Fortinet 20151029
GData 20151029
Ikarus 20151029
Jiangmin 20151028
K7AntiVirus 20151029
K7GW 20151029
Kaspersky 20151029
Malwarebytes 20151029
McAfee 20151029
McAfee-GW-Edition 20151029
Microsoft 20151029
eScan 20151029
NANO-Antivirus 20151029
nProtect 20151029
Panda 20151028
Qihoo-360 20151029
Rising 20151028
Sophos AV 20151029
SUPERAntiSpyware 20151028
Symantec 20151028
Tencent 20151029
TheHacker 20151028
TotalDefense 20151029
TrendMicro 20151029
TrendMicro-HouseCall 20151029
VBA32 20151028
VIPRE 20151029
ViRobot 20151029
Zillya 20151029
Zoner 20151029
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x0014C180
Number of sections 3
PE sections
Overlays
MD5 c32eec14d7d5edb1f3d5bf9dec48a974
File type data
Offset 447488
Size 990863
Entropy 7.94
PE imports
LoadLibraryA
ExitProcess
GetProcAddress
RegCloseKey
ImageList_Add
SaveDC
ImmGetContext
IsEqualGUID
GetErrorInfo
ShellExecuteA
timeGetTime
OpenPrinterA
Number of PE resources by type
RT_BITMAP 31
RT_STRING 25
RT_RCDATA 8
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_ICON 2
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 70
ENGLISH US 6
CHINESE SIMPLIFIED 3
RUSSIAN 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
442368

LinkerVersion
2.25

FileTypeExtension
exe

InitializedDataSize
8192

SubsystemVersion
4.0

EntryPoint
0x14c180

OSVersion
1.0

ImageVersion
0.0

UninitializedDataSize
917504

File identification
MD5 33410b6d7e12ea1c2e1f57281353bc47
SHA1 3eac2e195c63b5d3ae268a43061789cdb4b76157
SHA256 14aafe1a9bf25808976754cc3788efebb1e1fd5aa3f75c14b392af350a701c4b
ssdeep
24576:AwpnPFl8lotN8tvOjNgv0k4LgiP+TdPEvLXU+LdxegVaaG0J5FsQMkqJXpI:Hh3/8EjnL0TWvbxFVaaR5FsQMs

authentihash 7e660f8c6e2ace62b46333db8ee08bff67b63e8eb80ca38d25e35d496af57bb9
imphash 2b5623515a23f729c0e197a11b466bc5
File size 1.4 MB ( 1438351 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (41.1%)
Win32 EXE Yoda's Crypter (35.7%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Win16/32 Executable Delphi generic (2.7%)
Tags
peexe upx overlay

VirusTotal metadata
First submission 2015-10-02 05:58:37 UTC ( 3 years, 1 month ago )
Last submission 2015-10-02 05:58:37 UTC ( 3 years, 1 month ago )
File names 14AAFE1A9BF25808976754CC3788EFEBB1E1FD5AA3F75C14B392AF350A701C4B.exe
1360549673-MercedesCarScreensaver.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Searched windows
Runtime DLLs