× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 176f96b1516ba4fba24035808f9428ff48123d4069db5b600ebcb7528c48d1f8
File name: audacity-win-2.1.2.exe
Detection ratio: 18 / 54
Analysis date: 2016-08-03 18:55:15 UTC ( 2 years, 9 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.3439540 20160803
AegisLab Troj.Dropper.Gen!c 20160803
Arcabit Trojan.Generic.D347BB4 20160803
AVG Win32/DH{Dg?} 20160803
Avira (no cloud) TR/Dropper.Gen 20160803
BitDefender Trojan.GenericKD.3439540 20160803
DrWeb Trojan.Siggen6.64347 20160803
Emsisoft Trojan.GenericKD.3439540 (B) 20160803
ESET-NOD32 Win32/KillMBR.NBQ 20160803
F-Secure Trojan.GenericKD.3439540 20160803
GData Trojan.GenericKD.3439540 20160803
Ikarus Trojan.Dropper 20160803
Kaspersky Trojan.Win32.DiskWriter.fg 20160803
Malwarebytes Bootkit.Agent.MBR 20160803
McAfee Artemis!8EB591A86092 20160803
McAfee-GW-Edition BehavesLike.Win32.Pate.fm 20160803
eScan Trojan.GenericKD.3439540 20160803
Symantec Heur.AdvML.B 20160803
AhnLab-V3 20160803
Alibaba 20160803
ALYac 20160803
Antiy-AVL 20160803
Avast 20160803
AVware 20160803
Baidu 20160803
Bkav 20160803
CAT-QuickHeal 20160803
ClamAV 20160803
CMC 20160803
Comodo 20160803
Cyren 20160803
F-Prot 20160803
Fortinet 20160803
Jiangmin 20160803
K7AntiVirus 20160803
K7GW 20160803
Kingsoft 20160803
Microsoft 20160803
NANO-Antivirus 20160803
nProtect 20160803
Panda 20160803
Qihoo-360 20160803
Sophos AV 20160803
SUPERAntiSpyware 20160803
Tencent 20160803
TheHacker 20160803
TrendMicro 20160803
TrendMicro-HouseCall 20160803
VBA32 20160802
VIPRE 20160803
ViRobot 20160803
Yandex 20160803
Zillya 20160803
Zoner 20160803
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 2015. All rights reserved.

Product Audacity®
File version 2.1.2.0
Description Audacity® 2.1.2 Setup
Comments This installation was built with Inno Setup.
Packers identified
F-PROT appended, embedded
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1970-01-04 19:01:20
Entry Point 0x00001280
Number of sections 13
PE sections
Overlays
MD5 70c0221c970fa82b1fa04adbf9cb25e4
File type data
Offset 348160
Size 14524
Entropy 3.87
PE imports
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
GetModuleHandleA
GetLastError
VirtualProtect
VirtualQuery
SetUnhandledExceptionFilter
WriteFile
TlsGetValue
ExitProcess
CloseHandle
CreateFileA
GetProcAddress
LeaveCriticalSection
_cexit
__p__fmode
__p__environ
fwrite
signal
free
_onexit
atexit
abort
_setmode
vfprintf
__getmainargs
calloc
_iob
memcpy
__set_app_type
Number of PE resources by type
RT_ICON 33
RT_STRING 6
RT_RCDATA 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 37
NEUTRAL 9
PE resources
ExifTool file metadata
UninitializedDataSize
512

Comments
This installation was built with Inno Setup.

LinkerVersion
2.24

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
2.1.2.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
342016

EntryPoint
0x1280

MIMEType
application/octet-stream

LegalCopyright
Copyright 2015. All rights reserved.

FileVersion
2.1.2.0

TimeStamp
1970:01:04 20:01:20+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
4.0

ProductVersion
2,1,2,0

FileDescription
Audacity 2.1.2 Setup

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Audacity Team

CodeSize
3584

ProductName
Audacity

ProductVersionNumber
2.1.2.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 8eb591a860923ea0730f7ff4d54b6b0a
SHA1 c60a4a24fb5211587a80711578f657a509cf48bc
SHA256 176f96b1516ba4fba24035808f9428ff48123d4069db5b600ebcb7528c48d1f8
ssdeep
6144:pimnuuufvBn2l72DorOy/Tuuu1hdyjAFqcoxBIU9CdGKuuueU888888888888W8h:0nRGOyc/FRcB5CdGqU888888888888W0

authentihash 6e2dddccfd6fc00076fc7d7776599f920673a924e64ee8e3ee317bab18211bc4
imphash b32daf0bb9b8128e4ceae88e93d599b4
File size 354.2 KB ( 362684 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.3%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-08-02 23:28:44 UTC ( 2 years, 9 months ago )
Last submission 2016-08-04 08:42:42 UTC ( 2 years, 9 months ago )
File names audacity-win-2.1.2.exe
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspicious_GEN.F47V0803.

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files