× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 191c7e8e046f1ab70ff4f761324f695f0c669b1e34a7c9ea9f941d8319e3236c
File name: youtube-dl.exe
Detection ratio: 0 / 56
Analysis date: 2016-10-02 16:58:46 UTC ( 2 years, 7 months ago )
Antivirus Result Update
Ad-Aware 20161002
AegisLab 20161002
AhnLab-V3 20161002
Alibaba 20160930
ALYac 20160930
Antiy-AVL 20161002
Arcabit 20161002
Avast 20161002
AVG 20161002
Avira (no cloud) 20161002
AVware 20161002
Baidu 20161001
BitDefender 20161002
Bkav 20161002
CAT-QuickHeal 20161001
ClamAV 20161002
CMC 20160930
Comodo 20161002
CrowdStrike Falcon (ML) 20160725
Cyren 20161002
DrWeb 20161002
ESET-NOD32 20161002
F-Prot 20160926
F-Secure 20161002
Fortinet 20161002
GData 20161002
Ikarus 20161002
Sophos ML 20160928
Jiangmin 20161002
K7AntiVirus 20161002
K7GW 20161002
Kaspersky 20161002
Kingsoft 20161002
Malwarebytes 20161002
McAfee 20161002
McAfee-GW-Edition 20161002
Microsoft 20161002
eScan 20161002
NANO-Antivirus 20161002
nProtect 20161002
Panda 20161002
Qihoo-360 20161002
Rising 20161002
Sophos AV 20161002
SUPERAntiSpyware 20161002
Symantec 20161002
Tencent 20161002
TheHacker 20161001
TrendMicro 20161002
TrendMicro-HouseCall 20161002
VBA32 20161001
VIPRE 20161002
ViRobot 20161002
Yandex 20161001
Zillya 20161001
Zoner 20161002
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Product youtube-dl
Original name youtube-dl.exe
File version 2016.08.31
Description YouTube video downloader
Comments Command-line program to download videos from YouTube.com and other video sites
Packers identified
F-PROT ZIP
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-10-21 15:22:55
Entry Point 0x0000367A
Number of sections 5
PE sections
Overlays
MD5 6e807ae4e7d05857884b3b3a8121c102
File type application/zip
Offset 2769408
Size 4714561
Entropy 7.99
PE imports
GetLastError
HeapFree
lstrlenA
GetModuleFileNameW
FreeLibrary
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
GetThreadLocale
VirtualProtect
LoadLibraryA
HeapSetInformation
GetCurrentProcess
SizeofResource
GetCurrentProcessId
LockResource
UnhandledExceptionFilter
LoadLibraryExW
GetProcAddress
InterlockedCompareExchange
EncodePointer
GetProcessHeap
GetModuleHandleA
SetDllDirectoryA
GetCurrentThreadId
InterlockedExchange
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
SetDllDirectoryW
DecodePointer
GetModuleHandleW
LocalFree
TerminateProcess
FormatMessageA
LoadResource
VirtualFree
Sleep
IsBadReadPtr
GetTickCount
OutputDebugStringA
FindResourceA
VirtualAlloc
SetLastError
strncmp
__wgetmainargs
malloc
realloc
memset
__dllonexit
_stricmp
_snwprintf
_controlfp_s
_setmode
_invoke_watson
_onexit
_fmode
__winitenv
_cexit
?terminate@@YAXXZ
strncpy
strtol
_lock
memcpy
exit
_XcptFilter
_commode
_strdup
__setusermatherr
_initterm_e
wcsrchr
_amsg_exit
_unlock
_crt_debugger_hook
_fileno
free
getenv
_except_handler4_common
atoi
wcsncmp
_initterm
wcstombs
__iob_func
_configthreadlocale
fprintf
_exit
setvbuf
__set_app_type
SHGetSpecialFolderPathW
MessageBoxA
PE exports
Number of PE resources by type
PYTHON34.DLL 1
RT_VERSION 1
PYTHONSCRIPT 1
Number of PE resources by language
NEUTRAL 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
Command-line program to download videos from YouTube.com and other video sites

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2016.8.31.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
2757120

EntryPoint
0x367a

OriginalFileName
youtube-dl.exe

MIMEType
application/octet-stream

FileVersion
2016.08.31

TimeStamp
2014:10:21 16:22:55+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.1

ProductVersion
2016.08.31

FileDescription
YouTube video downloader

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CodeSize
11264

ProductName
youtube-dl

ProductVersionNumber
1.0.0.1

FileTypeExtension
exe

ObjectFileType
Executable application

CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
File identification
MD5 fba3904229d4d468a02cf4d18c12f4f6
SHA1 445c00d1801e86f29e81b73d143bc1986b3ddde2
SHA256 191c7e8e046f1ab70ff4f761324f695f0c669b1e34a7c9ea9f941d8319e3236c
ssdeep
98304:AgJRHgOjfrjHumMb1hsjYlUlRM7VrZL/A1XTKRaupW2J4slxFZ5eEM6FA5e1ipxg:v/8L6lWjUh+EsWC4KMEM6Fce4NHW

authentihash 2e9bd326d6232dcae5a2559984ae95f15bc2c747cc599b06420b68612cc8f3ad
imphash 985a7b86c383570b8555b38c1f270b55
File size 7.1 MB ( 7483969 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 EXE PECompact compressed (generic) (47.3%)
Win32 Executable MS Visual C++ (generic) (35.5%)
Win32 Dynamic Link Library (generic) (7.4%)
Win32 Executable (generic) (5.1%)
Generic Win/DOS Executable (2.2%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-08-30 20:34:55 UTC ( 2 years, 8 months ago )
Last submission 2016-09-02 13:26:47 UTC ( 2 years, 8 months ago )
File names tmpF5E4.tmp.exe
youtube-dl.exe
fba3904229d4d468a02cf4d18c12f4f6.exe
youtube-dl-2016.08.31.exe
youtube-dl.exe
youtube-dl.exe
youtube-dl.exe
youtube-dl.exe
youtube-dl.exe
youtube-dl.exe
youtube-dl.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!