× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1ac88b863d35f5f5c6ca43a5b61319006aee72629f9f690657349db5b2b902bc
File name: Assassins_Creed_Syndicate_TR_Yama_v1.00.exe
Detection ratio: 5 / 64
Analysis date: 2017-09-11 20:01:36 UTC ( 1 year, 8 months ago )
Antivirus Result Update
CAT-QuickHeal Trojan.IGENERIC 20170911
Cylance Unsafe 20170911
McAfee-GW-Edition BehavesLike.Win32.Dropper.rc 20170911
Symantec ML.Attribute.HighConfidence 20170911
TrendMicro-HouseCall Suspicious_GEN.F47V0715 20170911
Ad-Aware 20170911
AegisLab 20170911
AhnLab-V3 20170911
Alibaba 20170911
ALYac 20170911
Antiy-AVL 20170911
Arcabit 20170911
Avast 20170911
AVG 20170911
Avira (no cloud) 20170911
AVware 20170911
Baidu 20170911
BitDefender 20170911
Bkav 20170911
ClamAV 20170911
CMC 20170902
Comodo 20170911
CrowdStrike Falcon (ML) 20170804
Cyren 20170911
DrWeb 20170911
Emsisoft 20170911
Endgame 20170821
ESET-NOD32 20170911
F-Prot 20170911
F-Secure 20170911
Fortinet 20170911
GData 20170911
Ikarus 20170911
Sophos ML 20170822
Jiangmin 20170911
K7AntiVirus 20170911
K7GW 20170911
Kaspersky 20170911
Kingsoft 20170911
Malwarebytes 20170911
MAX 20170911
McAfee 20170911
Microsoft 20170911
eScan 20170911
NANO-Antivirus 20170911
nProtect 20170911
Palo Alto Networks (Known Signatures) 20170911
Panda 20170911
Qihoo-360 20170911
Rising 20170911
SentinelOne (Static ML) 20170806
Sophos AV 20170911
SUPERAntiSpyware 20170911
Symantec Mobile Insight 20170911
Tencent 20170911
TheHacker 20170911
TrendMicro 20170911
Trustlook 20170911
VBA32 20170911
VIPRE 20170911
ViRobot 20170911
Webroot 20170911
WhiteArmor 20170829
Yandex 20170908
Zillya 20170911
ZoneAlarm by Check Point 20170911
Zoner 20170911
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2015

Product Assassins Creed Syndicate Türkçe Yama
File version 1.00
Description Assassins Creed Syndicate TR v1.00
Comments Animus Projesi
Packers identified
F-PROT NSIS, docwrite, UPX, appended
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-12-05 22:50:46
Entry Point 0x000C6690
Number of sections 3
PE sections
Overlays
MD5 1f84d5300a4c337e34853bdfd3570a98
File type data
Offset 586240
Size 12295587
Entropy 8.00
PE imports
RegEnumKeyA
SetBkMode
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
ShellExecuteA
VerQueryValueA
CoTaskMemFree
Number of PE resources by type
RT_ICON 9
RT_DIALOG 5
RT_MANIFEST 1
RT_BITMAP 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 17
NEUTRAL 1
PE resources
ExifTool file metadata
LegalTrademarks
Assassins Creed Syndicate Ubisoft

SubsystemVersion
4.0

Comments
Animus Projesi

LinkerVersion
6.0

ImageVersion
6.0

CompanyWebsite
http://www.animusprojesi.com

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x0000

FileDescription
Assassins Creed Syndicate TR v1.00

CharacterSet
Windows, Latin1

InitializedDataSize
569344

EntryPoint
0xc6690

MIMEType
application/octet-stream

LegalCopyright
2015

FileVersion
1.0

TimeStamp
2009:12:05 23:50:46+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0

UninitializedDataSize
790528

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
www.animusprojesi.com

CodeSize
20480

ProductName
Assassins Creed Syndicate T rk e Yama

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 b946f98d6bc715289a5a57e9fd7f21e4
SHA1 4c573cd2b42aac6b06116ee71acfc978fa7cbec2
SHA256 1ac88b863d35f5f5c6ca43a5b61319006aee72629f9f690657349db5b2b902bc
ssdeep
393216:n7hvNYL+qLEZU1i0txpD8ieDFeeHpefiQUlW:n7hvbqjHt8Nx9drW

authentihash a57e5fe8d4c1efa69d72af437fdb130b027ed7a062d7029bcccc7b7ff52bf1e8
imphash 2134f794bcda54794e74b7208adb2204
File size 12.3 MB ( 12881827 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (39.3%)
Win32 EXE Yoda's Crypter (38.6%)
Win32 Dynamic Link Library (generic) (9.5%)
Win32 Executable (generic) (6.5%)
Generic Win/DOS Executable (2.9%)
Tags
nsis peexe upx overlay

VirusTotal metadata
First submission 2017-07-14 19:37:16 UTC ( 1 year, 10 months ago )
Last submission 2017-09-11 20:01:36 UTC ( 1 year, 8 months ago )
File names Assassins_Creed_Syndicate_TR_Yama_v1.00.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Deleted files
Created mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs
UDP communications