× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1b015a43edc6e5ef0c3d3f6a945c63e4ec3b26310b99279333aa313fe6e174f3
File name: Lost Bubble Facebook Hack by Everg0n.exe
Detection ratio: 0 / 42
Analysis date: 2012-06-19 20:03:47 UTC ( 6 years, 2 months ago ) View latest
Antivirus Result Update
AhnLab-V3 20120619
AntiVir 20120619
Antiy-AVL 20120619
Avast 20120619
AVG 20120619
BitDefender 20120619
ByteHero 20120618
CAT-QuickHeal 20120619
ClamAV 20120619
Commtouch 20120619
Comodo 20120619
DrWeb 20120619
Emsisoft 20120619
eSafe 20120617
F-Prot 20120619
F-Secure 20120619
Fortinet 20120619
GData 20120619
Ikarus 20120619
Jiangmin 20120619
K7AntiVirus 20120619
Kaspersky 20120619
McAfee 20120619
McAfee-GW-Edition 20120619
Microsoft 20120619
NOD32 20120619
Norman 20120619
nProtect 20120619
Panda 20120619
PCTools 20120619
Rising 20120619
Sophos AV 20120619
SUPERAntiSpyware 20120619
Symantec 20120619
TheHacker 20120619
TotalDefense 20120619
TrendMicro 20120619
TrendMicro-HouseCall 20120619
VBA32 20120619
VIPRE 20120619
ViRobot 20120619
VirusBuster 20120619
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © WINDT_09 2012

Publisher WINDT_09
Product WindowsApplication1
Original name WindowsApplication1.exe
Internal name WindowsApplication1.exe
File version 1.0.0.0
Description WindowsApplication1
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-06-19 19:25:47
Entry Point 0x000140AE
Number of sections 4
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
4096

ImageVersion
0.0

ProductName
WindowsApplication1

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

FileOS
Win32

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.0

TimeStamp
2012:06:19 21:25:47+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
WindowsApplication1.exe

ProductVersion
1.0.0.0

FileDescription
WindowsApplication1

OSVersion
4.0

OriginalFilename
WindowsApplication1.exe

LegalCopyright
Copyright WINDT_09 2012

MachineType
Intel 386 or later, and compatibles

CompanyName
WINDT_09

CodeSize
74240

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x140ae

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 7990ff9ee02da0c18fd8ad09d154ff8a
SHA1 f41be27335a10fce3763a7fe4ba14a1b74fabbc4
SHA256 1b015a43edc6e5ef0c3d3f6a945c63e4ec3b26310b99279333aa313fe6e174f3
ssdeep
1536:uc3L7g62VDBaB8WfXZIASkFAV5oFToFEYOGxCpEd1mcpW2fU82MahRC:jngnVDB90XZIASkFAV5oFToF2cpW2M1

File size 77.5 KB ( 79360 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (55.8%)
Win64 Executable (generic) (21.0%)
Windows Screen Saver (9.9%)
Win32 Dynamic Link Library (generic) (5.0%)
Win32 Executable (generic) (3.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2012-06-19 20:03:47 UTC ( 6 years, 2 months ago )
Last submission 2012-06-19 20:03:47 UTC ( 6 years, 2 months ago )
File names WindowsApplication1.exe
Lost Bubble Facebook Hack by Everg0n.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!