× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1bb25a376de61b0320675b64a6ad6cca32491bfe27d678736a26d7965f419352
File name: Pidgin Portable
Detection ratio: 49 / 56
Analysis date: 2015-07-27 17:58:43 UTC ( 2 days, 18 hours ago )
Antivirus Result Update
ALYac Trojan.GenericKD.1160724 20150727
AVG Downloader.Agent2.BOXS 20150727
AVware Trojan.Win32.Generic!BT 20150727
Ad-Aware Trojan.GenericKD.1160724 20150727
Agnitum Backdoor.Androm!YdIVY1Cfyt0 20150727
AhnLab-V3 Trojan/Win32.Inject 20150727
Antiy-AVL Trojan[Backdoor]/Win32.Androm 20150727
Arcabit Trojan.Generic.D11B614 20150727
Avast Win32:Crypt-QTC [Trj] 20150727
Avira TR/Spy.ZBot.zurg 20150727
Baidu-International Backdoor.Win32.Androm.aicv 20150727
BitDefender Trojan.GenericKD.1160724 20150727
CAT-QuickHeal Trojan.Lethic.B5 20150727
Comodo TrojWare.Win32.Injector.ALON 20150727
Cyren W32/Trojan.TYZZ-8760 20150727
DrWeb BackDoor.Tishop.55 20150727
ESET-NOD32 Win32/TrojanDownloader.Zurgop.AW 20150727
Emsisoft Trojan.GenericKD.1160724 (B) 20150727
F-Prot W32/Trojan3.FSG 20150727
F-Secure Trojan.GenericKD.1160724 20150727
Fortinet W32/Agent.3487!tr 20150727
GData Trojan.GenericKD.1160724 20150727
Ikarus Trojan.Injector 20150727
K7AntiVirus Trojan ( 0001140e1 ) 20150727
K7GW Trojan ( 0001140e1 ) 20150727
Kaspersky Backdoor.Win32.Androm.aicv 20150727
Kingsoft Win32.Troj.Undef.(kcloud) 20150727
Malwarebytes Trojan.Agent.ED 20150727
McAfee Generic Dropper.p 20150727
McAfee-GW-Edition Generic Dropper.p 20150727
MicroWorld-eScan Trojan.GenericKD.1160724 20150727
Microsoft VirTool:Win32/Injector.gen!EE 20150727
NANO-Antivirus Trojan.Win32.Androm.cbqflc 20150727
Panda Trj/Agent.IVN 20150727
Qihoo-360 HEUR/Malware.QVM10.Gen 20150727
Rising PE:Trojan.Win32.Generic.1594024D!362021453 20150722
SUPERAntiSpyware Trojan.Agent/Gen-Malagent 20150727
Sophos Troj/Agent-ADBN 20150727
Symantec Trojan Horse 20150727
Tencent Win32.Backdoor.Androm.Ecaj 20150727
TotalDefense Win32/Dofoil.MZ 20150727
TrendMicro TROJ_ZURGOP.AI 20150727
TrendMicro-HouseCall TROJ_ZURGOP.AI 20150727
VBA32 BScope.Malware-Cryptor.Oop 20150727
VIPRE Trojan.Win32.Generic!BT 20150727
ViRobot Trojan.Win32.S.Inject.94208.Y[h] 20150727
Zillya Backdoor.Androm.Win32.1873 20150727
Zoner Trojan.Zurgop.AW 20150727
nProtect Trojan.GenericKD.1160724 20150727
AegisLab 20150727
Alibaba 20150727
Bkav 20150727
ByteHero 20150727
ClamAV 20150727
Jiangmin 20150726
TheHacker 20150727
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
John T. Haller

Publisher PortableApps.com
Product Pidgin Portable
Original name PidginPortable.exe
Internal name Pidgin Portable
File version 1.6.9.0
Description Pidgin Portable
Comments Allows Pidgin to be run from a removable drive. For additional details, visit PortableApps.com/PidginPortable
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-08-05 06:37:38
Link date 7:37 AM 8/5/2013
Entry Point 0x00002344
Number of sections 4
PE sections
PE imports
AddAuditAccessAceEx
ClusterNodeGetEnumCount
OfflineClusterGroup
ClusterNetworkOpenEnum
CreateClusterResource
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetModuleFileNameW
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
GetModuleFileNameA
RtlUnwind
IsProcessorFeaturePresent
HeapSetInformation
GetCurrentProcess
EnumSystemLocalesA
GetLocaleInfoA
GetCurrentProcessId
GetUserDefaultLCID
WideCharToMultiByte
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetStartupInfoW
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
EncodePointer
GetLocaleInfoW
GetCPInfo
LoadLibraryW
TlsFree
DeleteCriticalSection
SetUnhandledExceptionFilter
WriteFile
GetSystemTimeAsFileTime
IsValidLocale
GetACP
HeapReAlloc
DecodePointer
GetModuleHandleW
TerminateProcess
IsValidCodePage
HeapCreate
GetStringTypeW
InterlockedDecrement
Sleep
GetFileType
GetTickCount
TlsSetValue
HeapAlloc
GetCurrentThreadId
LeaveCriticalSection
SetLastError
InterlockedIncrement
Number of PE resources by type
RT_FONT 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
SPANISH PUERTO RICO 1
ExifTool file metadata
LegalTrademarks
PortableApps.com is a Trademark of Rare Ideas, LLC.

SubsystemVersion
5.0

Comments
Allows Pidgin to be run from a removable drive. For additional details, visit PortableApps.com/PidginPortable

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.6.9.0

LanguageCode
Neutral

FileFlagsMask
0x0000

FileDescription
Pidgin Portable

CharacterSet
Unicode

InitializedDataSize
55296

EntryPoint
0x2344

OriginalFileName
PidginPortable.exe

MIMEType
application/octet-stream

LegalCopyright
John T. Haller

FileVersion
1.6.9.0

TimeStamp
2013:08:05 07:37:38+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Pidgin Portable

ProductVersion
1.6.9.0

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
PortableApps.com

CodeSize
37888

ProductName
Pidgin Portable

ProductVersionNumber
1.6.9.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 898101c6689522c336f6d2c6aabd6c8c
SHA1 13ca128ec610087f149f1eca38be78db5a6b830b
SHA256 1bb25a376de61b0320675b64a6ad6cca32491bfe27d678736a26d7965f419352
ssdeep
1536:wULC+gq6Bmovx3Uzd5+Pq84iIE9gzJZntLc+:w8u3Y+PBfCP2+

authentihash 3c90aff05b261c0d49a095e899fe5ede57552203c365fc9efe09f084a2b23e95
imphash 5890f4f64d9744a8bb8a11af4e09eed7
File size 92.0 KB ( 94208 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2013-08-05 06:58:22 UTC ( 1 year, 11 months ago )
Last submission 2015-06-12 11:11:46 UTC ( 1 month, 2 weeks ago )
File names WL-0e0aeea0611341898ce4a867e5f3536d-0
Pidgin Portable
898101c6689522c336f6d2c6aabd6c8c.bin
PictureMMS.pic.exe
006430075
Picture_875994093433_MMS.pic.exe
PidginPortable.exe
Picture 875994093433 MMS.pic.exe
vt-upload-vi0Lt
gtimer.exe
Your Bill Summary REF.875633028831.pdf.exe
898101c6689522c336f6d2c6aabd6c8c
vt-upload-MTBoQ
vt-upload-Uc8ks
Picture%20875994093433%20MMS.pic.exe
file-5797904_exe
vt-upload-pdpSI
vt-upload-Q5dCq
jrgtivdb.exe old
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!