× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 20d4c740b178efe56c92b44bbf930e2bd72d7e91edc4015aa80d4b8a99f30432
File name: Giana's Return +11 Trainer.exe
Detection ratio: 2 / 43
Analysis date: 2012-02-13 08:13:19 UTC ( 5 years, 4 months ago ) View latest
Antivirus Result Update
McAfee-GW-Edition Heuristic.LooksLike.Win32.Suspicious.F 20120212
VirusBuster Packed/MPress 20120212
AhnLab-V3 20120213
AntiVir 20120213
Antiy-AVL 20120212
Avast 20120212
AVG 20120213
BitDefender 20120213
ByteHero 20120212
CAT-QuickHeal 20120213
ClamAV 20120213
Commtouch 20120213
Comodo 20120213
DrWeb 20120213
Emsisoft 20120213
eSafe 20120213
eTrust-Vet 20120211
F-Prot 20120213
F-Secure 20120213
Fortinet 20120213
GData 20120213
Ikarus 20120213
Jiangmin 20120212
K7AntiVirus 20120211
Kaspersky 20120213
McAfee 20120213
Microsoft 20120213
NOD32 20120213
Norman 20120212
nProtect 20120213
Panda 20120212
PCTools 20120207
Prevx 20120213
Rising 20120210
Sophos 20120213
SUPERAntiSpyware 20120206
Symantec 20120213
TheHacker 20120212
TrendMicro 20120213
TrendMicro-HouseCall 20120213
VBA32 20120210
VIPRE 20120213
ViRobot 20120213
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2012 t2Eservo. All Rights Reserved.

Publisher t2Eservo
Product Giana's Return +11 Trainer
File version 1.0.0.0
Description Giana's Return PC game trainer
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-02-13 07:20:00
Entry Point 0x000331E8
Number of sections 3
PE sections
PE imports
OpenProcessToken
InitCommonControls
SetBkMode
GetProcAddress
GetModuleHandleA
EnumProcesses
ShellExecuteA
Number of PE resources by type
RT_BITMAP 4
RT_ICON 3
RT_DIALOG 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
162304

ImageVersion
1.0

ProductName
Giana's Return +11 Trainer

FileVersionNumber
1.0.0.0

UninitializedDataSize
27648

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
ASCII

LinkerVersion
2.56

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.0

TimeStamp
2012:02:13 08:20:00+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0.0.0

FileDescription
Giana's Return PC game trainer

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright (C) 2012 t2Eservo. All Rights Reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
t2Eservo

CodeSize
46592

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x331e8

ObjectFileType
Executable application

File identification
MD5 90c04991711dde7302f2a2926b5ee93e
SHA1 d22eada24248633159f78ca0dbd92021b5dab644
SHA256 20d4c740b178efe56c92b44bbf930e2bd72d7e91edc4015aa80d4b8a99f30432
ssdeep
1536:iqFH3FoDlPxRSLQ9RKsE5+s2rbXa23kIp5MQf8Y4j0ulZN:3lmDbRgpLS7a2deQf8pj

authentihash b6e21300b828f2fd2eb7356bed1441f90a3e52821188818b589155c1760236a9
imphash 8f33516fec20690e907603ce6049bf7b
File size 87.0 KB ( 89088 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2012-02-13 08:13:19 UTC ( 5 years, 4 months ago )
Last submission 2015-08-20 15:00:44 UTC ( 1 year, 10 months ago )
File names Giana's Return +11 Trainer.exe
Giana's Return 11 Trainer.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Searched windows
Runtime DLLs
Additional details
The file uses the IsDebuggerPresent Windows API function in order to see whether it is being debugged.