× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2133dfa771bfcd154a677b6cafcad20eb703afbd2fe91a305d165bd14504da25
File name: 5b4b64af.exe
Detection ratio: 17 / 66
Analysis date: 2018-07-15 08:46:26 UTC ( 6 months ago ) View latest
Antivirus Result Update
AegisLab Troj.MSIL.Disfa.mzOR 20180715
Avira (no cloud) TR/Dropper.Gen 20180714
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9998 20180712
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cybereason malicious.761ee8 20180225
Cylance Unsafe 20180715
Endgame malicious (high confidence) 20180711
ESET-NOD32 a variant of MSIL/TrojanDropper.Agent.DNB 20180715
Sophos ML heuristic 20180601
K7AntiVirus Trojan ( 0052a44b1 ) 20180715
K7GW Trojan ( 0052a44b1 ) 20180715
McAfee-GW-Edition BehavesLike.Win32.Generic.tm 20180715
Microsoft Trojan:MSIL/Redlonam.A 20180714
SentinelOne (Static ML) static engine - malicious 20180701
Symantec ML.Attribute.HighConfidence 20180714
TrendMicro BKDR_ASDROP.SMZSM 20180715
TrendMicro-HouseCall BKDR_ASDROP.SMZSM 20180715
Ad-Aware 20180715
AhnLab-V3 20180714
Alibaba 20180713
ALYac 20180715
Antiy-AVL 20180715
Arcabit 20180715
Avast 20180715
Avast-Mobile 20180715
AVG 20180715
AVware 20180715
Babable 20180406
BitDefender 20180715
Bkav 20180713
CAT-QuickHeal 20180714
ClamAV 20180715
CMC 20180714
Comodo 20180715
Cyren 20180715
DrWeb 20180715
eGambit 20180715
Emsisoft 20180715
F-Prot 20180715
F-Secure 20180715
Fortinet 20180715
GData 20180715
Ikarus 20180715
Jiangmin 20180715
Kaspersky 20180715
Kingsoft 20180715
Malwarebytes 20180715
MAX 20180715
McAfee 20180715
eScan 20180715
NANO-Antivirus 20180715
Palo Alto Networks (Known Signatures) 20180715
Panda 20180715
Qihoo-360 20180715
Rising 20180715
Sophos AV 20180715
SUPERAntiSpyware 20180715
TACHYON 20180715
Tencent 20180715
TheHacker 20180712
Trustlook 20180715
VBA32 20180713
VIPRE 20180715
ViRobot 20180714
Webroot 20180715
Yandex 20180713
ZoneAlarm by Check Point 20180715
Zoner 20180714
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
NCH Software

Product GoldenRecords
Original name Golden.exe
Internal name Golden
File version 2.08
Description Golden Records Vinyl to CD Converter
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-07-14 18:49:35
Entry Point 0x000F1100
Number of sections 3
.NET details
Module Version ID 8546b2c5-48f7-4c0b-ae44-b0d1a03efc94
PE sections
Overlays
MD5 7bb14c057094fd53a4e3db75f3d1f6cd
File type ASCII text
Offset 1006080
Size 628800
Entropy 0.00
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 8
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 11
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.0.0.0

LanguageCode
English (Australian)

FileFlagsMask
0x0017

FileDescription
Golden Records Vinyl to CD Converter

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
26112

EntryPoint
0xf1100

OriginalFileName
Golden.exe

MIMEType
application/octet-stream

LegalCopyright
NCH Software

FileVersion
2.08

TimeStamp
2018:07:14 20:49:35+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
Golden

ProductVersion
2.08

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
NCH Software

CodeSize
979456

ProductName
GoldenRecords

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Execution parents
File identification
MD5 8559ea29b2819d2580dd0ab237005373
SHA1 5b17c72761ee8a905f4c6956c8ce82db2d2d54f4
SHA256 2133dfa771bfcd154a677b6cafcad20eb703afbd2fe91a305d165bd14504da25
ssdeep
24576:skSCgQrPUjsdQ+OW4QHiLBAIwb/TU2gYcwjMeQ:5SCgQMUQW4JxwrTMYLMe

authentihash f8c275b019546f28ff8af951423a9e617fb877eaf754d5a8aea651a27c619116
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 1.6 MB ( 1634880 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
OS/2 Executable (generic) (1.7%)
Tags
peexe assembly overlay

VirusTotal metadata
First submission 2018-07-15 08:33:58 UTC ( 6 months ago )
Last submission 2018-10-04 02:36:38 UTC ( 3 months, 2 weeks ago )
File names Golden
Golden.exe
output.113649380.txt
5b4b64af.exe
rtengine.exe
5b4b64af.exe
Golden.exe
8559ea29b2819d2580dd0ab237005373.vir
Golden.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!