× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 23a0161af85372f01b7c9ae38c953ed5b41e681380447b849f9dd3c4bb76669d
File name: Dumpper.exe
Detection ratio: 0 / 40
Analysis date: 2012-09-29 15:24:51 UTC ( 4 years, 3 months ago )
Antivirus Result Update
AVG 20120929
AntiVir 20120929
Antiy-AVL 20120928
Avast 20120929
BitDefender 20120929
CAT-QuickHeal 20120929
ClamAV 20120929
Commtouch 20120928
Comodo 20120929
DrWeb 20120927
ESET-NOD32 20120928
Emsisoft 20120919
F-Prot 20120926
F-Secure 20120927
Fortinet 20120929
GData 20120929
Ikarus 20120929
Jiangmin 20120928
K7AntiVirus 20120929
Kaspersky 20120929
McAfee 20120927
McAfee-GW-Edition 20120928
Microsoft 20120926
Norman 20120928
PCTools 20120929
Panda 20120929
Rising 20120928
SUPERAntiSpyware 20120911
Sophos 20120929
Symantec 20120929
TheHacker 20120929
TotalDefense 20120928
TrendMicro 20120929
TrendMicro-HouseCall 20120926
VBA32 20120929
VIPRE 20120929
ViRobot 20120929
eSafe 20120927
eScan 20120926
nProtect 20120929
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c) 2012

Product WindowsApplication1
Original name Dumpper.exe
Internal name Dumpper.exe
File version 1.0.0.0
Description WindowsApplication1
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-09-28 21:13:12
Entry Point 0x0006203E
Number of sections 4
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 5
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
110592

ImageVersion
0.0

ProductName
WindowsApplication1

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

FileOS
Win32

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.0

TimeStamp
2012:09:28 14:13:12-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
Dumpper.exe

ProductVersion
1.0.0.0

FileDescription
WindowsApplication1

OSVersion
4.0

OriginalFilename
Dumpper.exe

LegalCopyright
2012

MachineType
Intel 386 or later, and compatibles

CodeSize
397312

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x6203e

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 a39cf5d978a8735deca6181931c848c6
SHA1 48a4f4116f5d33c84096692de52893cd448aec75
SHA256 23a0161af85372f01b7c9ae38c953ed5b41e681380447b849f9dd3c4bb76669d
ssdeep
6144:t6SPKpVK6SPKpVQyPKEQk0kd744UZyGPd3RVyPKEQk:QSP0SP2yLkr744SybyLk

File size 500.0 KB ( 512000 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Windows Screen Saver (47.2%)
Win32 Executable Generic (30.7%)
Win16/32 Executable Delphi generic (7.4%)
Generic Win/DOS Executable (7.2%)
DOS Executable Generic (7.2%)
Tags
peexe

VirusTotal metadata
First submission 2012-09-29 15:24:51 UTC ( 4 years, 3 months ago )
Last submission 2012-09-29 15:24:51 UTC ( 4 years, 3 months ago )
File names Dumpper.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!