× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 23d29b22d01edc3bc6c7d388ed82c9581afbd8a80c674026e40004197ae514e4
File name: readme.exe
Detection ratio: 5 / 42
Analysis date: 2011-05-25 05:01:19 UTC ( 2 years, 11 months ago ) View latest
Antivirus Result Update
BitDefender Trojan.Generic.KD.231173 20110525
F-Secure Trojan.Generic.KD.231173 20110525
Fortinet W32/Krap.AR!tr 20110525
GData Trojan.Generic.KD.231173 20110525
McAfee-GW-Edition Heuristic.LooksLike.Heuristic.BehavesLike.Win32.Trojan.B 20110525
AVG 20110525
AhnLab-V3 20110525
AntiVir 20110525
Antiy-AVL 20110525
Avast 20110524
Avast5 20110524
CAT-QuickHeal 20110525
ClamAV 20110525
Commtouch 20110525
Comodo 20110525
DrWeb 20110524
F-Prot 20110524
Ikarus 20110525
Jiangmin 20110524
K7AntiVirus 20110524
Kaspersky 20110525
McAfee 20110525
Microsoft 20110525
NOD32 20110525
Norman 20110524
PCTools 20110519
Panda 20110525
Prevx 20110525
Rising 20110524
SUPERAntiSpyware 20110525
Sophos 20110525
Symantec 20110525
TheHacker 20110525
TrendMicro 20110525
TrendMicro-HouseCall 20110525
VBA32 20110524
VIPRE 20110525
ViRobot 20110525
VirusBuster 20110524
eSafe 20110524
eTrust-Vet 20110524
nProtect 20110525
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright © 1996-2002 Macromedia, Inc.

Publisher Macromedia, Inc.
Product Shockwave Flash
Version 6,0,21,0
Original name SAFlashPlayer.exe
Internal name Macromedia Flash Player 6.0
File version 6,0,21,0
Description Macromedia Flash Player 6.0 r21
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-03-27 05:12:10
Link date 6:12 AM 3/27/2005
Entry Point 0x00001168
Number of sections 4
PE sections
PE imports
wsprintfA
MessageBoxA
CharNextA
LoadStringA
RegOpenKeyExA
LookupPrivilegeValueA
RegQueryValueExA
RegCloseKey
OpenProcessToken
GetLastError
InitializeCriticalSection
EnterCriticalSection
lstrlenW
LoadLibraryA
lstrlenA
lstrcmpiA
WaitForSingleObject
FreeLibrary
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
GetVersionExA
GetModuleFileNameA
GetSystemDirectoryA
GetShortPathNameA
CreatePipe
GetStartupInfoA
LoadLibraryExA
SizeofResource
GetThreadLocale
GetLocaleInfoA
GetCurrentProcessId
lstrcatA
LockResource
IsDBCSLeadByte
DeleteFileA
MultiByteToWideChar
GetProcAddress
RaiseException
WideCharToMultiByte
GetModuleHandleA
IsSystemResumeAutomatic
DeleteCriticalSection
ReadFile
InterlockedExchange
WriteFile
InterlockedIncrement
CloseHandle
GetSystemTimeAsFileTime
lstrcpynA
GetACP
SetHandleInformation
OutputDebugStringA
MoveFileA
CreateProcessA
SetHandleContext
LoadResource
VirtualQuery
InterlockedDecrement
CreateFileA
ExitProcess
GetCurrentThreadId
FindResourceA
LeaveCriticalSection
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2005:03:27 06:12:10+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
9728

LinkerVersion
2.6

EntryPoint
0x1168

InitializedDataSize
368640

SubsystemVersion
4.0

ImageVersion
5.0

OSVersion
5.0

UninitializedDataSize
3584

File identification
MD5 64b7a3269f228983d0c1e9130122cd29
SHA1 234cf784038732651957dec7241e36e2b0c3403e
SHA256 23d29b22d01edc3bc6c7d388ed82c9581afbd8a80c674026e40004197ae514e4
ssdeep
3072:PkR6xUhDozupi7Z/c6JuP1wdkIkfqgebm+fed:Id9aS1wdeEbmWed

File size 148.0 KB ( 151552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.1%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2011-05-25 05:01:19 UTC ( 2 years, 11 months ago )
Last submission 2011-05-27 09:12:41 UTC ( 2 years, 11 months ago )
File names jar_cache4454243778994737536.tmp
readme.exe
SAFlashPlayer.exe
Macromedia Flash Player 6.0
C0E39F6E0082A8F250F6027234C187001E01978F.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!