× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 252b9b21e50dca6316237c9f742e56fe721bc97a9d8bc1d2bdf79faa4d23f9ec
File name: cleanmypc.exe
Detection ratio: 19 / 68
Analysis date: 2018-01-02 09:38:10 UTC ( 2 weeks ago )
Antivirus Result Update
Ad-Aware Gen:Heur.Veil.6 20171225
ALYac Gen:Heur.Veil.6 20180101
Arcabit Trojan.Veil.6 20180102
BitDefender Gen:Heur.Veil.6 20180102
CrowdStrike Falcon (ML) malicious_confidence_80% (D) 20171016
Cybereason malicious.1b8fb7 20171103
DrWeb Trojan.Siggen7.29402 20180102
Emsisoft Gen:Heur.Veil.6 (B) 20180102
Endgame malicious (high confidence) 20171130
F-Secure Gen:Heur.Veil.6 20180102
GData Gen:Heur.Veil.6 20180102
Sophos ML heuristic 20170914
Jiangmin Trojan.Generic.bfvzx 20180102
MAX malware (ai score=81) 20180102
McAfee-GW-Edition BehavesLike.Win32.Backdoor.rc 20180102
eScan Gen:Heur.Veil.6 20180102
SentinelOne (Static ML) static engine - malicious 20171224
VBA32 Trojan-Ransom.Crypren 20171229
Yandex Trojan.DownLoader! 20171229
AegisLab 20180102
AhnLab-V3 20180102
Alibaba 20180102
Antiy-AVL 20180102
Avast 20180102
Avast-Mobile 20171231
AVG 20180102
Avira (no cloud) 20180102
AVware 20180102
Baidu 20180102
Bkav 20171229
CAT-QuickHeal 20180101
ClamAV 20180102
CMC 20180102
Comodo 20180102
Cylance 20180102
Cyren 20180102
eGambit 20180102
ESET-NOD32 20180102
F-Prot 20180102
Fortinet 20180102
Ikarus 20180102
K7AntiVirus 20180102
K7GW 20180102
Kaspersky 20180102
Kingsoft 20180102
Malwarebytes 20180102
McAfee 20180102
Microsoft 20180102
NANO-Antivirus 20180102
nProtect 20180102
Palo Alto Networks (Known Signatures) 20180102
Panda 20180101
Qihoo-360 20180102
Rising 20171230
Sophos AV 20180102
SUPERAntiSpyware 20180102
Symantec 20180101
Tencent 20180102
TheHacker 20171229
TotalDefense 20180102
TrendMicro 20180102
TrendMicro-HouseCall 20180102
Trustlook 20180102
VIPRE 20180102
ViRobot 20180102
Webroot 20180102
WhiteArmor 20171226
Zillya 20171231
ZoneAlarm by Check Point 20180102
Zoner 20180102
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-12-11 15:09:08
Entry Point 0x0000769A
Number of sections 6
PE sections
Overlays
MD5 93aa9fdbe42355c4fd8704e07bf96471
File type data
Offset 243712
Size 4087892
Entropy 8.00
PE imports
GetStdHandle
GetDriveTypeW
FileTimeToSystemTime
WaitForSingleObject
SystemTimeToTzSpecificLocalTime
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
FreeEnvironmentStringsW
InitializeSListHead
SetStdHandle
GetCPInfo
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetOEMCP
FindClose
TlsGetValue
FormatMessageA
GetFullPathNameW
GetEnvironmentVariableW
SetLastError
PeekNamedPipe
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
RaiseException
SetConsoleCtrlHandler
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
SetEnvironmentVariableW
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
DecodePointer
SetEnvironmentVariableA
TerminateProcess
GetModuleHandleExW
ReadConsoleW
GetCurrentThreadId
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
GetExitCodeProcess
QueryPerformanceCounter
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
FreeLibrary
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CompareStringW
RemoveDirectoryW
ExpandEnvironmentStringsW
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GetShortPathNameW
GetConsoleCP
GetEnvironmentStringsW
GetCurrentDirectoryW
GetCurrentProcessId
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
SetEndOfFile
TlsFree
ReadFile
CloseHandle
SetDllDirectoryW
GetACP
GetModuleHandleW
GetFileAttributesExW
IsValidCodePage
WriteFile
CreateProcessW
Sleep
Number of PE resources by type
RT_ICON 7
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 8
PE resources
Debug information
File identification
MD5 f1753afb91bc922abc2b5490d6ef3e31
SHA1 8b79b613ffd592394840f69ee75e67a1e94c1bef
SHA256 252b9b21e50dca6316237c9f742e56fe721bc97a9d8bc1d2bdf79faa4d23f9ec
ssdeep
98304:5oMTdBAEoDCqphsDq7gRChw3SWxfbneBDHSqhsYjRQJ:a8xCzmqKPiMbSHSqhsoRQ

authentihash 1b2bfcacd092e8e69492ceb6aca338a1fa14cea3eb057ad4dfd97eaa08b7bd18
imphash fc40519af20116c903e3ff836e366e39
File size 4.1 MB ( 4331604 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID InstallShield setup (50.1%)
Win64 Executable (generic) (32.2%)
Win32 Dynamic Link Library (generic) (7.6%)
Win32 Executable (generic) (5.2%)
Generic Win/DOS Executable (2.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2018-01-02 09:38:10 UTC ( 2 weeks ago )
Last submission 2018-01-02 09:38:10 UTC ( 2 weeks ago )
File names cleanmypc.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!