× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 26420f241c1535d0013d024898436f1b0b0a9655db4e08649a9c2a47da99e226
File name: curl
Detection ratio: 1 / 67
Analysis date: 2019-03-14 23:48:20 UTC ( 2 months, 1 week ago )
Antivirus Result Update
VBA32 BScope.Trojan.Downloader 20190314
Acronis 20190313
Ad-Aware 20190314
AegisLab 20190314
AhnLab-V3 20190314
ALYac 20190315
Antiy-AVL 20190314
Arcabit 20190314
Avast 20190315
Avast-Mobile 20190314
AVG 20190315
Avira (no cloud) 20190314
Babable 20180918
Baidu 20190306
BitDefender 20190315
Bkav 20190314
CAT-QuickHeal 20190314
ClamAV 20190314
CMC 20190314
Comodo 20190314
CrowdStrike Falcon (ML) 20190212
Cybereason 20190109
Cylance 20190315
Cyren 20190315
DrWeb 20190315
eGambit 20190315
Emsisoft 20190315
Endgame 20190215
ESET-NOD32 20190314
F-Prot 20190314
F-Secure 20190315
Fortinet 20190315
GData 20190314
Ikarus 20190314
Sophos ML 20190313
Jiangmin 20190314
K7AntiVirus 20190314
K7GW 20190314
Kaspersky 20190314
Kingsoft 20190315
Malwarebytes 20190314
MAX 20190315
McAfee 20190314
McAfee-GW-Edition 20190314
Microsoft 20190314
eScan 20190314
NANO-Antivirus 20190314
Palo Alto Networks (Known Signatures) 20190315
Panda 20190314
Qihoo-360 20190315
Rising 20190314
SentinelOne (Static ML) 20190311
Sophos AV 20190314
SUPERAntiSpyware 20190314
Symantec 20190314
Symantec Mobile Insight 20190220
TACHYON 20190314
Tencent 20190315
TheHacker 20190308
Trapmine 20190301
TrendMicro-HouseCall 20190314
Trustlook 20190315
ViRobot 20190314
Webroot 20190315
Yandex 20190314
Zillya 20190314
ZoneAlarm by Check Point 20190314
Zoner 20190315
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
© 1996 - 2018 Daniel Stenberg, <daniel@haxx.se>.

Product The curl executable
Original name curl.exe
Internal name curl
File version 7.59.0
Description The curl executable
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-03-14 06:45:41
Entry Point 0x00001500
Number of sections 10
PE sections
PE imports
CryptReleaseContext
RegisterEventSourceW
CryptAcquireContextA
DeregisterEventSource
CryptGetHashParam
CryptGenRandom
ReportEventW
CryptAcquireContextW
CryptHashData
CryptDestroyHash
CryptCreateHash
CertFreeCertificateContext
GetSystemTime
GetLastError
InitializeCriticalSection
GetStdHandle
EnterCriticalSection
PeekNamedPipe
ReadFile
UnmapViewOfFile
GetModuleFileNameW
DeleteFiber
FreeLibrary
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
ExitProcess
TlsAlloc
VirtualProtect
GetModuleFileNameA
VirtualQuery
LoadLibraryA
VerSetConditionMask
CreateFiber
ConvertFiberToThread
GetCurrentProcess
SystemTimeToFileTime
GetConsoleMode
GetCurrentProcessId
SetFileTime
GetModuleHandleW
VerifyVersionInfoA
UnhandledExceptionFilter
MultiByteToWideChar
MapViewOfFile
GetProcAddress
GetConsoleScreenBufferInfo
SwitchToFiber
GetFileType
GetFileTime
SetEndOfFile
WideCharToMultiByte
LoadLibraryW
TlsFree
GetModuleHandleA
DeleteCriticalSection
FindNextFileW
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
CloseHandle
GetSystemTimeAsFileTime
CreateFileMappingA
FindFirstFileW
TerminateProcess
GetSystemDirectoryA
WaitForMultipleObjects
ExpandEnvironmentStringsA
ReadConsoleA
FormatMessageW
GlobalMemoryStatus
GetTimeZoneInformation
ConvertThreadToFiber
GetVersion
GetModuleHandleExW
GetEnvironmentVariableA
SetConsoleMode
WaitForSingleObject
SleepEx
SearchPathA
FindClose
TlsGetValue
Sleep
FormatMessageA
ReadConsoleW
TlsSetValue
CreateFileA
GetTickCount
GetCurrentThreadId
GetEnvironmentVariableW
SetLastError
LeaveCriticalSection
IdnToAscii
IdnToUnicode
SendMessageA
FindWindowA
GetProcessWindowStation
MessageBoxW
GetUserObjectInformationW
getaddrinfo
htonl
shutdown
getnameinfo
accept
ioctlsocket
WSAStartup
freeaddrinfo
connect
getsockname
htons
WSASetLastError
WSAGetLastError
gethostname
getsockopt
recv
ntohl
send
ntohs
select
listen
__WSAFDIsSet
WSACleanup
gethostbyname
getpeername
closesocket
WSAIoctl
setsockopt
socket
bind
recvfrom
sendto
__lconv_init
_lock
fclose
_snwprintf
strtoul
_fstat
fflush
_getpid
_fmode
strtol
__initenv
strtok
fwrite
fputs
isspace
_close
rewind
_isatty
_wfopen
_write
memcpy
strstr
memmove
signal
_mkdir
strcmp
memchr
strncmp
memset
strcat
_stricmp
_setmode
fgets
strchr
isxdigit
ftell
exit
sprintf
strrchr
_acmdln
strcspn
fputc
ferror
gmtime
free
_fstati64
_strtoi64
_stat
_lseeki64
_vsnprintf
putchar
puts
_read
strcpy
islower
_exit
isupper
_iob
setlocale
realloc
__getmainargs
__dllonexit
calloc
isprint
_access
printf
_getch
fopen
_vsnwprintf
strncpy
_cexit
raise
isalnum
_sys_nerr
qsort
_open
_onexit
wcslen
memcmp
__setusermatherr
getenv
_stati64
atoi
vfprintf
localeconv
strerror
wcscpy
_beginthreadex
strspn
_strnicmp
localtime
malloc
sscanf
fread
_chmod
abort
fprintf
feof
_amsg_exit
_errno
strlen
fseek
_get_osfhandle
_strdup
_fileno
tolower
_unlock
strpbrk
fwprintf
setbuf
_initterm
time
wcsstr
getc
setvbuf
__set_app_type
ldap_get_dn
ldap_first_entry
ldap_bind_s
ldap_unbind_s
ldap_value_free_len
ldap_err2string
ldap_msgfree
ldap_get_values_len
ldap_first_attribute
ldap_memfree
ldap_search_s
ldap_next_entry
ber_free
ldap_set_option
ldap_simple_bind_s
ldap_init
ldap_next_attribute
ldap_sslinit
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
15872

InitializedDataSize
3311616

ImageVersion
1.0

ProductName
The curl executable

FileVersionNumber
7.59.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, No line numbers, No symbols, 32-bit, No debug

CharacterSet
Unicode

LinkerVersion
2.29

FileTypeExtension
exe

OriginalFileName
curl.exe

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
7.59.0

License
https://curl.haxx.se/docs/copyright.html

TimeStamp
2018:03:14 07:45:41+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
curl

SubsystemVersion
4.0

ProductVersion
7.59.0

FileDescription
The curl executable

OSVersion
4.0

FileOS
Win32

LegalCopyright
1996 - 2018 Daniel Stenberg, <daniel@haxx.se>.

MachineType
Intel 386 or later, and compatibles

CompanyName
curl, https://curl.haxx.se/

CodeSize
2506752

FileSubtype
0

ProductVersionNumber
7.59.0.0

EntryPoint
0x1500

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 7b754e3bba6e66713195636a14c6cb98
SHA1 56ac985588858008caa403992f62af2ca70b0f36
SHA256 26420f241c1535d0013d024898436f1b0b0a9655db4e08649a9c2a47da99e226
ssdeep
98304:1pIQMe5XiC/kvRsYg4DgGqW14rUaJ1Pg2QJtPJdHQ:pICsvRsYg4DgGqWWoaJxg2eH

authentihash 9f3f6818afa69c90ae2e4e228b2667ad3a5683f9aeb0353c60ff3c93de10acab
imphash 51347cf625da0d39aa01d5f96d6cd3e9
File size 3.2 MB ( 3315712 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (33.7%)
Win64 Executable (generic) (29.8%)
Microsoft Visual C++ compiled executable (generic) (17.8%)
Win32 Dynamic Link Library (generic) (7.1%)
Win32 Executable (generic) (4.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-04-27 18:18:35 UTC ( 1 year ago )
Last submission 2018-05-26 21:25:18 UTC ( 12 months ago )
File names curl
curl.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!