× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 28b066f33f28bc58dec1abf8f7e3a5499854dc960d8083cf49236759f5ad34b8
File name: 1360569789-texted_setup.exe
Detection ratio: 0 / 56
Analysis date: 2015-08-06 00:47:31 UTC ( 3 years, 6 months ago )
Antivirus Result Update
Ad-Aware 20150806
AegisLab 20150805
Yandex 20150805
AhnLab-V3 20150805
Alibaba 20150803
ALYac 20150805
Antiy-AVL 20150805
Arcabit 20150805
Avast 20150805
AVG 20150805
Avira (no cloud) 20150806
AVware 20150806
Baidu-International 20150805
BitDefender 20150806
Bkav 20150805
ByteHero 20150806
CAT-QuickHeal 20150805
ClamAV 20150805
Comodo 20150805
Cyren 20150805
DrWeb 20150805
Emsisoft 20150806
ESET-NOD32 20150806
F-Prot 20150806
F-Secure 20150806
Fortinet 20150804
GData 20150806
Ikarus 20150805
Jiangmin 20150804
K7AntiVirus 20150805
K7GW 20150805
Kaspersky 20150806
Kingsoft 20150806
Malwarebytes 20150805
McAfee 20150806
McAfee-GW-Edition 20150805
Microsoft 20150805
eScan 20150806
NANO-Antivirus 20150805
nProtect 20150805
Panda 20150805
Qihoo-360 20150806
Rising 20150731
Sophos AV 20150806
SUPERAntiSpyware 20150805
Symantec 20150806
Tencent 20150806
TheHacker 20150805
TotalDefense 20150806
TrendMicro 20150806
TrendMicro-HouseCall 20150806
VBA32 20150805
VIPRE 20150806
ViRobot 20150806
Zillya 20150805
Zoner 20150806
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Green House multimedia 1998-2002

Publisher Green House multimedia
File version 3.0 ML
Description Multilanguage multifile text editor
Packers identified
F-PROT Unicode, nameless, appended, Aspack, ZIP
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2000-04-25 14:37:12
Entry Point 0x000021AF
Number of sections 4
PE sections
Overlays
MD5 eb021797a64c0b8bc1505a52c534dd9a
File type data
Offset 14848
Size 950664
Entropy 8.00
PE imports
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
GetDeviceCaps
SelectPalette
SelectObject
PatBlt
CreateFontA
CreatePalette
GetStockObject
TextOutA
CreateSolidBrush
SetBkMode
DeleteObject
RealizePalette
SetTextColor
StretchDIBits
GetLastError
lstrlenA
GlobalFree
FreeLibrary
ExitProcess
GetVersionExA
GlobalUnlock
GetModuleFileNameA
LoadLibraryA
WinExec
OpenFile
GetCurrentProcess
_lwrite
lstrcatA
GetWindowsDirectoryA
SetErrorMode
_llseek
GetCommandLineA
GetProcAddress
_lread
GetTempPathA
_lcreat
_lclose
GetModuleHandleA
lstrcpyA
_lopen
MulDiv
GetTempFileNameA
GlobalLock
LocalFree
GlobalAlloc
FormatMessageA
DrawTextA
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
ReleaseDC
EndPaint
BeginPaint
MessageBoxA
ExitWindowsEx
SendMessageA
GetClientRect
SetTimer
SetWindowPos
PostQuitMessage
DefWindowProcA
ShowWindow
UpdateWindow
wsprintfA
GetDC
InvalidateRect
PE exports
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

XXXXXXXXXXXXXXXX
,FileDescription

InitializedDataSize
5632

ImageVersion
4.0

FileVersionNumber
3.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

XXXX
|,LegalCopyright

CharacterSet
Windows, Latin1

LinkerVersion
6.0

FileTypeExtension
exe

MIMEType
application/octet-stream

FileVersion
3.0 ML

TimeStamp
2000:04:25 15:37:12+01:00

FileType
Win32 EXE

PEType
PE32

tilanguagemultifiletexteditor
XXXXXXX

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows 16-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Green House multimedia

CodeSize
8704

FileSubtype
0

ProductVersionNumber
3.0.0.0

EntryPoint
0x21af

ObjectFileType
Executable application

File identification
MD5 99b83cf4b06db85ab4b2f0787dbe90c3
SHA1 061e77815810708bbc5057b0b6c29a8e19a289eb
SHA256 28b066f33f28bc58dec1abf8f7e3a5499854dc960d8083cf49236759f5ad34b8
ssdeep
24576:xsapsS03Zdyrh40n2x4S5v+UusFVf58bAZYpX:xL0pdyrhFn2xZ5GV2f5QAq

authentihash 3c81591a88a134d5972854dad981def98240589c298d3d55c809766cb226997a
imphash 5318cd03ef5b5da86800f1483484cfd0
File size 942.9 KB ( 965512 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Wise Installer executable (98.1%)
Win32 Dynamic Link Library (generic) (0.8%)
Win32 Executable (generic) (0.5%)
Generic Win/DOS Executable (0.2%)
DOS Executable Generic (0.2%)
Tags
peexe aspack overlay

VirusTotal metadata
First submission 2010-01-23 03:32:05 UTC ( 9 years, 1 month ago )
Last submission 2015-08-06 00:47:31 UTC ( 3 years, 6 months ago )
File names texted_setup.exe
28B066F33F28BC58DEC1ABF8F7E3A5499854DC960D8083CF49236759F5AD34B8
1360569789-texted_setup.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Deleted files
Runtime DLLs