× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 294708297c16e1b9b10436d1007a150a230b2db4f6ec04ccb3b5893fee057b46
File name: 7z.sfx
Detection ratio: 0 / 56
Analysis date: 2015-08-06 12:49:47 UTC ( 1 year, 7 months ago )
Antivirus Result Update
Ad-Aware 20150806
AegisLab 20150806
Yandex 20150805
AhnLab-V3 20150806
Alibaba 20150803
ALYac 20150806
Antiy-AVL 20150806
Arcabit 20150806
Avast 20150806
AVG 20150806
Avira (no cloud) 20150806
AVware 20150806
Baidu-International 20150806
BitDefender 20150806
Bkav 20150806
ByteHero 20150806
CAT-QuickHeal 20150806
ClamAV 20150806
Comodo 20150806
Cyren 20150806
DrWeb 20150806
Emsisoft 20150806
ESET-NOD32 20150806
F-Prot 20150806
F-Secure 20150806
Fortinet 20150804
GData 20150806
Ikarus 20150806
Jiangmin 20150804
K7AntiVirus 20150806
K7GW 20150806
Kaspersky 20150806
Kingsoft 20150806
Malwarebytes 20150806
McAfee 20150806
McAfee-GW-Edition 20150806
Microsoft 20150806
eScan 20150806
NANO-Antivirus 20150806
nProtect 20150806
Panda 20150806
Qihoo-360 20150806
Rising 20150731
Sophos 20150806
SUPERAntiSpyware 20150805
Symantec 20150806
Tencent 20150806
TheHacker 20150805
TotalDefense 20150806
TrendMicro 20150806
TrendMicro-HouseCall 20150806
VBA32 20150806
VIPRE 20150806
ViRobot 20150806
Zillya 20150805
Zoner 20150806
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
: Igor Pavlov : Public domain

Publisher Igor Pavlov
Product 7-Zip
Original name 7z.sfx.exe
Internal name 7z.sfx
File version 9.38 beta
Description 7z SFX
Packers identified
F-PROT 7Z
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-01-03 17:33:20
Entry Point 0x0002234A
Number of sections 5
PE sections
Overlays
MD5 88686f873c8e373a051680e6b353eb03
File type data
Offset 181760
Size 3238
Entropy 7.92
PE imports
GetLastError
GetStdHandle
EnterCriticalSection
FileTimeToSystemTime
RemoveDirectoryW
WaitForSingleObject
GetVersionExW
SetEvent
FindNextFileW
DeleteCriticalSection
GetStartupInfoA
FileTimeToLocalFileTime
CompareFileTime
GetFileSize
SetFileTime
GetCommandLineW
MultiByteToWideChar
GetFileInformationByHandle
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
GetModuleHandleA
SetFileAttributesW
GetModuleFileNameW
SetFilePointer
ReadFile
WriteFile
GetCurrentProcess
ResetEvent
FindFirstFileW
GetProcAddress
SetPriorityClass
FreeLibrary
LocalFree
FormatMessageW
GetCurrentDirectoryW
LoadLibraryW
CreateEventW
InitializeCriticalSection
CreateFileW
VirtualFree
GetLogicalDriveStringsW
FindClose
Sleep
MoveFileW
SetEndOfFile
CloseHandle
GetTickCount
VirtualAlloc
SetLastError
LeaveCriticalSection
_purecall
__p__fmode
malloc
__CxxFrameHandler
??1type_info@@UAE@XZ
memset
__dllonexit
_controlfp
_except_handler3
?terminate@@YAXXZ
_onexit
wcslen
wcscmp
exit
_XcptFilter
memcmp
__setusermatherr
__p__commode
_acmdln
_CxxThrowException
_adjust_fdiv
free
wcscat
__getmainargs
_initterm
memmove
memcpy
_beginthreadex
_exit
__set_app_type
SysAllocStringLen
SysFreeString
VariantClear
SysAllocString
SHGetPathFromIDListW
SHGetMalloc
SHBrowseForFolderW
SHGetFileInfoW
SetFocus
GetParent
EndDialog
CharUpperW
KillTimer
ShowWindow
SetWindowLongW
MessageBoxW
GetWindowRect
EnableWindow
MoveWindow
DialogBoxParamW
GetWindowTextLengthW
PostMessageW
SetDlgItemTextW
GetKeyState
MapDialogRect
SendMessageW
LoadStringW
SetWindowTextW
GetDlgItem
SystemParametersInfoW
ScreenToClient
InvalidateRect
SetTimer
IsDlgButtonChecked
GetWindowTextW
CheckDlgButton
LoadCursorW
LoadIconW
GetFocus
GetWindowLongW
SetCursor
CoUninitialize
CoCreateInstance
CoInitialize
OleInitialize
Number of PE resources by type
RT_STRING 14
RT_DIALOG 4
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 22
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
9.38.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
51200

EntryPoint
0x2234a

OriginalFileName
7z.sfx.exe

MIMEType
application/octet-stream

LegalCopyright
: Igor Pavlov : Public domain

FileVersion
9.38 beta

TimeStamp
2015:01:03 18:33:20+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
7z.sfx

ProductVersion
9.38 beta

FileDescription
7z SFX

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Igor Pavlov

CodeSize
146944

ProductName
7-Zip

ProductVersionNumber
9.38.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 b9bd3208465cd3d5c68e832f603ca7d0
SHA1 9794e9e8434653a4749635a47bf374bb1c6598c6
SHA256 294708297c16e1b9b10436d1007a150a230b2db4f6ec04ccb3b5893fee057b46
ssdeep
3072:Y4fp8s+D6CkNFngg5QDViLe3pKHgK1vl0jpVM/P9AAAAAOzeX6xylMBUxDDY:Nr2QNFnggEiKGNmDM/Vg6xhBUxg

authentihash 20c0d682ff868d4da313c34507fac5d60c0c609d44a7627d40484b128da8c158
imphash de70a01b2ea56e6728a3b1b5b8434500
File size 180.7 KB ( 184998 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-07-10 02:57:27 UTC ( 1 year, 8 months ago )
Last submission 2015-07-10 02:57:27 UTC ( 1 year, 8 months ago )
File names 7z.sfx.exe
Custom Resolutions (LCDTV).exe
7z.sfx
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs