× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2a69ecab868f2ca7ca074b0fff9c46c32fb40d3912ef94e7439362ae2060a764
File name: h.exe
Detection ratio: 21 / 71
Analysis date: 2019-02-12 06:04:10 UTC ( 2 months, 1 week ago ) View latest
Antivirus Result Update
Acronis suspicious 20190208
AhnLab-V3 Trojan/Win32.Agent.C3008316 20190212
ClamAV Win.Trojan.Generic-6626676-0 20190211
Comodo TrojWare.Win32.Injector.UOL@4q80ri 20190212
CrowdStrike Falcon (ML) malicious_confidence_60% (W) 20181023
Cylance Unsafe 20190212
Cyren W32/GenBl.F851F833!Olympus 20190212
ESET-NOD32 a variant of Win32/GenKryptik.CZBH 20190212
GData MSIL.Backdoor.Nancat.XWT4ME 20190212
Ikarus Win32.Outbreak 20190211
Kaspersky UDS:DangerousObject.Multi.Generic 20190212
McAfee RDN/Generic.dx 20190212
McAfee-GW-Edition BehavesLike.Win32.CryptDoma.fc 20190212
Microsoft Trojan:Win32/Sonbokli.A!cl 20190212
Palo Alto Networks (Known Signatures) generic.ml 20190212
Panda Trj/Genetic.gen 20190211
Rising Spyware.Agent!8.C6/N3#93% (RDM+:cmRtazoBpnCwYh8d/jZTnXYwCA/D) 20190212
SentinelOne (Static ML) static engine - malicious 20190203
Symantec ML.Attribute.HighConfidence 20190212
Trapmine malicious.high.ml.score 20190123
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20190212
Ad-Aware 20190212
AegisLab 20190212
Alibaba 20180921
ALYac 20190212
Antiy-AVL 20190212
Arcabit 20190211
Avast 20190212
Avast-Mobile 20190211
AVG 20190212
Avira (no cloud) 20190212
Babable 20180918
Baidu 20190202
BitDefender 20190212
Bkav 20190201
CAT-QuickHeal 20190210
CMC 20190211
Cybereason 20190109
DrWeb 20190212
eGambit 20190212
Emsisoft 20190212
Endgame 20181108
F-Prot 20190212
F-Secure 20190212
Fortinet 20190212
Sophos ML 20181128
Jiangmin 20190212
K7AntiVirus 20190212
K7GW 20190212
Kingsoft 20190212
Malwarebytes 20190212
MAX 20190212
eScan 20190212
NANO-Antivirus 20190212
Qihoo-360 20190212
Sophos AV 20190212
SUPERAntiSpyware 20190206
Symantec Mobile Insight 20190207
TACHYON 20190212
Tencent 20190212
TheHacker 20190203
TotalDefense 20190212
TrendMicro 20190212
TrendMicro-HouseCall 20190212
Trustlook 20190212
VBA32 20190211
VIPRE 20190212
ViRobot 20190212
Webroot 20190212
Yandex 20190210
Zillya 20190211
Zoner 20190212
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2003-2016 Initex. All rights reserved.

Product Proxifier Portable Edition
Original name Proxifier.exe
Internal name Proxifier.exe
File version 3.31.1.0
Description Proxifier Portable Edition v3.31
Packers identified
F-PROT UPX
PEiD UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-02-11 16:58:41
Entry Point 0x00063EB0
Number of sections 3
PE sections
PE imports
VirtualProtect
LoadLibraryA
ExitProcess
GetProcAddress
Number of PE resources by type
RT_ICON 12
RT_RCDATA 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 15
ENGLISH US 2
PE resources
ExifTool file metadata
SubsystemVersion
6.0

InitializedDataSize
36864

ImageVersion
0.0

ProductName
Proxifier Portable Edition

FileVersionNumber
3.31.1.0

UninitializedDataSize
126976

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
14.15

FileTypeExtension
exe

OriginalFileName
Proxifier.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
3.31.1.0

TimeStamp
2019:02:11 17:58:41+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Proxifier.exe

ProductVersion
3.31.1.0

FileDescription
Proxifier Portable Edition v3.31

OSVersion
6.0

FileOS
Win32

LegalCopyright
Copyright 2003-2016 Initex. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Initex

CodeSize
282624

FileSubtype
0

ProductVersionNumber
3.31.1.0

EntryPoint
0x63eb0

ObjectFileType
Executable application

Execution parents
File identification
MD5 f851f8337d9d529002cff1b9e7b7bce5
SHA1 34ea830f7590ca1daca0f1180f1e823b27aa4431
SHA256 2a69ecab868f2ca7ca074b0fff9c46c32fb40d3912ef94e7439362ae2060a764
ssdeep
6144:uizmJ9r6blWFgm32RXjFrpnzyd70GxOULT7l0vfbesHaUlEMMMvy53kQSLPSS:O76bYFgmm5rpnWd70Gs4Tuz6UlETf50p

authentihash c746a69a7ef68cce4dcd3da073ee492a36bc51b5d35f23af6f80e712e9afd2c7
imphash 6ed4f5f04d62b18d96b26d6db7c18840
File size 306.0 KB ( 313344 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (61.2%)
Win32 Dynamic Link Library (generic) (14.8%)
Win32 Executable (generic) (10.2%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.5%)
Tags
peexe upx

VirusTotal metadata
First submission 2019-02-12 01:41:17 UTC ( 2 months, 1 week ago )
Last submission 2019-02-12 01:41:17 UTC ( 2 months, 1 week ago )
File names Proxifier.exe
h.exe
verify.exe
h.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!