× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2c827b8098caa5c4a89986d6dfa0ffc15cfcc5d1cd7b2310a12cede2dfba163d
File name: choco.exe
Detection ratio: 1 / 71
Analysis date: 2019-04-13 08:24:56 UTC ( 1 week ago )
Antivirus Result Update
Trapmine malicious.moderate.ml.score 20190325
Acronis 20190412
Ad-Aware 20190413
AegisLab 20190413
AhnLab-V3 20190412
Alibaba 20190402
ALYac 20190413
Antiy-AVL 20190413
Arcabit 20190413
Avast 20190413
Avast-Mobile 20190413
AVG 20190413
Avira (no cloud) 20190412
Babable 20180918
Baidu 20190318
BitDefender 20190413
Bkav 20190412
CAT-QuickHeal 20190412
ClamAV 20190412
CMC 20190321
Comodo 20190413
CrowdStrike Falcon (ML) 20190212
Cybereason 20190403
Cylance 20190413
Cyren 20190413
DrWeb 20190413
eGambit 20190413
Emsisoft 20190413
Endgame 20190403
ESET-NOD32 20190413
F-Prot 20190413
F-Secure 20190413
FireEye 20190413
Fortinet 20190413
GData 20190413
Ikarus 20190413
Sophos ML 20190313
Jiangmin 20190413
K7AntiVirus 20190413
K7GW 20190413
Kaspersky 20190413
Kingsoft 20190413
Malwarebytes 20190413
MAX 20190413
McAfee 20190413
McAfee-GW-Edition 20190413
Microsoft 20190413
eScan 20190413
NANO-Antivirus 20190413
Palo Alto Networks (Known Signatures) 20190413
Panda 20190413
Qihoo-360 20190413
Rising 20190413
SentinelOne (Static ML) 20190407
Sophos AV 20190413
SUPERAntiSpyware 20190410
Symantec 20190412
Symantec Mobile Insight 20190410
TACHYON 20190413
Tencent 20190413
TheHacker 20190411
TotalDefense 20190413
TrendMicro 20190413
TrendMicro-HouseCall 20190413
Trustlook 20190413
VBA32 20190412
ViRobot 20190412
Webroot 20190413
Yandex 20190412
Zillya 20190412
ZoneAlarm by Check Point 20190413
Zoner 20190413
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 2011 - Present, RealDimensions Software, LLC - All Rights Reserved.

Product chocolatey
Original name choco.exe
Internal name choco.exe
File version 0.9.10.0
Description chocolatey
Comments chocolatey is a product of RealDimensions Software, LLC - All Rights Reserved.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-03-18 19:16:46
Entry Point 0x0065672A
Number of sections 3
.NET details
Module Version ID 1390255d-10f5-4020-b44f-2833cbc6e55b
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 6
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 9
PE resources
ExifTool file metadata
CodeSize
6637568

SubsystemVersion
4.0

Comments
chocolatey is a product of RealDimensions Software, LLC - All Rights Reserved.

InitializedDataSize
121856

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.9.10.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
chocolatey

ImageFileCharacteristics
Executable

CharacterSet
Unicode

LinkerVersion
8.0

EntryPoint
0x65672a

OriginalFileName
choco.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2011 - Present, RealDimensions Software, LLC - All Rights Reserved.

FileVersion
0.9.10.0

TimeStamp
2016:03:18 20:16:46+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
choco.exe

ProductVersion
0.9.10-beta1-187-gd2ed50d

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
RealDimensions Software, LLC

LegalTrademarks
chocolatey - RealDimensions Software, LLC

ProductName
chocolatey

ProductVersionNumber
0.9.10.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.9.10.0

Compressed bundles
File identification
MD5 2c230560ebc60188066bd9058eb3f08d
SHA1 d6c5886116b356bd4ecd02fd268935f841f94c79
SHA256 2c827b8098caa5c4a89986d6dfa0ffc15cfcc5d1cd7b2310a12cede2dfba163d
ssdeep
49152:bivtTj01ReKv+hyz8grnkQfrm78I8+QUP1d2yULixqeRH++xxcgcppN9agKFB+Yc:bP1Rzv7z8izdfFOxqeRz+/pRKPQQnlu

authentihash cd79e453201adeff503402ce5c253d517f8d760c2b2f85aec17de7f87f257436
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 6.4 MB ( 6759936 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (31.9%)
InstallShield setup (18.7%)
Win32 EXE PECompact compressed (generic) (18.1%)
Win64 Executable (generic) (12.0%)
Microsoft Visual C++ compiled executable (generic) (7.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-03-18 20:10:38 UTC ( 3 years, 1 month ago )
Last submission 2016-03-18 20:10:38 UTC ( 3 years, 1 month ago )
File names choco.exe
choco.exe
choco.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!