× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2ec7544b880c5d2caaefa49abe817ee13f6d9df9d81b55d9d81798358d31147d
File name: inst4.exe
Detection ratio: 2 / 53
Analysis date: 2016-08-18 11:32:38 UTC ( 2 years, 7 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160818
Kaspersky UDS:DangerousObject.Multi.Generic 20160818
Ad-Aware 20160818
AegisLab 20160818
AhnLab-V3 20160817
Alibaba 20160818
ALYac 20160818
Antiy-AVL 20160818
Arcabit 20160818
Avast 20160818
AVG 20160818
Avira (no cloud) 20160818
AVware 20160818
BitDefender 20160818
CAT-QuickHeal 20160818
ClamAV 20160818
CMC 20160818
Comodo 20160818
Cyren 20160818
DrWeb 20160818
Emsisoft 20160818
ESET-NOD32 20160818
F-Prot 20160818
F-Secure 20160818
Fortinet 20160818
GData 20160818
Ikarus 20160818
Jiangmin 20160818
K7AntiVirus 20160818
K7GW 20160818
Kingsoft 20160818
Malwarebytes 20160818
McAfee 20160818
McAfee-GW-Edition 20160818
Microsoft 20160818
eScan 20160818
NANO-Antivirus 20160818
nProtect 20160817
Panda 20160818
Qihoo-360 20160818
Rising 20160818
Sophos AV 20160818
SUPERAntiSpyware 20160818
Symantec 20160818
Tencent 20160818
TheHacker 20160817
TrendMicro 20160818
TrendMicro-HouseCall 20160818
VBA32 20160817
VIPRE 20160818
ViRobot 20160818
Zillya 20160817
Zoner 20160818
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 1998-2009 Equis International

Product MetaStock File Library
Original name MSFL11.dll
Internal name MSFL11
File version 11.0
Description MSFL11
Comments None
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-03-02 02:06:32
Entry Point 0x000018AA
Number of sections 7
PE sections
PE imports
CreateJobObjectW
GetVolumePathNameA
SetThreadPriorityBoost
CreateTimerQueue
GetLocalTime
RegisterConsoleOS2
GetCurrentProcess
LocalAlloc
lstrcatA
GetLogicalDrives
CheckNameLegalDOS8Dot3A
SetStdHandle
CheckRemoteDebuggerPresent
WideCharToMultiByte
WaitForDebugEvent
InterlockedExchange
LocalFree
MoveFileA
InitializeCriticalSection
GetLogicalDriveStringsW
ReadConsoleInputExA
GetSystemTime
GetWriteWatch
CopyFileW
RemoveDirectoryW
MoveFileWithProgressA
VerLanguageNameW
lstrcmpiW
GetCurrencyFormatA
MultiByteToWideChar
FoldStringW
GetFirmwareEnvironmentVariableW
CreateDirectoryExW
SetConsoleLocalEUDC
GetSystemDirectoryW
ConvertDefaultLocale
ClearCommError
MoveFileExA
AllocateUserPhysicalPages
DebugActiveProcess
GetVersion
GetNumberFormatW
CreateToolhelp32Snapshot
GlobalGetAtomNameW
FreeLibrary
DisableThreadLibraryCalls
CallNamedPipeA
VirtualProtect
CreateMailslotA
LoadLibraryA
CreateRemoteThread
GetDateFormatA
OpenProcess
GetPrivateProfileIntA
GetStartupInfoW
GetProcAddress
SetCriticalSectionSpinCount
GetFileSizeEx
DebugBreakProcess
GetDllDirectoryA
GetTimeFormatA
IsValidLocale
SetCommState
ContinueDebugEvent
BuildCommDCBA
GetLastError
GetSystemInfo
LCMapStringA
UnregisterWaitEx
CancelWaitableTimer
GetCPInfoExW
GetCurrentProcessId
SetTapePosition
SetConsoleCursor
GetAtomNameW
GetConsoleTitleA
OpenMutexA
RaiseException
Module32NextW
CloseHandle
SetDllDirectoryW
GetModuleHandleW
AddConsoleAliasA
SetThreadUILanguage
lstrcpyA
CreateProcessW
GetLongPathNameA
VirtualAlloc
RasSetOldPassword
RasGetConnectionStatistics
RasValidateEntryNameA
RasGetEapUserIdentityA
RasClearConnectionStatistics
RasCreatePhonebookEntryA
RasGetEapUserIdentityW
RasConnectionNotificationW
DDMGetPhonebookInfo
RasGetProjectionInfoW
RasSetCustomAuthDataA
RasScriptInit
RasSetSharedAutoDial
RasSetEntryDialParamsW
RasSetEntryPropertiesA
RasConnectionNotificationA
RasGetEntryDialParamsA
RasGetAutodialParamW
RasGetConnectStatusA
RasGetCountryInfoW
RasIsSharedConnection
RasGetCredentialsA
RasEnumDevicesW
RasDeleteSubEntryA
RasDialW
RasSetEapUserDataA
RasEnumDevicesA
RasGetErrorStringA
RasGetCustomAuthDataW
RasEnumEntriesW
RasDeleteSubEntryW
GetForegroundWindow
GetCursorInfo
GetInputState
LoadMenuA
GetCapture
GetClipboardViewer
MessageBoxW
GetWindowRect
IsRectEmpty
LoadCursorFromFileA
GetWindowTextLengthA
GetWindow
GetSysColor
GetCursorPos
IsWindowVisible
GetKeyNameTextW
IsClipboardFormatAvailable
GetClassNameW
GetMenuItemCount
CopyRect
GetDesktopWindow
IsWindowUnicode
GetFocus
GetGUIThreadInfo
Number of PE resources by type
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
Equis and MetaStock are registered trademarks of Equis International, Inc.

SubsystemVersion
5.1

Comments
None

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
11.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
MSFL11

CharacterSet
Unicode

InitializedDataSize
139264

EntryPoint
0x18aa

OriginalFileName
MSFL11.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 1998-2009 Equis International

FileVersion
11.0

TimeStamp
2014:03:02 03:06:32+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MSFL11

ProductVersion
11.0

UninitializedDataSize
0

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Equis International

CodeSize
69632

ProductName
MetaStock File Library

ProductVersionNumber
11.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 f751e779d165593cef521ffc8d41e66e
SHA1 954c9fe58c605aa05b85431a2f851395d96c75e0
SHA256 2ec7544b880c5d2caaefa49abe817ee13f6d9df9d81b55d9d81798358d31147d
ssdeep
3072:Hkb7Orrfpie20leR1eg6gBW4RuL/aLPZVzs1F:6CpiweneoV/1Vzs

authentihash 81691b99e6fe317b164d310096c99c2d9d153c61d9d0a7b90b56229077e863bd
imphash 1afc72d5c5fc7c441973e7728e3f9621
File size 156.0 KB ( 159744 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe

VirusTotal metadata
First submission 2016-08-18 09:05:18 UTC ( 2 years, 7 months ago )
Last submission 2016-08-18 09:05:18 UTC ( 2 years, 7 months ago )
File names MSFL11.dll
MSFL11
inst4.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Copied files
Moved files
Created processes
Opened mutexes
Runtime DLLs
UDP communications