× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3051067ce666736040af35fa55c0329d889ae9b3119e398bf952bff5b42ed156
File name: .
Detection ratio: 5 / 68
Analysis date: 2018-10-18 17:29:27 UTC ( 6 months ago ) View latest
Antivirus Result Update
CrowdStrike Falcon (ML) malicious_confidence_80% (D) 20180723
Cylance Unsafe 20181018
Endgame malicious (high confidence) 20180730
Sophos ML heuristic 20180717
Malwarebytes Trojan.IcedID 20181018
Ad-Aware 20181018
AegisLab 20181018
AhnLab-V3 20181018
Alibaba 20180921
ALYac 20181018
Antiy-AVL 20181018
Arcabit 20181018
Avast 20181018
Avast-Mobile 20181018
AVG 20181018
Avira (no cloud) 20181018
Babable 20180918
Baidu 20181018
BitDefender 20181018
Bkav 20181018
CAT-QuickHeal 20181018
ClamAV 20181018
CMC 20181018
Cybereason 20180225
Cyren 20181018
DrWeb 20181018
eGambit 20181018
Emsisoft 20181018
ESET-NOD32 20181018
F-Prot 20181018
F-Secure 20181018
Fortinet 20181018
GData 20181018
Ikarus 20181018
Jiangmin 20181018
K7AntiVirus 20181018
K7GW 20181018
Kaspersky 20181018
Kingsoft 20181018
MAX 20181018
McAfee 20181018
McAfee-GW-Edition 20181018
Microsoft 20181018
eScan 20181018
NANO-Antivirus 20181018
Palo Alto Networks (Known Signatures) 20181018
Panda 20181018
Qihoo-360 20181018
Rising 20181018
SentinelOne (Static ML) 20181011
Sophos AV 20181018
SUPERAntiSpyware 20181015
Symantec 20181018
Symantec Mobile Insight 20181001
TACHYON 20181018
Tencent 20181018
TheHacker 20181015
TotalDefense 20181018
TrendMicro 20181018
TrendMicro-HouseCall 20181018
Trustlook 20181018
VBA32 20181018
VIPRE 20181018
ViRobot 20181018
Webroot 20181018
Yandex 20181017
Zillya 20181018
ZoneAlarm by Check Point 20181018
Zoner 20181017
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Google Ventures ©. All rights reserved.

Product Stern
Original name Stern
Internal name Stern
File version 3.4.64.6
Description Randy Hack
Comments Randy Hack
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-17 19:21:49
Entry Point 0x0000E580
Number of sections 5
PE sections
PE imports
SetSecurityDescriptorDacl
CryptReleaseContext
CryptAcquireContextA
SetSecurityDescriptorGroup
CryptGenRandom
CryptGenKey
AVIStreamOpenFromFileA
AVIFileInit
AVIMakeCompressedStream
AVIStreamSetFormat
AVIFileExit
AVIStreamInfoA
ImageList_Create
GetDeviceCaps
GetObjectA
TextOutA
ExtTextOutW
SelectObject
CreateFontA
GetTextMetricsA
SetViewportOrgEx
SelectPalette
CreateFontIndirectA
AddFontResourceExW
CreateSolidBrush
CombineRgn
SetBkColor
SelectClipRgn
CreateCompatibleDC
DeleteObject
RealizePalette
SetTextColor
GetStdHandle
CancelIoEx
WaitForSingleObject
HeapDestroy
EncodePointer
GetCommandLineW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
InterlockedExchange
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
InitializeCriticalSection
OutputDebugStringW
TlsGetValue
EnumDateFormatsA
OutputDebugStringA
SetLastError
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
HeapSetInformation
EnumSystemLocalesA
SetConsoleCtrlHandler
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
FatalAppExitA
SetFilePointer
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
DecodePointer
TerminateProcess
GlobalAlloc
LocalFileTimeToFileTime
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
RtlUnwind
GetDateFormatA
GetStartupInfoW
GetUserDefaultLCID
SetFileInformationByHandle
VirtualProtectEx
HeapValidate
FreeConsole
IsValidLocale
GetProcAddress
CreateEventW
CreateFileW
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
LCMapStringW
lstrlenA
GlobalFree
GetConsoleCP
GetEnvironmentStringsW
GetCurrentProcessId
GetCompressedFileSizeW
HeapQueryInformation
GetCPInfo
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
TlsFree
GetModuleHandleA
CloseHandle
GetACP
GetModuleHandleW
IsValidCodePage
HeapCreate
WriteFile
Sleep
IsBadReadPtr
VirtualAlloc
NetWkstaUserGetInfo
SysFreeString
OleTranslateColor
SysAllocStringLen
UuidToStringA
UuidCreate
CommandLineToArgvW
PathFileExistsW
PathIsDirectoryW
SendNotifyMessageA
GetParent
UpdateWindow
AttachThreadInput
BeginPaint
OffsetRect
SetScrollRange
ScrollWindowEx
AppendMenuW
SetCaretBlinkTime
GetSysColor
SetActiveWindow
GetDC
CreateDialogParamW
ReleaseDC
GetMenu
EndMenu
SendMessageA
SetScrollPos
FrameRect
CreateWindowExA
LoadCursorA
IsDlgButtonChecked
GetSysColorBrush
GetDialogBaseUnits
DestroyWindow
mmioStringToFOURCCA
mmioDescend
mmioOpenA
mmioClose
EnumerateLoadedModules
GdiplusShutdown
PdhBrowseCountersA
Number of PE resources by type
RT_STRING 15
RT_DIALOG 5
RT_ICON 4
RT_BITMAP 3
RCDATA 2
RT_MANIFEST 1
RT_MENU 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 33
PE resources
Debug information
ExifTool file metadata
CodeSize
328704

SubsystemVersion
5.1

Comments
Randy Hack

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.4.64.6

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Randy Hack

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
299008

PrivateBuild
3.4.64.6

EntryPoint
0xe580

OriginalFileName
Stern

MIMEType
application/octet-stream

LegalCopyright
Google Ventures . All rights reserved.

FileVersion
3.4.64.6

TimeStamp
2018:10:17 20:21:49+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Stern

ProductVersion
3.4.64.6

UninitializedDataSize
0

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Google Ventures

LegalTrademarks
Google Ventures . All rights reserved.

ProductName
Stern

ProductVersionNumber
3.4.64.6

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 6b47ec52b4c2f80af7fef477f809e480
SHA1 8dd016f800ab34a7fef81f590d16d45c0fc0c040
SHA256 3051067ce666736040af35fa55c0329d889ae9b3119e398bf952bff5b42ed156
ssdeep
12288:VgetbkhQUf0C7/BhL/3H/4MfubQQsnOwRHgLD4oaI8xGSjo:VgeFUfH/zPp1uwlgLD4fjo

authentihash fcb311cc03341aef591ac3961c1b659fd2e443244d527ccd6e40bb0043193352
imphash c983bfad24d4e08b23d756805b2848fa
File size 614.0 KB ( 628736 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (61.9%)
Win32 Dynamic Link Library (generic) (13.0%)
Win32 Executable (generic) (8.9%)
OS/2 Executable (generic) (4.0%)
Clipper DOS Executable (4.0%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-18 17:29:27 UTC ( 6 months ago )
Last submission 2018-10-18 17:29:27 UTC ( 6 months ago )
File names .
Stern
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!