× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 30ac5640c7c675f2c2c16d10272466c83fd4e679d272be8501ece1042e682bd0
File name: URLGet.exe
Detection ratio: 0 / 43
Analysis date: 2011-10-01 14:52:03 UTC ( 2 years, 6 months ago ) View latest
Antivirus Result Update
AVG 20111001
AhnLab-V3 20111001
AntiVir 20110930
Antiy-AVL 20111001
Avast 20111001
BitDefender 20111001
ByteHero 20110923
CAT-QuickHeal 20110930
ClamAV 20111001
Commtouch 20111001
Comodo 20111001
DrWeb 20111001
Emsisoft 20111001
F-Prot 20110930
F-Secure 20111001
Fortinet 20111001
GData 20111001
Ikarus 20111001
Jiangmin 20111001
K7AntiVirus 20110930
Kaspersky 20111001
McAfee 20111001
McAfee-GW-Edition 20110930
Microsoft 20111001
NOD32 20111001
Norman 20111001
PCTools 20111001
Panda 20111001
Prevx 20111001
Rising 20110930
SUPERAntiSpyware 20111001
Sophos 20111001
Symantec 20111001
TheHacker 20110930
TrendMicro 20111001
TrendMicro-HouseCall 20111001
VBA32 20110930
VIPRE 20111001
ViRobot 20111001
VirusBuster 20111001
eSafe 20110927
eTrust-Vet 20110930
nProtect 20111001
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
Authenticode signature block
Copyright
Public Domain

Original name URLGet.exe
File version 0.9.0.0
Description Internet Explorer based Downloader
Comments Created with 'Gentee Programming Language', http://gentee.com/
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-10-27 10:14:38
Link date 11:14 AM 10/27/2010
Entry Point 0x00001160
Number of sections 5
PE sections
PE imports
GetLastError
GetStdHandle
EnterCriticalSection
ReadFile
GetFileAttributesA
FreeLibrary
ExitProcess
LoadLibraryA
IsDBCSLeadByte
DeleteCriticalSection
GetStartupInfoA
GetConsoleMode
GetFileSize
lstrcatA
FindClose
CreateDirectoryA
DeleteFileA
GetCommandLineA
GetProcAddress
GetFullPathNameA
CreateMutexA
CompareStringW
GetTempPathA
GetCPInfo
GetModuleHandleA
FindFirstFileA
lstrcpyA
CloseHandle
FindNextFileA
RemoveDirectoryA
ExitThread
ReadConsoleA
GetModuleFileNameA
WriteConsoleA
InitializeCriticalSection
SetConsoleMode
WriteFile
AllocConsole
CreateFileA
GetTickCount
LeaveCriticalSection
SetCurrentDirectoryA
CompareStringA
__p__fmode
malloc
_putenv
_ftol
strtoul
tan
_except_handler3
asin
log
fabs
strtol
sqrt
exit
_XcptFilter
pow
__setusermatherr
log10
_controlfp
_adjust_fdiv
_acmdln
exp
atan
__p__commode
free
getenv
labs
__getmainargs
ceil
atof
acos
sin
cos
floor
_atoi64
modf
_initterm
_exit
vsprintf
__set_app_type
wsprintfA
MessageBoxA
CharLowerA
CharToOemA
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
ExifTool file metadata
Author
SKAN ( Suresh Kumar A N ) arian.suresh@gmail.com

SubsystemVersion
4.0

Comments
Created with 'Gentee Programming Language', http://gentee.com/

InitializedDataSize
24576

ImageVersion
0.0

FileVersionNumber
0.9.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

OriginalFilename
URLGet.exe

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
0.9.0.0

TimeStamp
2010:10:27 11:14:38+01:00

FileType
Win32 EXE

PEType
PE32

FileDescription
Internet Explorer based Downloader

OSVersion
4.0

FileOS
Win32

LegalCopyright
Public Domain

MachineType
Intel 386 or later, and compatibles

CodeSize
36864

FileSubtype
0

ProductVersionNumber
3.6.3.0

EntryPoint
0x1160

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 6a529f13ca4261cab359a0333b9572dd
SHA1 54c95ef6612c72f1f95d662fcddf618a3deb2cf2
SHA256 30ac5640c7c675f2c2c16d10272466c83fd4e679d272be8501ece1042e682bd0
ssdeep
768:499qmW1Om7Rq+eP8Fdg0sXcxJHOoFqIO+6EtDnMnlFIcDwGQKnYripbE:oqmW1OmXeUmcvuyqIO+x+wXKnMEE

File size 64.0 KB ( 65536 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe armadillo

VirusTotal metadata
First submission 2011-10-01 14:52:03 UTC ( 2 years, 6 months ago )
Last submission 2011-10-01 14:52:03 UTC ( 2 years, 6 months ago )
File names URLGet.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!