× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 346c79ff525786927754758f3bcc0adbebfed32390147c6aa49e457d3b31454e
File name: SAMPLE SPECIFICATIONS.exe
Detection ratio: 12 / 54
Analysis date: 2014-06-12 13:36:37 UTC ( 3 years ago )
Antivirus Result Update
Bkav HW32.TsCabk.hmgk 20140612
ESET-NOD32 a variant of Win32/Kryptik.CEBJ 20140612
Fortinet W32/Zbot.CEBJ!tr 20140612
Kaspersky Trojan-Spy.Win32.Zbot.tfam 20140612
Malwarebytes Spyware.ZeuS 20140612
McAfee Artemis!D607FC2B22EC 20140612
McAfee-GW-Edition Artemis!D607FC2B22EC 20140612
Microsoft PWS:Win32/Zbot 20140612
Panda Trj/Chgt.A 20140612
Qihoo-360 HEUR/Malware.QVM20.Gen 20140612
Sophos Mal/Generic-S 20140612
TrendMicro-HouseCall TROJ_GEN.R047H07FB14 20140612
Ad-Aware 20140612
AegisLab 20140612
Yandex 20140610
AhnLab-V3 20140612
AntiVir 20140612
Antiy-AVL 20140611
Avast 20140612
AVG 20140612
Baidu-International 20140612
BitDefender 20140612
ByteHero 20140612
CAT-QuickHeal 20140612
ClamAV 20140612
CMC 20140610
Commtouch 20140612
Comodo 20140612
DrWeb 20140612
Emsisoft 20140612
F-Prot 20140612
F-Secure 20140612
GData 20140612
Ikarus 20140612
Jiangmin 20140612
K7AntiVirus 20140612
K7GW 20140612
Kingsoft 20140612
eScan 20140612
NANO-Antivirus 20140612
Norman 20140612
nProtect 20140611
Rising 20140611
SUPERAntiSpyware 20140612
Symantec 20140612
Tencent 20140612
TheHacker 20140610
TotalDefense 20140612
TrendMicro 20140612
VBA32 20140611
VIPRE 20140612
ViRobot 20140612
Zillya 20140611
Zoner 20140611
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Publisher Windows (R) AFK Provider
Product Windows (R) AFK Provider
Original name WinAFK.DLL
Internal name WinAFK.DLL
File version 7.5.120.9300
Description WinAFK.DLL
Signature verification The digital signature of the object did not verify.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-08-29 04:08:05
Entry Point 0x00200C10
Number of sections 6
PE sections
Number of PE resources by type
RT_RCDATA 2
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
350208

ImageVersion
4.0

ProductName
Windows (R) AFK Provider

FileVersionNumber
7.5.120.9300

UninitializedDataSize
0

LanguageCode
Process default

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
7.1

OriginalFilename
WinAFK.DLL

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
7.5.120.9300

TimeStamp
2005:08:29 05:08:05+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
WinAFK.DLL

FileAccessDate
2014:06:12 14:37:54+01:00

ProductVersion
7.5.120.9300

FileDescription
WinAFK.DLL

OSVersion
4.0

FileCreateDate
2014:06:12 14:37:54+01:00

FileOS
Windows NT 32-bit

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Windows (R) AFK Provider

CodeSize
3584

FileSubtype
0

ProductVersionNumber
7.5.120.9300

EntryPoint
0x200c10

ObjectFileType
Executable application

File identification
MD5 d607fc2b22ec1882375d304df1a3514a
SHA1 f948270ae26fbca971b1a748952042c43478bc31
SHA256 346c79ff525786927754758f3bcc0adbebfed32390147c6aa49e457d3b31454e
ssdeep
6144:h+IUlyHkXrOASnjLBy6+m5/m/80mvhptKdPiHD/:h+dDXHSn3By7B/hmvh6PiD

File size 353.9 KB ( 362408 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe attachment

VirusTotal metadata
First submission 2014-06-11 09:38:09 UTC ( 3 years ago )
Last submission 2014-06-11 09:38:09 UTC ( 3 years ago )
File names WinAFK.DLL
SAMPLE SPECIFICATIONS.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!