× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 39c7513e140902503827554fdf2bc25388c79a39a0ee62401c4ac32723e94449
File name: FIFA06DemoEn.exe
Detection ratio: 1 / 65
Analysis date: 2018-01-29 11:21:32 UTC ( 9 months, 2 weeks ago )
Antivirus Result Update
Jiangmin TrojanClicker.Agent.clt 20180129
Ad-Aware 20180129
AegisLab 20180129
AhnLab-V3 20180129
Alibaba 20180129
ALYac 20180129
Antiy-AVL 20180129
Arcabit 20180129
Avast 20180129
Avast-Mobile 20180129
AVG 20180129
Avira (no cloud) 20180129
AVware 20180124
Baidu 20180129
BitDefender 20180129
Bkav 20180129
CAT-QuickHeal 20180129
ClamAV 20180129
CMC 20180129
Comodo 20180129
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20180129
Cyren 20180129
DrWeb 20180129
eGambit 20180129
Emsisoft 20180129
Endgame 20171130
ESET-NOD32 20180129
F-Prot 20180129
F-Secure 20180129
Fortinet 20180129
GData 20180129
Ikarus 20180129
Sophos ML 20180121
K7AntiVirus 20180129
K7GW 20180129
Kaspersky 20180129
Kingsoft 20180129
Malwarebytes 20180129
MAX 20180129
McAfee 20180129
McAfee-GW-Edition 20180129
Microsoft 20180129
eScan 20180129
NANO-Antivirus 20180129
nProtect 20180129
Palo Alto Networks (Known Signatures) 20180129
Panda 20180128
Qihoo-360 20180129
Rising 20180129
SentinelOne (Static ML) 20180115
Sophos AV 20180129
SUPERAntiSpyware 20180129
Symantec 20180129
Symantec Mobile Insight 20180126
Tencent 20180129
TheHacker 20180125
TotalDefense 20180129
TrendMicro 20180129
TrendMicro-HouseCall 20180129
Trustlook 20180129
VBA32 20180129
VIPRE 20180129
ViRobot 20180129
Webroot 20180129
Yandex 20180112
Zillya 20180126
ZoneAlarm by Check Point 20180129
Zoner 20180129
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT Unicode, appended, UTF-8, ZIP
PEiD WinZip 32-bit SFX v8.x module
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2001-01-09 14:08:41
Entry Point 0x000039D8
Number of sections 5
PE sections
PE imports
RegQueryValueA
GetDeviceCaps
CreateDCA
DeleteDC
CreateFontIndirectA
DeleteObject
GetTextExtentPoint32A
SetTextAlign
ExtTextOutA
SelectObject
SetBkColor
GetBkColor
SetTextColor
DosDateTimeToFileTime
lstrlenA
lstrcmpiA
GlobalFree
FreeLibrary
ExitProcess
SetFileTime
GlobalUnlock
LoadLibraryA
GlobalAlloc
RtlUnwind
GetModuleFileNameA
WinExec
GetVolumeInformationA
_lwrite
GetCurrentDirectoryA
LocalAlloc
lstrcatA
CreateDirectoryA
GetWindowsDirectoryA
SetErrorMode
_llseek
GetCommandLineA
GetProcAddress
_lread
_lcreat
_lclose
GetModuleHandleA
FindFirstFileA
lstrcpyA
_lopen
GetACP
GlobalLock
GetDriveTypeA
LocalFree
GetEnvironmentVariableA
GlobalHandle
LocalFileTimeToFileTime
FindClose
GetVersion
SetCurrentDirectoryA
ShellExecuteA
FindExecutableA
GetParent
UpdateWindow
EndDialog
BeginPaint
KillTimer
DefWindowProcA
ShowWindow
SetWindowPos
SetWindowWord
GetSystemMetrics
OemToCharBuffA
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
PostMessageA
GetDlgItemTextA
MessageBoxA
PeekMessageA
TranslateMessage
GetSysColor
SetActiveWindow
GetKeyState
SetWindowTextA
SendDlgItemMessageA
GetLastActivePopup
SendMessageA
GetClientRect
GetDlgItem
RegisterClassA
SetRect
InvalidateRect
wsprintfA
SetTimer
LoadCursorA
CharNextA
GetWindowWord
EndPaint
SetForegroundWindow
SetCursor
DialogBoxIndirectParamA
DestroyWindow
Number of PE resources by type
RT_ICON 2
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2001:01:09 15:08:41+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
18944

LinkerVersion
5.1

EntryPoint
0x39d8

InitializedDataSize
10752

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 3d19a98f38d83d54d10ae1d6707f9110
SHA1 4332f2266f635d574169242656a7fe6122b18866
SHA256 39c7513e140902503827554fdf2bc25388c79a39a0ee62401c4ac32723e94449
ssdeep
6291456:H/dQZVSiPa3a0lNv02+8+ZP1APYkj/FO+whP4:H/dQZI2aK0lNvv+l11APYKFbwF4

authentihash 78acaccd2655bb919d493c9091e27eae8e39cac7e4e99d74369a82295182397c
imphash 78c751010579c51cdad3f096a3cbcc97
File size 213.8 MB ( 224226304 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (32.1%)
Win64 Executable (generic) (28.5%)
Winzip Win32 self-extracting archive (generic) (23.7%)
Win32 Dynamic Link Library (generic) (6.7%)
Win32 Executable (generic) (4.6%)
Tags
winzip peexe

VirusTotal metadata
First submission 2014-07-09 11:05:57 UTC ( 4 years, 4 months ago )
Last submission 2014-07-09 11:05:57 UTC ( 4 years, 4 months ago )
File names FIFA06DemoEn.exe
39C7513E140902503827554FDF2BC25388C79A39A0EE62401C4AC32723E94449.exe
FIFA06DemoEn.exe
39C7513E140902503827554FDF2BC25388C79A39A0EE62401C4AC32723E94449.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!