× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3a3be308d247e86bb66a64ecaf0e18ae8778025a5cd2cc32cf9eaf44216dedab
File name: tcmd.exe
Detection ratio: 2 / 45
Analysis date: 2013-01-03 21:18:48 UTC ( 5 years, 6 months ago )
Antivirus Result Update
TrendMicro Cryp_Xed-16 20130103
TrendMicro-HouseCall Cryp_Xed-16 20130103
Yandex 20130103
AntiVir 20130103
Antiy-AVL 20130103
Avast 20130103
AVG 20130103
BitDefender 20130103
ByteHero 20121226
CAT-QuickHeal 20130103
ClamAV 20130103
Commtouch 20130103
Comodo 20130103
DrWeb 20130103
Emsisoft 20130103
eSafe 20130103
ESET-NOD32 20130103
F-Prot 20130102
F-Secure 20130103
Fortinet 20130103
GData 20130103
Ikarus 20130103
Jiangmin 20121221
K7AntiVirus 20130103
Kaspersky 20130103
Kingsoft 20121225
Malwarebytes 20130103
McAfee 20130103
McAfee-GW-Edition 20130103
Microsoft 20130103
eScan 20130103
NANO-Antivirus 20130103
Norman 20130103
nProtect 20130103
Panda 20130103
PCTools 20130103
Rising 20121228
Sophos AV 20130103
SUPERAntiSpyware 20130103
Symantec 20130103
TheHacker 20130103
TotalDefense 20130103
VBA32 20130102
VIPRE 20130103
ViRobot 20130103
The file being studied is a Portable Executable file! More specifically, it is a unknown file for the Windows GUI subsystem.
PE header basic information
Target machine x64
Compilation timestamp 2012-12-12 02:06:48
Entry Point 0x0087DC7C
Number of sections 10
PE sections
PE imports
PropertySheetW
PrintDlgW
ImmGetContext
TransparentBlt
CreateStdAccessibleObject
GetModuleFileNameExW
PathFindFileNameW
EndOfList
PlaySoundW
ClosePrinter
RegCloseKey
SymFunctionTableAccess64
CreateFontA
GdiplusStartup
IPWorks_HTTP_Get
GetProcAddress
GetModuleHandleA
ExitProcess
LoadLibraryA
CoInitialize
SysFreeString
OleUIBusyW
OnigSyntaxGnuRegex
ShellExecuteA
MessageBoxA
GetFileVersionInfoA
PE exports
Number of PE resources by type
RT_CURSOR 47
RT_GROUP_CURSOR 39
RT_ICON 39
RT_STRING 38
RT_HTML 34
RT_DIALOG 17
RT_BITMAP 17
PNG 12
RT_GROUP_ICON 8
Struct(241) 4
RT_MENU 3
RT_MANIFEST 1
RT_ACCELERATOR 1
TEXTINCLUDE 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 143
ENGLISH US 119
ExifTool file metadata
CodeSize
3284480

SubsystemVersion
5.2

InitializedDataSize
1863680

ImageVersion
14.0

ProductName
TCMD

FileVersionNumber
14.0.3.53

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
10.0

OriginalFilename
TCMD.EXE

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
14.03.53

TimeStamp
2012:12:12 02:06:48+00:00

FileType
Win64 EXE

PEType
PE32+

InternalName
Take Command

ProductVersion
14.03.53

FileDescription
Take Command

OSVersion
5.2

FileOS
Win32

LegalCopyright
Copyright (c) 2012 Rex C. Conn and JP Software Inc.

MachineType
AMD AMD64

CompanyName
JP Software

LegalTrademarks
Take Command is a registered trademark of JP Software Inc.

FileSubtype
0

ProductVersionNumber
14.0.3.53

EntryPoint
0x87dc7c

ObjectFileType
Executable application

Build
53

File identification
MD5 427cc4087766278f3489fd687ddf5bee
SHA1 cd7465f131e77cf9d1155841d1e345a4787fc4b2
SHA256 3a3be308d247e86bb66a64ecaf0e18ae8778025a5cd2cc32cf9eaf44216dedab
ssdeep
49152:KhH1oKl3XPc/c4HGllPRt8+85RQ42mBnVLx3+9dYTJo2MIVkrK8A4rsjA2BGZUud:WHbXPc/5mTPRj8B20H+qJp0rJwEZpsyt

File size 3.1 MB ( 3263208 bytes )
File type unknown
Magic literal
MS-DOS executable PE for MS Windows (GUI)

TrID Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
VirusTotal metadata
First submission 2012-12-18 13:42:37 UTC ( 5 years, 7 months ago )
Last submission 2013-01-03 21:18:48 UTC ( 5 years, 6 months ago )
File names tcmd.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!