× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3cf6a4ad6f60539c6d2c11f45a9403993c346bd4d4c87a4e3d7dd1cd357447af
File name: pico-8_0.1.9b_setup.exe
Detection ratio: 3 / 56
Analysis date: 2016-10-07 22:28:33 UTC ( 2 years, 5 months ago ) View latest
Antivirus Result Update
Bkav W32.eHeur.Virus06 20161007
Comodo TrojWare.Win32.TrojanDownloader.Delf.gen 20161007
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20161007
Ad-Aware 20161007
AegisLab 20161007
AhnLab-V3 20161007
Alibaba 20161003
ALYac 20161007
Antiy-AVL 20161007
Arcabit 20161007
Avast 20161007
AVG 20161007
Avira (no cloud) 20161007
AVware 20161007
Baidu 20161001
BitDefender 20161007
CAT-QuickHeal 20161007
ClamAV 20161007
CMC 20161003
CrowdStrike Falcon (ML) 20160725
Cyren 20161007
DrWeb 20161007
Emsisoft 20161007
ESET-NOD32 20161007
F-Prot 20161007
F-Secure 20161007
Fortinet 20161007
GData 20161007
Ikarus 20161007
Sophos ML 20160928
Jiangmin 20161007
K7AntiVirus 20161007
K7GW 20161007
Kaspersky 20161007
Kingsoft 20161007
Malwarebytes 20161007
McAfee 20161007
McAfee-GW-Edition 20161007
Microsoft 20161007
eScan 20161007
NANO-Antivirus 20161007
nProtect 20161007
Panda 20161007
Rising 20161007
Sophos AV 20161007
SUPERAntiSpyware 20161007
Symantec 20161007
Tencent 20161007
TheHacker 20161007
TrendMicro 20161007
TrendMicro-HouseCall 20161007
VBA32 20161007
VIPRE 20161007
ViRobot 20161007
Yandex 20161007
Zillya 20161007
Zoner 20161007
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT NSIS
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-04-02 03:20:05
Entry Point 0x000030FB
Number of sections 5
PE sections
Overlays
MD5 9bf49f67d984b0d7d392db2cb9965cff
File type data
Offset 48128
Size 1297425
Entropy 8.00
PE imports
RegDeleteKeyA
RegCloseKey
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
ImageList_Create
Ord(17)
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
SelectObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetBkColor
DeleteObject
SetTextColor
GetLastError
ReadFile
lstrlenA
lstrcmpiA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
CopyFileA
GetTickCount
SetFileTime
GlobalUnlock
GetModuleFileNameA
RemoveDirectoryA
GetShortPathNameA
GetCurrentProcess
LoadLibraryExA
CompareFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileSize
lstrcatA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GlobalLock
SetFileAttributesA
GetModuleHandleA
GetTempPathA
CreateThread
GetFileAttributesA
SetFilePointer
lstrcmpA
FindFirstFileA
WriteFile
CloseHandle
GetTempFileNameA
lstrcpynA
FindNextFileA
GetSystemDirectoryA
GetDiskFreeSpaceA
ExpandEnvironmentStringsA
GetFullPathNameA
FreeLibrary
MoveFileA
CreateProcessA
GlobalAlloc
SearchPathA
FindClose
Sleep
CreateFileA
ExitProcess
GetVersion
GetProcAddress
SetCurrentDirectoryA
MulDiv
SHGetFileInfoA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHFileOperationA
CharPrevA
GetMessagePos
EndPaint
SystemParametersInfoA
EndDialog
BeginPaint
PostQuitMessage
DefWindowProcA
GetClassInfoA
SetClassLongA
LoadBitmapA
SetWindowPos
GetSystemMetrics
IsWindow
AppendMenuA
GetWindowRect
DispatchMessageA
ScreenToClient
SetDlgItemTextA
MessageBoxIndirectA
LoadImageA
GetDlgItemTextA
PeekMessageA
SetWindowLongA
IsWindowEnabled
GetSysColor
CheckDlgButton
GetDC
FindWindowExA
DrawTextA
CreatePopupMenu
wsprintfA
DialogBoxParamA
SetClipboardData
IsWindowVisible
SendMessageA
CloseClipboard
GetClientRect
SetTimer
GetDlgItem
CreateDialogParamA
SetWindowTextA
EnableMenuItem
RegisterClassA
InvalidateRect
GetWindowLongA
SendMessageTimeoutA
CreateWindowExA
LoadCursorA
TrackPopupMenu
DestroyWindow
FillRect
ShowWindow
CharNextA
CallWindowProcA
GetSystemMenu
EmptyClipboard
EnableWindow
SetForegroundWindow
OpenClipboard
ExitWindowsEx
SetCursor
OleUninitialize
CoTaskMemFree
OleInitialize
CoCreateInstance
Number of PE resources by type
RT_ICON 7
RT_DIALOG 5
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 14
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2016:04:02 04:20:05+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
23552

LinkerVersion
6.0

EntryPoint
0x30fb

InitializedDataSize
120320

SubsystemVersion
4.0

ImageVersion
6.0

OSVersion
4.0

UninitializedDataSize
1024

File identification
MD5 78978b2224ad10ea4cefff6d4fcd8b79
SHA1 f30bace5c18b6e1c2f01dfb1ba7d5035e42c26e8
SHA256 3cf6a4ad6f60539c6d2c11f45a9403993c346bd4d4c87a4e3d7dd1cd357447af
ssdeep
24576:moYPpib5ti9iWCn7rg7386hVDX/z6PcNQeDuXEY/VqA+w/Bh3DG2p9VIxW1tV7iC:95MRC3g7jXr6yQeDhCVqA+KV62p9VIxu

authentihash 46e8a5e18f693075503b8fcf72beda640997996b2cb8c994c844350d8e7a90fb
imphash b76363e9cb88bf9390860da8e50999d2
File size 1.3 MB ( 1345553 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
nsis peexe overlay

VirusTotal metadata
First submission 2016-10-07 22:28:33 UTC ( 2 years, 5 months ago )
Last submission 2016-11-22 23:12:43 UTC ( 2 years, 4 months ago )
File names pico-8_0.1.9b_setup.exe
pico-8_0.1.9b_setup.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Deleted files
Created mutexes
Runtime DLLs