× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3d92d094ea1d1bd6f64b8de72d564dfb78194f31395eef00ea12c2f1289a4443
File name: Scriptm.exe
Detection ratio: 0 / 55
Analysis date: 2017-01-04 15:31:25 UTC ( 6 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware 20170104
AegisLab 20170104
AhnLab-V3 20170104
Alibaba 20170104
ALYac 20170104
Antiy-AVL 20170104
Arcabit 20170104
Avast 20170104
AVG 20170104
Avira (no cloud) 20170104
AVware 20170104
Baidu 20170104
BitDefender 20170104
Bkav 20170104
CAT-QuickHeal 20170104
ClamAV 20170104
CMC 20170104
Comodo 20170104
CrowdStrike Falcon (ML) 20161024
Cyren 20170104
DrWeb 20170104
Emsisoft 20170104
ESET-NOD32 20170104
F-Prot 20170104
F-Secure 20170104
Fortinet 20170104
GData 20170104
Ikarus 20170104
Sophos ML 20161216
Jiangmin 20170104
K7AntiVirus 20170104
K7GW 20170104
Kaspersky 20170104
Kingsoft 20170104
Malwarebytes 20170104
McAfee 20170104
McAfee-GW-Edition 20170104
Microsoft 20170104
eScan 20170104
NANO-Antivirus 20170104
nProtect 20170104
Panda 20170103
Qihoo-360 20170104
Rising 20170104
Sophos AV 20170104
SUPERAntiSpyware 20170104
Symantec 20170104
Tencent 20170104
TheHacker 20170102
TrendMicro-HouseCall 20170104
Trustlook 20170104
VBA32 20170103
VIPRE 20170104
ViRobot 20170104
WhiteArmor 20161221
Yandex 20170103
Zillya 20170104
Zoner 20170104
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2015 Romeolight., All rights reserved.

Product Romeolight Scriptm 6.4
Original name Scriptm.exe
Internal name Scriptm.exe
File version 6.4.0.0
Description Romeolight Scriptm
Comments Romeolight Scriptm version 6.4
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-04-29 10:47:51
Entry Point 0x002291AE
Number of sections 3
.NET details
Module Version ID 01b382b6-3dda-4673-af65-65c74b1a1d84
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 21
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 24
PE resources
ExifTool file metadata
LegalTrademarks
Romeolight Scriptm

SubsystemVersion
4.0

Comments
Romeolight Scriptm version 6.4

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.4.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Romeolight Scriptm

CharacterSet
Unicode

InitializedDataSize
299520

EntryPoint
0x2291ae

OriginalFileName
Scriptm.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2015 Romeolight., All rights reserved.

FileVersion
6.4.0.0

TimeStamp
2015:04:29 11:47:51+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Scriptm.exe

ProductVersion
6.4.0.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Romeolight Software

CodeSize
2257408

ProductName
Romeolight Scriptm 6.4

ProductVersionNumber
6.4.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
6.4.0.0

Compressed bundles
File identification
MD5 bc58437e40cb2a8ae9fc8023a80058ec
SHA1 a5773ed8cf95da4672c6c64d61bf2b3edf188328
SHA256 3d92d094ea1d1bd6f64b8de72d564dfb78194f31395eef00ea12c2f1289a4443
ssdeep
49152:RYMjpIT6LcsIROZy4ONPSDTBV9ZmQaGOU3fLBuq3OS:eUFIsZy4ONKDT2QaZU3Qq

authentihash 2e501cb0a41cdb3a911deea76b056ea7a2f27408b8f7fc6a2cfa03a64dab948f
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 2.4 MB ( 2557440 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2015-04-29 10:49:05 UTC ( 2 years, 2 months ago )
Last submission 2017-01-04 15:31:25 UTC ( 6 months, 2 weeks ago )
File names Romeolight Scriptm 6.4 6.4.0.0.exe
Scriptm.exe
Scriptm.exe
Scriptm.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!