× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3f7fb301bc6a9788eb3c10350835a8fac687135ef015fc72f5fdb36ea99a4af7
File name: plugin.exe
Detection ratio: 12 / 57
Analysis date: 2016-09-27 11:28:51 UTC ( 2 years, 4 months ago ) View latest
Antivirus Result Update
Avast Win32:Malware-gen 20160927
Avira (no cloud) TR/Crypt.Xpack.gzgqh 20160927
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160927
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20160725
ESET-NOD32 a variant of Win32/Kryptik.FGWL 20160927
Sophos ML virus.win32.sality.at 20160917
Kaspersky Trojan-Banker.Win32.Tuhkit.dq 20160927
McAfee Artemis!0EEEA1597583 20160923
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.dh 20160926
Qihoo-360 Win32/Trojan.622 20160927
Symantec Trojan Horse 20160927
Tencent Win32.Trojan.Kryptik.Kqg 20160927
Ad-Aware 20160927
AegisLab 20160927
AhnLab-V3 20160927
Alibaba 20160927
ALYac 20160927
Antiy-AVL 20160927
Arcabit 20160927
AVG 20160927
AVware 20160927
BitDefender 20160927
Bkav 20160926
CAT-QuickHeal 20160927
ClamAV 20160927
CMC 20160921
Comodo 20160927
Cyren 20160927
DrWeb 20160927
Emsisoft 20160927
F-Prot 20160926
F-Secure 20160927
Fortinet 20160927
GData 20160927
Ikarus 20160927
Jiangmin 20160927
K7AntiVirus 20160927
K7GW 20160927
Kingsoft 20160927
Malwarebytes 20160927
Microsoft 20160927
eScan 20160927
NANO-Antivirus 20160927
nProtect 20160927
Panda 20160926
Rising 20160927
Sophos AV 20160927
SUPERAntiSpyware 20160927
TheHacker 20160927
TrendMicro 20160927
TrendMicro-HouseCall 20160927
VBA32 20160926
VIPRE 20160927
ViRobot 20160927
Yandex 20160926
Zillya 20160926
Zoner 20160927
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2011 Nir Sofer

Product ChromeCookiesView
Original name ChromeCookiesView.exe
Internal name ChromeCookiesView
File version 1.02
Description ChromeCookiesView
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-08-26 08:40:06
Entry Point 0x00003AF9
Number of sections 4
PE sections
PE imports
OffsetViewportOrgEx
PlayMetaFile
DefineDosDeviceW
HeapFree
GetStdHandle
EnterCriticalSection
GetConsoleOutputCP
SetHandleCount
GetSystemInfo
GetModuleFileNameW
GetLastError
GetConsoleCP
GetOEMCP
GetEnvironmentStringsW
HeapDestroy
ExitProcess
GetThreadLocale
TlsAlloc
GetVersionExA
VirtualProtect
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
LoadLibraryExA
GetEnvironmentStrings
GetConsoleMode
GetLocaleInfoA
LocalAlloc
LCMapStringW
WriteConsoleW
LoadLibraryExW
LCMapStringA
GetCPInfo
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FatalAppExitA
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetStringTypeA
DebugBreak
GetProcessHeap
SetStdHandle
CompareStringW
WideCharToMultiByte
TlsFree
SetFilePointer
LeaveCriticalSection
GetModuleHandleA
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
HeapValidate
CompareStringA
GetSystemTimeAsFileTime
OutputDebugStringA
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
HeapAlloc
LocalFree
TerminateProcess
QueryPerformanceCounter
WriteConsoleA
InitializeCriticalSection
HeapCreate
VirtualQuery
VirtualFree
OutputDebugStringW
InterlockedDecrement
GetFileType
TlsSetValue
CreateFileA
GetTickCount
GetCurrentThreadId
InterlockedIncrement
VirtualAlloc
GetCurrentProcessId
SetLastError
CloseHandle
SendDlgItemMessageA
GetSystemMetrics
SetWindowTextA
LoadStringA
EndDialog
SetDlgItemTextA
CharNextA
GetDesktopWindow
MessageBoxA
GetWindowRect
GetDlgItem
SetForegroundWindow
MessageBeep
ExitWindowsEx
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
HEBREW DEFAULT 2
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
267776

ImageVersion
0.0

ProductName
ChromeCookiesView

FileVersionNumber
1.0.2.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ChromeCookiesView

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
exe

OriginalFileName
ChromeCookiesView.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.02

TimeStamp
2016:08:26 09:40:06+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
ChromeCookiesView

ProductVersion
1.02

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 2011 Nir Sofer

MachineType
Intel 386 or later, and compatibles

CompanyName
NirSoft

CodeSize
89600

FileSubtype
0

ProductVersionNumber
1.0.2.0

EntryPoint
0x3af9

ObjectFileType
Executable application

File identification
MD5 0eeea15975831ae01064bbe2452ad39f
SHA1 d72feaae3933bf19d53a0c60b40cd40647a254a5
SHA256 3f7fb301bc6a9788eb3c10350835a8fac687135ef015fc72f5fdb36ea99a4af7
ssdeep
6144:XLK4eqauh+pNxKKq/tKrM+N1ieXOvkMifNgMaamZV:XLK+a/NxKKq/tKrM+2mO8S

authentihash e2605153c00d97626333905f8f6da7ae08e0c068168a9d5ad64cb1eba00eb8a1
imphash c4d4378355611dd09e214261d6278461
File size 267.0 KB ( 273408 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-09-27 10:51:19 UTC ( 2 years, 4 months ago )
Last submission 2016-09-27 11:28:51 UTC ( 2 years, 4 months ago )
File names ChromeCookiesView.exe
ChromeCookiesView
rad16262.tmp
plugin.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications