× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3fd55641b506c24d8f584be7491d069c64e8cbacc23dae989803573e22788938
File name: 85.exe
Detection ratio: 1 / 56
Analysis date: 2016-03-13 20:01:36 UTC ( 1 year, 7 months ago ) View latest
Antivirus Result Update
Qihoo-360 HEUR/QVM07.1.Malware.Gen 20160313
Ad-Aware 20160313
AegisLab 20160313
Yandex 20160313
AhnLab-V3 20160313
Alibaba 20160312
ALYac 20160313
Antiy-AVL 20160313
Arcabit 20160313
Avast 20160313
AVG 20160313
Avira (no cloud) 20160313
AVware 20160313
Baidu 20160310
Baidu-International 20160313
BitDefender 20160313
Bkav 20160312
ByteHero 20160313
CAT-QuickHeal 20160312
ClamAV 20160311
CMC 20160307
Comodo 20160313
Cyren 20160313
DrWeb 20160313
Emsisoft 20160313
ESET-NOD32 20160313
F-Prot 20160313
F-Secure 20160313
Fortinet 20160313
GData 20160313
Ikarus 20160313
Jiangmin 20160313
K7AntiVirus 20160313
K7GW 20160313
Kaspersky 20160313
Malwarebytes 20160313
McAfee 20160313
McAfee-GW-Edition 20160313
Microsoft 20160313
eScan 20160313
NANO-Antivirus 20160313
nProtect 20160311
Panda 20160313
Rising 20160313
Sophos AV 20160313
SUPERAntiSpyware 20160313
Symantec 20160310
Tencent 20160313
TheHacker 20160313
TrendMicro 20160313
TrendMicro-HouseCall 20160313
VBA32 20160313
VIPRE 20160313
ViRobot 20160313
Zillya 20160313
Zoner 20160313
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-08-03 16:27:51
Entry Point 0x00013208
Number of sections 4
PE sections
Overlays
MD5 26ea839142e820d579b0302f35ccbc6e
File type data
Offset 278528
Size 66682
Entropy 6.71
PE imports
GetDeviceCaps
CreateDCA
FillRgn
CreateRectRgn
CreateFontIndirectW
GetTextExtentPoint32A
GetRgnBox
EqualRgn
TextOutA
OffsetClipRgn
SetPixelV
CreateRoundRectRgn
PlayEnhMetaFile
PolyBezierTo
CreateFontW
__p__fmode
_ismbcspace
_mbsspn
clock
wcscoll
_adjust_fdiv
__getmainargs
fsetpos
_swab
_heapset
exit
modf
__lc_codepage
_initterm
__setusermatherr
__p__commode
__set_app_type
GetMessagePos
DdeAccessData
SetMenuDefaultItem
EnableScrollBar
DestroyMenu
PostQuitMessage
LoadBitmapA
SetWindowPos
OemToCharBuffA
CharUpperBuffW
GetWindowWord
GetDC
ChangeClipboardChain
GetCursorPos
DrawTextA
GetMenu
CharLowerBuffA
LoadAcceleratorsA
GetWindowTextLengthA
CopyAcceleratorTableW
ScrollWindow
MapVirtualKeyExA
DrawTextW
GetMenuItemID
PtInRect
GetMessageA
GetUserObjectInformationW
ShowWindow
SetClassLongA
GetMenuState
IsCharAlphaW
TranslateMDISysAccel
GetDlgItemTextA
TranslateMessage
GetWindow
GetDlgItemInt
CreateCursor
IsZoomed
GetWindowTextA
GetKeyboardLayoutList
IsWindow
GetWindowLongA
UnhookWinEvent
FillRect
GetSysColorBrush
GetGUIThreadInfo
IsChild
IsDialogMessageA
SetFocus
OffsetRect
GetScrollPos
CopyIcon
KillTimer
DefWindowProcA
GetScrollRange
CharLowerW
SetKeyboardState
WaitMessage
CreateDialogParamA
BringWindowToTop
InsertMenuA
FindWindowExA
LoadCursorA
IsDlgButtonChecked
DestroyAcceleratorTable
SetDlgItemInt
EnumDisplaySettingsW
FindWindowExW
DispatchMessageW
SetForegroundWindow
CreateDialogIndirectParamW
IntersectRect
GetScrollInfo
CreateDialogIndirectParamA
FindWindowA
DrawTextExA
RegisterClipboardFormatA
MoveWindow
LoadKeyboardLayoutW
MessageBoxA
AppendMenuW
DestroyCursor
DialogBoxParamA
GetSysColor
RegisterClipboardFormatW
CopyImage
SystemParametersInfoA
GetWindowModuleFileNameA
WinHelpW
SystemParametersInfoW
WinHelpA
GetClassNameW
AdjustWindowRect
CloseDesktop
CloseClipboard
GetDlgItemTextW
ModifyMenuA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerInstallFileA
VerQueryValueW
VerFindFileA
GetFileVersionInfoW
VerInstallFileW
Number of PE resources by type
RT_ICON 4
RT_GROUP_ICON 4
RT_VERSION 1
Number of PE resources by language
ENGLISH AUS 5
SPANISH GUATEMALA 4
PE resources
ExifTool file metadata
CodeSize
77824

FileDescription
Costars Furnishers Communicating

InitializedDataSize
745472

ImageVersion
0.0

ProductName
Countering Gingers

FileVersionNumber
0.200.112.122

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
Deaneryl.EXE

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
0.40.49.254

TimeStamp
2006:08:03 17:27:51+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Helpers

SubsystemVersion
4.0

ProductVersion
0.110.111.96

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright (C) 2016

MachineType
Intel 386 or later, and compatibles

CompanyName
The Privoxy team - www.privoxy.org

LegalTrademarks
Deactivates

FileSubtype
0

ProductVersionNumber
0.111.222.168

EntryPoint
0x13208

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 f445d9ac65445ac63f7b0cec90ac2b33
SHA1 4e1467346a72dfd6d998e2022f937e1f53db863d
SHA256 3fd55641b506c24d8f584be7491d069c64e8cbacc23dae989803573e22788938
ssdeep
6144:80ot3D87iBHkBebgggUjGIyh9+kAV9O4vY+hetQRFJyT5p2Ze1xw9Hv7bmx:8tI7iBl88jXyh9+kAayeqrJybNmpOx

authentihash 9ea6fdfa971c4d151aebfdaa192be902aa3256e8020a5e73117cee3dd479116e
imphash 9a01b531433c8105bf7e160401838b33
File size 337.1 KB ( 345210 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-03-13 19:36:47 UTC ( 1 year, 7 months ago )
Last submission 2017-08-07 21:18:02 UTC ( 2 months, 2 weeks ago )
File names 85.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!