× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 40967a2888e3fc650c5a747c1d97fe4c9605ce9cd37a015c54a233e8553de5a8
File name: eclipsemgr.exe
Detection ratio: 47 / 52
Analysis date: 2014-04-29 18:58:24 UTC ( 4 years, 12 months ago )
Antivirus Result Update
Ad-Aware Win32.Virtob.Gen.12 20140429
Yandex Win32.Virut.AB.Gen 20140429
AhnLab-V3 Win32/Virut.F 20140429
AntiVir W32/Virut.Gen 20140429
Avast Win32:Vitro 20140429
AVG SHeur3.BNDF 20140429
BitDefender Win32.Virtob.Gen.12 20140429
Bkav W32.Vetor.PE 20140428
CAT-QuickHeal W32.Virut.G 20140429
ClamAV Trojan.Ramnit-4 20140429
CMC Virus.Win32.Virut.1!O 20140429
Commtouch W32/Virut.E.gen!Eldorado 20140429
Comodo TrojWare.Win32.Kryptik.KLV 20140429
DrWeb Win32.Virut.56 20140429
Emsisoft Win32.Virtob.Gen.12 (B) 20140429
ESET-NOD32 Win32/Virut.NBP 20140429
F-Prot W32/Virut.E.gen!Eldorado 20140429
F-Secure Win32.Virtob.Gen.12 20140429
Fortinet W32/Kryptik.KLV!tr 20140428
GData Win32.Virtob.Gen.12 20140429
Ikarus Gen:Heur 20140429
Jiangmin Win32/Virut.bt 20140429
K7AntiVirus Backdoor ( 04c4cb8a1 ) 20140429
K7GW Backdoor ( 04c4cb8a1 ) 20140429
Kaspersky Virus.Win32.Virut.ce 20140429
Malwarebytes Spyware.Zbot 20140429
McAfee PWS-Zbot.gen.cy 20140429
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Suspicious-BAY.K 20140429
Microsoft Trojan:Win32/Ramnit 20140429
eScan Win32.Virtob.Gen.12 20140429
NANO-Antivirus Trojan.Win32.DownLoad2.csmmu 20140429
Norman Virut.HL 20140429
nProtect Virus/W32.Virut.Gen 20140429
Panda Generic Trojan 20140429
Qihoo-360 Virus.Win32.Virut.N 20140429
Rising PE:Win32.Virut.cx!1553679 20140429
Sophos AV W32/Scribble-B 20140429
SUPERAntiSpyware Trojan.Agent/Gen-FakeSecurity 20140429
Symantec W32.Virut.CF 20140429
TheHacker W32/Virtob.Gen(F) 20140429
TotalDefense Win32/Virut.17408 20140429
TrendMicro PE_VIRUX.R-3 20140429
TrendMicro-HouseCall PE_VIRUX.R-3 20140429
VBA32 Virus.Virut.14 20140428
VIPRE Virus.Win32.Virut.ce (v) 20140429
ViRobot Win32.Virut.AM 20140429
Zillya Virus.Virut.Win32.1939 20140429
AegisLab 20140429
Antiy-AVL 20140429
Baidu-International 20140429
ByteHero 20140429
Kingsoft 20140429
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2007 Avira GmbH. All rights reserved.

Publisher Avira GmbH
Internal name AntiVir/Win32
File version 7.6.0.59
Description AntiVir Command Line Scanner for Windows
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2008-01-18 18:00:26
Entry Point 0x00001705
Number of sections 6
PE sections
PE imports
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
IsTextUnicode
CreateBitmap
DeleteDC
EndDoc
SelectObject
CreateFontIndirectW
CreatePen
DeleteObject
RemoveFontResourceW
AddFontResourceW
BitBlt
GetROP2
GetTextMetricsW
GetTextExtentPoint32W
CreateCompatibleBitmap
OffsetWindowOrgEx
GetModuleFileNameW
FindResourceW
HeapAlloc
TlsAlloc
LoadLibraryA
GetLocalTime
GlobalSize
GetConsoleMode
UnhandledExceptionFilter
MultiByteToWideChar
GetProcAddress
InterlockedCompareExchange
lstrcpynW
GetTimeFormatW
FindNextFileW
GetACP
GetStringTypeW
GetLongPathNameW
ResumeThread
OpenEventW
FindClose
VirtualAlloc
LeaveCriticalSection
SetFocus
GetScrollPos
CreateCaret
DrawFrameControl
RemoveMenu
GetSystemMetrics
SetScrollRange
GetWindowRect
InflateRect
CharLowerW
GetDlgItemTextW
PostMessageW
CreateCursor
CreateDialogParamW
ShowScrollBar
EnableMenuItem
ScreenToClient
GetKeyboardState
LoadIconW
RealChildWindowFromPoint
InsertMenuW
CloseClipboard
GetSaveFileNameW
PrintDlgW
GetOpenFileNameW
ChooseColorW
OleDuplicateData
Number of PE resources by type
RT_ICON 3
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 6
PE resources
ExifTool file metadata
CodeSize
2048

SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileVersionNumber
7.6.0.59

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
105472

MIMEType
application/octet-stream

LegalCopyright
Copyright 2007 Avira GmbH. All rights reserved.

FileVersion
7.6.0.59

TimeStamp
2008:01:18 19:00:26+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
AntiVir/Win32

FileAccessDate
2014:04:29 19:57:26+01:00

ProductVersion
7.6.0.59

FileDescription
AntiVir Command Line Scanner for Windows

OSVersion
4.0

FileCreateDate
2014:04:29 19:57:26+01:00

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Avira GmbH

LegalTrademarks
AntiVir is a registered trademark of Avira GmbH, Germany

FileSubtype
0

ProductVersionNumber
7.6.0.59

EntryPoint
0x1705

ObjectFileType
Dynamic link library

File identification
MD5 4fa72eaf81ebd23cd355842dc390b2dd
SHA1 38a6ce2ca40b1cb49fa4ec0749369c4d1e86ac39
SHA256 40967a2888e3fc650c5a747c1d97fe4c9605ce9cd37a015c54a233e8553de5a8
ssdeep
3072:O7nnAQVG/LytaKItS/fiLKS+f5Aq7iWwcLCf9pD:QOTeHI8HiL7+f5c8Cf9pD

imphash 093a51e0b7dcb2466b7edfd78d191aa0
File size 184.5 KB ( 188928 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Windows Screen Saver (46.4%)
Win32 Dynamic Link Library (generic) (23.3%)
Win32 Executable (generic) (15.9%)
Generic Win/DOS Executable (7.1%)
DOS Executable Generic (7.0%)
Tags
peexe

VirusTotal metadata
First submission 2014-04-29 18:58:24 UTC ( 4 years, 12 months ago )
Last submission 2014-04-29 18:58:24 UTC ( 4 years, 12 months ago )
File names Win32
eclipsemgr.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!