× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 412988025cc16b0d7544f312e97c9b6c0d7b08c7b9bcd78dd9b7d68c0becb241
File name: MG.exe
Detection ratio: 23 / 54
Analysis date: 2014-10-13 12:13:26 UTC ( 4 years, 5 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Symmi.19084 20141013
Yandex Trojan.Agent!ugYSF79GDxU 20141012
AhnLab-V3 Trojan/Win32.Gen 20141013
Avast Win32:Malware-gen 20141013
Avira (no cloud) TR/Symmi.20766.2 20141013
AVware Trojan.Win32.Generic!BT 20141013
BitDefender Gen:Variant.Symmi.19084 20141013
Bkav W32.Clodb4a.Trojan.9641 20141011
Comodo UnclassifiedMalware 20141013
Cyren W32/Trojan.BSMT-8774 20141013
Emsisoft Gen:Variant.Symmi.19084 (B) 20141013
F-Secure Gen:Variant.Symmi.19084 20141013
GData Gen:Variant.Symmi.19084 20141013
Ikarus Win32.SuspectCrc 20141013
Jiangmin Trojan/Genome.hky 20141012
McAfee Artemis!E818B7C96AD3 20141013
McAfee-GW-Edition BehavesLike.Win32.Backdoor.cc 20141013
Norman Troj_Generic.SRCTC 20141013
Qihoo-360 HEUR/Malware.QVM18.Gen 20141013
Symantec Trojan.Gen.2 20141013
TrendMicro TROJ_GEN.R0CBC0OE514 20141013
TrendMicro-HouseCall TROJ_GEN.R0CBC0OE514 20141013
VIPRE Trojan.Win32.Generic!BT 20141013
AegisLab 20141013
Antiy-AVL 20141013
AVG 20141013
Baidu-International 20141013
ByteHero 20141013
CAT-QuickHeal 20141013
ClamAV 20141013
DrWeb 20141013
ESET-NOD32 20141013
F-Prot 20141013
Fortinet 20141013
K7AntiVirus 20141010
K7GW 20141011
Kaspersky 20141013
Kingsoft 20141013
Malwarebytes 20141013
Microsoft 20141013
eScan 20141013
NANO-Antivirus 20141013
nProtect 20141013
Panda 20141013
Rising 20141013
Sophos AV 20141013
SUPERAntiSpyware 20141011
Tencent 20141013
TheHacker 20141010
TotalDefense 20141013
VBA32 20141013
ViRobot 20141013
Zillya 20141013
Zoner 20141010
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1998-1999 Harri Pyy

Publisher Harri Pyy
Product Virtual Magnifying Glass® for Windows
Original name Magnifying Glass.exe
Internal name Magnifier
File version 1.01
Description Virtual Magnifying Glass® for Windows
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1999-01-25 08:21:57
Entry Point 0x00049142
Number of sections 3
PE sections
PE imports
RegCloseKey
BitBlt
GetProcAddress
GetModuleHandleA
Shell_NotifyIconA
Number of PE resources by type
RT_ICON 5
RT_BITMAP 4
RT_GROUP_ICON 2
RT_DIALOG 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
FINNISH DEFAULT 14
PE resources
ExifTool file metadata
LegalTrademarks
Virtual Magnifying Glass for Windows

FileDescription
Virtual Magnifying Glass for Windows

InitializedDataSize
202752

ImageVersion
0.0

ProductName
Virtual Magnifying Glass for Windows

FileVersionNumber
1.0.0.1

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
5.0

OriginalFilename
Magnifying Glass.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.01

TimeStamp
1999:01:25 09:21:57+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Magnifier

SubsystemVersion
4.0

FileAccessDate
2014:10:13 13:15:50+01:00

ProductVersion
1.01

UninitializedDataSize
0

OSVersion
4.0

FileCreateDate
2014:10:13 13:15:50+01:00

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 1998-1999 Harri Pyy

MachineType
Intel 386 or later, and compatibles

CompanyName
Harri Pyy

CodeSize
79360

FileSubtype
0

ProductVersionNumber
1.0.0.1

EntryPoint
0x49142

ObjectFileType
Executable application

File identification
MD5 e818b7c96ad3138fd9f646d441c70eff
SHA1 5885dd1895083f852ca519bcdecd7cc918d5261c
SHA256 412988025cc16b0d7544f312e97c9b6c0d7b08c7b9bcd78dd9b7d68c0becb241
ssdeep
1536:MT3PuxX0m2AsF/Y5OMXxEs7EspWDd6iFIXBxx/44we9/srQLbaCuzihbMaeIT5vn:N0m3O/QrTDPoSDX9nOnzihIodaE

authentihash d1bbd07c64c453b82e12c7f75859e004f72f2bc2e7a648fb7959e256f61b5147
imphash 755ee919103a08ff15996b380eaea40a
File size 104.5 KB ( 107008 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe usb-autorun mz

VirusTotal metadata
First submission 2013-11-28 03:37:49 UTC ( 5 years, 3 months ago )
Last submission 2014-10-13 12:13:26 UTC ( 4 years, 5 months ago )
File names mg.exe
Magnifier
MG.exe
Magnifying Glass.exe
vt-upload-ZaC_8
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!