× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 42b53ffd55c1c40785aa0bbba04e68422e5ae2cf657f627f93a8379da5cc8018
File name: Internet Download Manager
Detection ratio: 1 / 58
Analysis date: 2016-08-31 09:57:03 UTC ( 2 years, 3 months ago )
Antivirus Result Update
Comodo Heur.Suspicious 20160831
Ad-Aware 20160831
AegisLab 20160831
AhnLab-V3 20160831
Alibaba 20160831
ALYac 20160831
Antiy-AVL 20160831
Arcabit 20160831
Avast 20160831
AVG 20160831
Avira (no cloud) 20160831
AVware 20160831
Baidu 20160831
BitDefender 20160831
Bkav 20160831
CAT-QuickHeal 20160831
ClamAV 20160831
CMC 20160830
CrowdStrike Falcon (ML) 20160725
Cyren 20160831
DrWeb 20160831
Emsisoft 20160831
ESET-NOD32 20160831
F-Prot 20160831
F-Secure 20160831
Fortinet 20160831
GData 20160831
Ikarus 20160831
Sophos ML 20160830
Jiangmin 20160831
K7AntiVirus 20160831
K7GW 20160831
Kaspersky 20160831
Kingsoft 20160831
Malwarebytes 20160831
McAfee 20160831
McAfee-GW-Edition 20160831
Microsoft 20160831
eScan 20160831
NANO-Antivirus 20160831
nProtect 20160831
Panda 20160831
Qihoo-360 20160831
Rising 20160831
Sophos AV 20160831
SUPERAntiSpyware 20160831
Symantec 20160831
Tencent 20160831
TheHacker 20160829
TotalDefense 20160831
TrendMicro 20160831
TrendMicro-HouseCall 20160831
VBA32 20160831
VIPRE 20160831
ViRobot 20160831
Yandex 20160831
Zillya 20160831
Zoner 20160831
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Tonec Inc., Copyright © 1999 - 2013

Product Internet Download Manager (IDM)
Original name IDMan.exe
Internal name Internet Download Manager
File version 6, 15, 3, 3
Description Internet Download Manager (IDM)
Comments http://www.internetdownloadmanager.com
Signature verification The digital signature of the object did not verify.
Signing date 7:16 PM 8/31/2016
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-02-21 07:33:15
Entry Point 0x001A708F
Number of sections 4
PE sections
Overlays
MD5 bc933cf3824a5375ae6c6b9bbec317e9
File type data
Offset 3559424
Size 6008
Entropy 7.23
PE imports
RegDeleteKeyA
RegCreateKeyExW
LookupPrivilegeValueA
RegCloseKey
RegCreateKeyExA
OpenServiceA
GetUserNameA
RegQueryValueExA
AdjustTokenPrivileges
RegNotifyChangeKeyValue
RegQueryValueExW
CloseServiceHandle
RegFlushKey
GetSidSubAuthority
OpenProcessToken
RegEnumKeyA
RegEnumValueA
GetTokenInformation
RegLoadKeyA
RegRestoreKeyA
GetUserNameW
RegOpenKeyExA
GetSidSubAuthorityCount
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteValueW
RegSaveKeyA
RegSetValueExW
RegSetValueExA
RegDeleteValueA
OpenSCManagerA
PropertySheetA
ImageList_BeginDrag
ImageList_Destroy
ImageList_AddMasked
ImageList_Create
ImageList_Draw
DestroyPropertySheetPage
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_DragMove
ImageList_Remove
Ord(17)
ImageList_EndDrag
ImageList_GetIcon
CreatePropertySheetPageA
Ord(8)
ImageList_DragEnter
ImageList_Add
GetWindowExtEx
SetMapMode
CreateFontIndirectW
SetBkMode
PatBlt
SetStretchBltMode
SaveDC
TextOutA
CreateFontIndirectA
GetTextMetricsA
CreateRectRgnIndirect
LPtoDP
CombineRgn
GetClipBox
GetObjectA
ExcludeClipRect
OffsetViewportOrgEx
DeleteDC
RestoreDC
GetMapMode
SelectObject
DeleteObject
IntersectClipRect
BitBlt
GetCharWidthA
CreateDIBSection
SetTextColor
CreatePatternBrush
GetDeviceCaps
CreateFontA
CreateBitmap
RectVisible
GetStockObject
CreateDIBitmap
SetViewportOrgEx
ScaleWindowExtEx
SetBkColor
ExtTextOutA
PtVisible
GetDIBits
GetTextExtentPointA
SelectClipRgn
EnumFontFamiliesExA
StretchBlt
StretchDIBits
ScaleViewportExtEx
CreateRectRgn
SetViewportExtEx
CreateCompatibleBitmap
SetWindowExtEx
GetTextColor
CreateSolidBrush
DPtoLP
Escape
GetViewportExtEx
CopyMetaFileA
GetBkColor
SetRectRgn
CreateCompatibleDC
GetStdHandle
ReleaseMutex
FileTimeToSystemTime
CreateFileMappingA
GetFileAttributesA
SetEvent
HeapDestroy
GetFileAttributesW
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetDiskFreeSpaceA
GetCurrentDirectoryA
GetLocaleInfoA
LocalAlloc
lstrcatA
SetErrorMode
GetFileInformationByHandle
SetStdHandle
GetFileTime
FindResourceExA
WideCharToMultiByte
LoadLibraryW
GetStringTypeA
GetProcessVersion
WriteFile
WaitForSingleObject
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
FreeLibrary
LocalFree
MoveFileA
ResumeThread
GetExitCodeProcess
GetEnvironmentVariableA
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
GetProfileIntA
SetLastError
PeekNamedPipe
DeviceIoControl
InitializeCriticalSection
CopyFileW
GetUserDefaultLangID
RemoveDirectoryW
GlobalFindAtomA
HeapAlloc
GetVersionExA
RemoveDirectoryA
GetVolumeInformationA
SetThreadPriority
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FormatMessageA
CreateMutexA
SetFilePointer
CreateThread
SetEnvironmentVariableW
MoveFileExW
GetSystemDirectoryW
GlobalAddAtomA
SetUnhandledExceptionFilter
GetCurrentProcess
MulDiv
ExitThread
SetEnvironmentVariableA
TerminateProcess
SetCurrentDirectoryW
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
MoveFileW
HeapFree
EnterCriticalSection
GetSystemTime
SetHandleCount
lstrcmpiA
GetOEMCP
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetSystemDirectoryA
GlobalSize
GetStartupInfoA
UnlockFile
GetWindowsDirectoryW
GetFileSize
GlobalDeleteAtom
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetFileAttributesA
CreateDirectoryW
DeleteFileW
GlobalLock
GetProcessHeap
CompareStringW
GlobalReAlloc
GetModuleFileNameW
FreeEnvironmentStringsW
lstrcmpA
FindFirstFileA
lstrcpyA
GetProfileStringA
CompareStringA
GetComputerNameA
FindFirstFileW
DuplicateHandle
WaitForMultipleObjects
GetProcAddress
GetModuleFileNameA
GetTimeZoneInformation
CreateFileW
CreateEventA
CopyFileA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LocalReAlloc
SystemTimeToFileTime
LCMapStringW
UnmapViewOfFile
lstrlenA
GlobalFree
LCMapStringA
GlobalGetAtomNameA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
CreateProcessW
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentDirectoryW
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
SetFileTime
GetCPInfo
HeapSize
GetCommandLineA
CloseHandle
GetCurrentThread
OpenMutexA
SuspendThread
GetSystemDefaultLangID
RaiseException
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
GetDiskFreeSpaceW
GlobalFlags
FindNextFileW
lstrcpynA
GetACP
GetVersion
SizeofResource
CreateProcessA
HeapCreate
SleepEx
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
VirtualAlloc
ResetEvent
VariantChangeType
VariantTimeToSystemTime
SafeArrayGetUBound
SysAllocStringLen
SysStringLen
VariantClear
SysAllocString
VariantCopy
LoadTypeLibEx
SafeArrayGetLBound
LoadTypeLib
SysFreeString
SysAllocStringByteLen
SafeArrayGetElement
Ord(253)
SHGetFileInfoA
ShellExecuteExA
SHBrowseForFolderA
SHBrowseForFolderW
SHFileOperationW
ShellExecuteW
SHGetPathFromIDListW
FindExecutableW
ShellExecuteExW
SHGetFileInfoW
SHGetDesktopFolder
SHGetPathFromIDListA
SHFileOperationA
SHGetMalloc
ShellExecuteA
Shell_NotifyIconA
SetFocus
SetDlgItemTextA
GetMessagePos
SetMenuItemBitmaps
DrawStateA
MoveWindow
DestroyMenu
PostQuitMessage
GetForegroundWindow
LoadBitmapA
SetWindowPos
IsWindow
SetTimer
DispatchMessageA
EndPaint
GrayStringA
WindowFromPoint
CopyRect
GetMessageTime
SetActiveWindow
GetMenuItemID
GetCursorPos
MapDialogRect
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
IsClipboardFormatAvailable
SendMessageA
GetClientRect
DrawTextW
LoadImageW
GetNextDlgTabItem
CallNextHookEx
GetWindowTextLengthA
CopyAcceleratorTableA
GetTopWindow
GetWindowTextW
LockWindowUpdate
GetWindowTextLengthW
MsgWaitForMultipleObjects
GetActiveWindow
GetWindowTextA
DestroyWindow
GetMessageA
GetParent
UpdateWindow
SetPropA
EqualRect
EnumWindows
ExcludeUpdateRgn
ShowWindow
DrawFrameControl
GetNextDlgGroupItem
GetMenuState
EnableWindow
LoadImageA
GetDlgItemTextA
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
GetDlgItemInt
LoadStringA
SetParent
GetWindowPlacement
IsIconic
RegisterClassA
TabbedTextOutA
GetWindowLongA
CreateWindowExA
FillRect
CharNextA
DeferWindowPos
IsWindowUnicode
CreateWindowExW
ReleaseDC
GetSubMenu
IsChild
IsDialogMessageA
MapWindowPoints
PostMessageA
BeginPaint
OffsetRect
DefWindowProcW
DrawIcon
CopyIcon
ShowCaret
KillTimer
RegisterWindowMessageA
DefWindowProcA
CheckMenuRadioItem
SetClipboardViewer
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
SetWindowLongA
IsRectEmpty
InvalidateRect
CreateDialogParamW
RemovePropA
CreatePopupMenu
CheckMenuItem
DrawFocusRect
GetLastActivePopup
PtInRect
DrawIconEx
SetWindowTextW
GetDCEx
GetDlgItem
GetMenuCheckMarkDimensions
CreateDialogParamA
ClientToScreen
GetClassLongA
GetCapture
LoadCursorA
LoadIconA
TrackPopupMenu
SetWindowsHookExA
GetMenuItemCount
SetDlgItemInt
GetDC
SetForegroundWindow
ExitWindowsEx
PostThreadMessageA
GetAsyncKeyState
DrawTextA
IntersectRect
EndDialog
HideCaret
SetWindowContextHelpId
CreateDialogIndirectParamA
ScreenToClient
FindWindowA
MessageBeep
RemoveMenu
GetSysColorBrush
BeginDeferWindowPos
MessageBoxW
SendMessageW
GetPropA
UnhookWindowsHookEx
RegisterClipboardFormatA
SetRectEmpty
MessageBoxA
AppendMenuW
GetWindowDC
ChangeClipboardChain
AdjustWindowRectEx
GetSysColor
SetDlgItemTextW
GetKeyState
EndDeferWindowPos
SystemParametersInfoA
DestroyIcon
IsWindowVisible
GetDesktopWindow
SetCursorPos
SystemParametersInfoW
WinHelpA
UnionRect
FrameRect
SetRect
DeleteMenu
AppendMenuA
wsprintfA
SetWindowTextA
DefDlgProcA
ModifyMenuW
ValidateRect
CallWindowProcA
GetClassNameA
GetFocus
wsprintfW
ModifyMenuA
SetCursor
InternetCanonicalizeUrlW
InternetSetCookieA
InternetCombineUrlA
InternetGetCookieA
GetUrlCacheEntryInfoW
InternetCanonicalizeUrlA
InternetCrackUrlA
OpenPrinterA
DocumentPropertiesA
ClosePrinter
htonl
accept
ioctlsocket
WSAStartup
connect
getsockname
htons
WSASetLastError
WSAGetLastError
getsockopt
recv
ntohl
send
ntohs
select
listen
__WSAFDIsSet
WSACleanup
gethostbyname
inet_ntoa
closesocket
socket
bind
GetOpenFileNameA
GetFileTitleA
GetSaveFileNameW
GetSaveFileNameA
OleUninitialize
CoUninitialize
DoDragDrop
StgOpenStorageOnILockBytes
StringFromGUID2
CreateStreamOnHGlobal
OleFlushClipboard
ReleaseStgMedium
RegisterDragDrop
RevokeDragDrop
CoRegisterMessageFilter
OleGetClipboard
OleDuplicateData
CLSIDFromString
CreateILockBytesOnHGlobal
CoGetClassObject
CoRegisterClassObject
CoInitialize
OleInitialize
CoLockObjectExternal
CoCreateInstance
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CLSIDFromProgID
CoFreeUnusedLibraries
CoDisconnectObject
CoGetObject
OleIsCurrentClipboard
CoTaskMemFree
Number of PE resources by type
RT_DIALOG 96
RT_BITMAP 75
RT_ICON 40
RT_STRING 32
RT_GROUP_ICON 24
Struct(240) 3
Struct(241) 2
RT_MENU 2
RT_CURSOR 2
RT_GROUP_CURSOR 1
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 278
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
CodeSize
2011136

SubsystemVersion
4.0

Comments
http://www.internetdownloadmanager.com

InitializedDataSize
1568768

ImageVersion
0.0

ProductName
Internet Download Manager (IDM)

FileVersionNumber
6.15.3.3

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
IDMan.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6, 15, 3, 3

TimeStamp
2013:02:21 08:33:15+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Internet Download Manager

ProductVersion
6, 15, 3, 3

FileDescription
Internet Download Manager (IDM)

OSVersion
4.0

FileOS
Win32

LegalCopyright
Tonec Inc., Copyright 1999 - 2013

MachineType
Intel 386 or later, and compatibles

CompanyName
Tonec Inc.

LegalTrademarks
Internet Download Manager

FileSubtype
0

ProductVersionNumber
6.15.3.3

EntryPoint
0x1a708f

ObjectFileType
Executable application

File identification
MD5 e01c2a6ad3a60e8d6b5bcf6e8dbcc889
SHA1 02f8be87c8bf635443e11efc9824a02eb69c6d17
SHA256 42b53ffd55c1c40785aa0bbba04e68422e5ae2cf657f627f93a8379da5cc8018
ssdeep
49152:2mmeSEmvk/rcbZ0c6lrpZrqcLi1dNCX8XqPc9JfQ414+w58:2mZFmvmrCZQ/YR1dNqHPc9Jf5uq

authentihash d1b499639408ca51ddbd74479a21ee80a76dc2173919166e9f37100be6044a35
imphash 70b98e42a44a7454045778514185df36
File size 3.4 MB ( 3565432 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (38.7%)
Win64 Executable (generic) (34.3%)
Windows screen saver (16.2%)
Win32 Executable (generic) (5.6%)
Generic Win/DOS Executable (2.4%)
Tags
peexe armadillo overlay

VirusTotal metadata
First submission 2013-02-23 19:10:08 UTC ( 5 years, 9 months ago )
Last submission 2013-03-06 23:23:45 UTC ( 5 years, 9 months ago )
File names file-5227997_exe
Internet Download Manager
IDMan.exe
IDMan.exe
idman.exe
idman.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Set keys
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
UDP communications