× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 43637ed26673b0593b0bed0822d549a34e97faadfcf7dc00b3f4ca1e96a27082
File name: Quickbar.EXE
Detection ratio: 0 / 72
Analysis date: 2019-03-30 00:57:16 UTC ( 1 month, 3 weeks ago )
Antivirus Result Update
Acronis 20190327
Ad-Aware 20190329
AegisLab 20190329
AhnLab-V3 20190329
Alibaba 20190306
ALYac 20190329
Antiy-AVL 20190329
Arcabit 20190329
Avast 20190329
Avast-Mobile 20190329
AVG 20190329
Avira (no cloud) 20190329
Babable 20180918
Baidu 20190318
BitDefender 20190329
Bkav 20190329
CAT-QuickHeal 20190329
ClamAV 20190329
CMC 20190321
Comodo 20190330
CrowdStrike Falcon (ML) 20190212
Cybereason 20190327
Cylance 20190330
Cyren 20190329
DrWeb 20190329
eGambit 20190330
Emsisoft 20190329
Endgame 20190322
ESET-NOD32 20190329
F-Prot 20190329
F-Secure 20190329
FireEye 20190329
Fortinet 20190329
GData 20190329
Ikarus 20190329
Sophos ML 20190313
Jiangmin 20190329
K7AntiVirus 20190329
K7GW 20190329
Kaspersky 20190329
Kingsoft 20190330
Malwarebytes 20190329
MAX 20190330
McAfee 20190329
McAfee-GW-Edition 20190329
Microsoft 20190329
eScan 20190329
NANO-Antivirus 20190329
Palo Alto Networks (Known Signatures) 20190330
Panda 20190329
Qihoo-360 20190330
Rising 20190329
SentinelOne (Static ML) 20190317
Sophos AV 20190329
SUPERAntiSpyware 20190327
Symantec 20190329
Symantec Mobile Insight 20190325
TACHYON 20190330
Tencent 20190330
TheHacker 20190327
TotalDefense 20190327
Trapmine 20190325
TrendMicro 20190329
TrendMicro-HouseCall 20190329
Trustlook 20190330
VBA32 20190329
VIPRE 20190329
ViRobot 20190329
Webroot 20190330
Yandex 20190329
Zillya 20190329
ZoneAlarm by Check Point 20190329
Zoner 20190329
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Konst Popov 2002-2006

File version 1.0
Description VisualSoft Visual QuickBar
Packers identified
F-PROT nameless, appended, ZIP
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2001-10-25 19:47:11
Entry Point 0x000021AF
Number of sections 4
PE sections
Overlays
MD5 01a9a802e1a0a19ac7f59ea1b06d974f
File type data
Offset 14848
Size 1096712
Entropy 8.00
PE imports
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
GetDeviceCaps
SelectPalette
SelectObject
PatBlt
CreateFontA
CreatePalette
GetStockObject
TextOutA
CreateSolidBrush
SetBkMode
DeleteObject
RealizePalette
SetTextColor
StretchDIBits
GetLastError
lstrlenA
GlobalFree
FreeLibrary
ExitProcess
GetVersionExA
GlobalUnlock
GetModuleFileNameA
LoadLibraryA
WinExec
OpenFile
GetCurrentProcess
_lwrite
lstrcatA
GetWindowsDirectoryA
SetErrorMode
_llseek
GetCommandLineA
GetProcAddress
_lread
GetTempPathA
_lcreat
_lclose
GetModuleHandleA
lstrcpyA
_lopen
MulDiv
GetTempFileNameA
GlobalLock
LocalFree
GlobalAlloc
FormatMessageA
DrawTextA
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
ReleaseDC
EndPaint
BeginPaint
MessageBoxA
ExitWindowsEx
SendMessageA
GetClientRect
SetTimer
SetWindowPos
PostQuitMessage
DefWindowProcA
ShowWindow
UpdateWindow
wsprintfA
GetDC
InvalidateRect
PE exports
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
5632

ImageVersion
4.0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit, Removable run from swap

CharacterSet
Windows, Latin1

LinkerVersion
6.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0

TimeStamp
2001:10:25 19:47:11+00:00

FileType
Win32 EXE

PEType
PE32

FileDescription
VisualSoft Visual QuickBar

OSVersion
4.0

FileOS
Windows 16-bit

LegalCopyright
Copyright Konst Popov 2002-2006

MachineType
Intel 386 or later, and compatibles

CompanyName
VisualSoft

CodeSize
8704

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x21af

ObjectFileType
Executable application

Execution parents
File identification
MD5 e4493e27f13bd69266af5e2dd6cd968c
SHA1 06a586819d12afbe0a3a1fae72c1475201e96f5d
SHA256 43637ed26673b0593b0bed0822d549a34e97faadfcf7dc00b3f4ca1e96a27082
ssdeep
24576:ZkyRkFkfb2ezr4l33lGxSAgp2+hFxIrV+giZh4b3+O9istQrBTi+As:Zk9KT2ezr0luST2exBZebLerBTlD

authentihash 41ebd9d8e72eabc0f2f7a2282ea0313b106f2f70eec8d7b07de8ebacb692e484
imphash e41c25ab7824b3df73334188c40518ae
File size 1.1 MB ( 1111560 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Wise Installer executable (91.3%)
Win64 Executable (generic) (5.3%)
Win32 Dynamic Link Library (generic) (1.2%)
Win32 Executable (generic) (0.8%)
OS/2 Executable (generic) (0.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2009-06-19 09:33:21 UTC ( 9 years, 11 months ago )
Last submission 2016-02-17 00:17:11 UTC ( 3 years, 3 months ago )
File names 311481
Quickbar.EXE
43637ED26673B0593B0BED0822D549A34E97FAADFCF7DC00B3F4CA1E96A27082
Quickbar.EXE
1360472965-Quickbar.EXE
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!