× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4429f78f4e37374f9939a79a79e11c6a6e170e59480c476f298104af4275c66f
File name: CLIStart
Detection ratio: 0 / 61
Analysis date: 2017-03-18 10:36:55 UTC ( 2 years ago )
Antivirus Result Update
Ad-Aware 20170318
AegisLab 20170318
AhnLab-V3 20170317
Alibaba 20170228
ALYac 20170318
Antiy-AVL 20170318
Arcabit 20170318
Avast 20170318
AVG 20170318
Avira (no cloud) 20170318
AVware 20170318
Baidu 20170318
BitDefender 20170318
CAT-QuickHeal 20170317
ClamAV 20170318
CMC 20170317
Comodo 20170318
CrowdStrike Falcon (ML) 20170130
Cyren 20170318
DrWeb 20170318
Emsisoft 20170318
Endgame 20170317
ESET-NOD32 20170318
F-Prot 20170318
F-Secure 20170318
Fortinet 20170318
GData 20170318
Ikarus 20170318
Sophos ML 20170203
Jiangmin 20170318
K7AntiVirus 20170318
K7GW 20170317
Kaspersky 20170318
Kingsoft 20170318
Malwarebytes 20170318
McAfee 20170318
McAfee-GW-Edition 20170318
Microsoft 20170318
eScan 20170318
NANO-Antivirus 20170318
nProtect 20170318
Palo Alto Networks (Known Signatures) 20170318
Panda 20170318
Qihoo-360 20170318
Rising 20170318
SentinelOne (Static ML) 20170315
Sophos AV 20170318
SUPERAntiSpyware 20170318
Symantec 20170317
Tencent 20170318
TheHacker 20170318
TotalDefense 20170318
TrendMicro 20170318
TrendMicro-HouseCall 20170318
Trustlook 20170318
VBA32 20170317
VIPRE 20170318
ViRobot 20170318
Webroot 20170318
WhiteArmor 20170315
Yandex 20170317
Zillya 20170317
ZoneAlarm by Check Point 20170318
Zoner 20170318
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© 2008 Advanced Micro Devices, Inc.

Product Catalyst® Control Center
Original name CLIStart.exe
Internal name CLIStart
File version 3.5.0.0
Description Catalyst® Control Center Launcher
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-12-17 20:22:38
Entry Point 0x00001EBA
Number of sections 5
PE sections
PE imports
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
RegCloseKey
FreeSid
RegQueryValueExA
AddAccessAllowedAce
AllocateAndInitializeSid
InitializeSecurityDescriptor
InitializeAcl
RegCreateKeyExA
RegOpenKeyExA
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetModuleFileNameW
FreeLibrary
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
RtlUnwind
GetModuleFileNameA
WinExec
IsProcessorFeaturePresent
HeapSetInformation
GetCurrentProcess
GetStringTypeW
GetCurrentProcessId
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetStartupInfoW
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
HeapSize
ExitProcess
RaiseException
WideCharToMultiByte
LoadLibraryW
TlsFree
DeleteCriticalSection
SetUnhandledExceptionFilter
WriteFile
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
DecodePointer
GetModuleHandleW
GetOEMCP
TerminateProcess
IsValidCodePage
HeapCreate
TlsGetValue
Sleep
GetFileType
GetTickCount
TlsSetValue
EncodePointer
GetCurrentThreadId
LeaveCriticalSection
SetLastError
InterlockedIncrement
GetMessageA
KillTimer
SetTimer
MessageBoxExA
Number of PE resources by type
RT_ICON 6
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 9
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.5.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

CharacterSet
Unicode

InitializedDataSize
312832

EntryPoint
0x1eba

OriginalFileName
CLIStart.exe

MIMEType
application/octet-stream

LegalCopyright
2008 Advanced Micro Devices, Inc.

FileVersion
3.5.0.0

TimeStamp
2010:12:17 21:22:38+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
CLIStart

ProductVersion
3.5.0.0

FileDescription
Catalyst Control Center Launcher

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Advanced Micro Devices, Inc.

CodeSize
22528

ProductName
Catalyst Control Center

ProductVersionNumber
3.5.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 4ea312bc0a4fcd6bdb9f713fd3f0dc92
SHA1 22716ce53192df116719ecbd22561fccc508b780
SHA256 4429f78f4e37374f9939a79a79e11c6a6e170e59480c476f298104af4275c66f
ssdeep
3072:f/30yYpRWXwWLxhy8+xTB1l3trI+Eh7gkzzKTr6kvqRte0jPsQuHR:f/301GAWFhmxTB7drI/7gkzKTr6gQux

authentihash b19f0c5d0ef7dae93430f18cb8cd63fa1fe81d8a22f0f3247d821309036b5058
imphash d2c00e5a3a89e5be746baf17924bb2e6
File size 328.5 KB ( 336384 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2011-05-17 08:00:20 UTC ( 7 years, 10 months ago )
Last submission 2012-07-10 20:20:34 UTC ( 6 years, 8 months ago )
File names CLIStart.exe
CLISTART.EXE
CLIStart
CLIStart.exe
clistart.exe
CLIStart.exe
CLIStart.exe
CLIStart.exe
CLIStart.exe
clistart.exe
clistart.exe
F965434900BE254D22CE055565CF2B002F0DBDB1.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.