× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 448f6982bb7f77d244c7220165140a664f7bd7d5aed027a28b3dbe90357642b4
File name: Rambox.Setup.0.5.17-ia32.exe
Detection ratio: 0 / 67
Analysis date: 2018-08-20 17:21:00 UTC ( 8 months ago )
Antivirus Result Update
Ad-Aware 20180820
AegisLab 20180820
AhnLab-V3 20180820
Alibaba 20180713
ALYac 20180820
Antiy-AVL 20180820
Arcabit 20180820
Avast 20180820
Avast-Mobile 20180820
AVG 20180820
Avira (no cloud) 20180820
AVware 20180820
Babable 20180725
Baidu 20180820
BitDefender 20180820
Bkav 20180820
CAT-QuickHeal 20180820
ClamAV 20180820
CMC 20180817
Comodo 20180820
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180820
Cyren 20180820
DrWeb 20180820
eGambit 20180820
Emsisoft 20180820
Endgame 20180730
ESET-NOD32 20180820
F-Prot 20180820
F-Secure 20180820
Fortinet 20180820
GData 20180820
Ikarus 20180820
Sophos ML 20180717
Jiangmin 20180820
K7AntiVirus 20180820
K7GW 20180820
Kaspersky 20180820
Kingsoft 20180820
Malwarebytes 20180820
MAX 20180820
McAfee 20180820
McAfee-GW-Edition 20180820
Microsoft 20180820
eScan 20180820
NANO-Antivirus 20180820
Palo Alto Networks (Known Signatures) 20180820
Panda 20180820
Qihoo-360 20180820
Rising 20180820
SentinelOne (Static ML) 20180701
Sophos AV 20180820
SUPERAntiSpyware 20180820
Symantec 20180820
Symantec Mobile Insight 20180814
TACHYON 20180820
Tencent 20180820
TheHacker 20180818
TotalDefense 20180820
TrendMicro 20180820
TrendMicro-HouseCall 20180820
Trustlook 20180820
VBA32 20180820
VIPRE 20180820
ViRobot 20180820
Webroot 20180820
Yandex 20180818
Zillya 20180820
ZoneAlarm by Check Point 20180820
Zoner 20180819
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018 Ramiro Saenz

Product Rambox
Original name Setup.exe
Internal name Setup.exe
File version 0.5.17.37
Description Rambox
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-02-08 07:33:36
Entry Point 0x00009FF9
Number of sections 7
PE sections
PE imports
RegCreateKeyExW
GetTokenInformation
RegDeleteValueW
RegCloseKey
OpenProcessToken
GetUserNameW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegDeleteKeyW
RegQueryValueExW
InitCommonControlsEx
GetStdHandle
WaitForSingleObject
EncodePointer
GetFileAttributesW
VerifyVersionInfoW
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
FreeEnvironmentStringsW
InitializeSListHead
SetStdHandle
GetCPInfo
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetEvent
GetExitCodeProcess
OutputDebugStringW
FindClose
TlsGetValue
MoveFileW
SetLastError
LoadResource
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
lstrcmpiW
VerSetConditionMask
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
SetEnvironmentVariableW
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
DecodePointer
TerminateProcess
GetModuleHandleExW
LocalFileTimeToFileTime
GetCurrentThreadId
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
TlsAlloc
FlushFileBuffers
InitializeCriticalSectionEx
RtlUnwind
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
GetTempFileNameW
CompareStringW
FindNextFileW
ResetEvent
FindFirstFileExW
CreateEventW
CreateFileW
GetFileType
TlsSetValue
HeapAlloc
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
LCMapStringW
GetConsoleCP
FindResourceW
GetEnvironmentStringsW
WaitForSingleObjectEx
lstrlenW
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
FreeResource
IsValidCodePage
GetTempPathW
CreateProcessW
GetOEMCP
VarUI4FromStr
SysFreeString
VariantClear
VariantInit
SysAllocString
SHGetFolderPathW
ShellExecuteW
ShellExecuteExW
PathIsUNCW
MessageBoxW
GetActiveWindow
LoadStringW
wsprintfW
CharNextW
ExitWindowsEx
DestroyWindow
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
CoTaskMemAlloc
CoCreateInstance
URLDownloadToFileW
Number of PE resources by type
RT_ICON 6
RT_GROUP_ICON 2
RT_MANIFEST 1
RT_STRING 1
DATA 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 12
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.5.17.37

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Rambox

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
54836224

SquirrelAwareVersion
1

EntryPoint
0x9ff9

OriginalFileName
Setup.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2018 Ramiro Saenz

FileVersion
0.5.17.37

TimeStamp
2017:02:08 08:33:36+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Setup.exe

ProductVersion
0.5.17.37

SubsystemVersion
6.0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Ramiro Saenz

CodeSize
113664

ProductName
Rambox

ProductVersionNumber
0.5.17.37

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 5d62a2a80b883142fb48a3d876463311
SHA1 6f5b814cb63379d2ed917ff15846e951f0b7d14d
SHA256 448f6982bb7f77d244c7220165140a664f7bd7d5aed027a28b3dbe90357642b4
ssdeep
1572864:x+9JdcCIRXvqrBCZ1Gydw0DXQx8kPplI19t:x+9bA31GyKqQy3

authentihash f9d1b59b52b1d5168e123ad6419a4c59093b56c68e0366669bc76d531c0124e6
imphash e7536ba0a6bb1ec857fcd176fd7cf803
File size 52.4 MB ( 54950912 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2018-04-27 05:16:17 UTC ( 11 months, 4 weeks ago )
Last submission 2018-08-20 15:19:44 UTC ( 8 months ago )
File names Setup.exe
Rambox.Setup.0.5.17-ia32.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!