× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 48dc1088db3e5896ab520b30ed75fb1185212658ae789bb818d122b2982a0965
File name: Mp3DirectCut_Setup.exe
Detection ratio: 0 / 70
Analysis date: 2019-04-09 17:20:15 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Acronis 20190409
Ad-Aware 20190409
AegisLab 20190409
AhnLab-V3 20190409
Alibaba 20190402
ALYac 20190409
Antiy-AVL 20190409
Arcabit 20190409
Avast 20190409
Avast-Mobile 20190409
AVG 20190409
Avira (no cloud) 20190409
Babable 20180918
Baidu 20190318
BitDefender 20190409
Bkav 20190409
CAT-QuickHeal 20190409
ClamAV 20190409
CMC 20190321
Comodo 20190409
CrowdStrike Falcon (ML) 20190212
Cybereason 20190403
Cylance 20190409
Cyren 20190409
DrWeb 20190409
eGambit 20190409
Emsisoft 20190409
Endgame 20190403
ESET-NOD32 20190409
F-Prot 20190409
F-Secure 20190409
FireEye 20190409
Fortinet 20190409
GData 20190409
Ikarus 20190409
Sophos ML 20190313
Jiangmin 20190409
K7AntiVirus 20190409
K7GW 20190409
Kaspersky 20190409
Kingsoft 20190409
Malwarebytes 20190409
MAX 20190409
McAfee 20190409
McAfee-GW-Edition 20190409
Microsoft 20190409
eScan 20190409
NANO-Antivirus 20190409
Palo Alto Networks (Known Signatures) 20190409
Panda 20190409
Qihoo-360 20190409
Rising 20190409
SentinelOne (Static ML) 20190407
Sophos AV 20190409
SUPERAntiSpyware 20190404
Symantec 20190409
Symantec Mobile Insight 20190408
TACHYON 20190409
Tencent 20190409
TheHacker 20190405
TotalDefense 20190409
Trapmine 20190325
TrendMicro-HouseCall 20190409
Trustlook 20190409
VBA32 20190409
ViRobot 20190409
Webroot 20190409
Yandex 20190408
Zillya 20190409
ZoneAlarm by Check Point 20190409
Zoner 20190408
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Packers identified
F-PROT UPX, ZIP
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2001-03-20 06:35:57
Entry Point 0x00019220
Number of sections 3
PE sections
Overlays
MD5 0a8f8c169dae39980ac9577586568dc9
File type data
Offset 27136
Size 266457
Entropy 7.99
PE imports
RegCloseKey
SetROP2
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
ShellExecuteA
CoInitialize
Number of PE resources by type
RT_DIALOG 5
RT_BITMAP 2
RT_GROUP_CURSOR 1
RT_ICON 1
RT_MANIFEST 1
RT_MENU 1
RT_CURSOR 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
NEUTRAL 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

SubsystemVersion
4.0

MachineType
Intel 386 or later, and compatibles

TimeStamp
2001:03:20 07:35:57+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
24576

LinkerVersion
6.0

FileTypeExtension
exe

InitializedDataSize
8192

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Aggressive working-set trim, 32-bit

EntryPoint
0x19220

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
77824

File identification
MD5 d8a565b1db253608f96f2a40ceae9c8a
SHA1 3ba217e467bc7cfef864e5083bdaeab4fa71d874
SHA256 48dc1088db3e5896ab520b30ed75fb1185212658ae789bb818d122b2982a0965
ssdeep
6144:qr/630tzu0pY42/8VcSrgRaFN3YrXlnmxtxQI+710Fr+CHtd:qrE0tzQ4q8VrrgRaFZ4XotxwErhHtd

authentihash 860fd7b7fbc158a036f90a3326585829885b0bef8293ba24a3ba1551133b46ab
imphash c06bf69540baaacb30210ae923ecea0f
File size 286.7 KB ( 293593 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (38.2%)
Win32 EXE Yoda's Crypter (37.5%)
Win32 Dynamic Link Library (generic) (9.2%)
Win32 Executable (generic) (6.3%)
OS/2 Executable (generic) (2.8%)
Tags
peexe via-tor upx overlay

VirusTotal metadata
First submission 2017-03-07 16:50:09 UTC ( 2 years, 2 months ago )
Last submission 2019-05-01 07:47:33 UTC ( 2 weeks, 6 days ago )
File names MP3DirectCut223.exe
mp3DC223.exe
mp3DirectCut_2.23.exe
mp3directcut_223.exe
56f32c3e308bbeeda000.exe
mp3directcut_2-23_fr_10838.exe
mp3DirectCut 2.23.exe
setupmp3DC223.exe
mp3DC223.exe
48dc1088db3e5896_orig.exe
mp3directcut-2-23.exe
mp3cut.exe
mp3DC223-dostindir.exe
4656-mp3DC223.exe
mp3DirectCut_v223.exe
mp3DC223.exe
mp3DC223.exe
mp3DirectCut v2.23.exe
mp3DirectCut.exe
mp3directcut-DC223.exe
mp3DC223.zip
mp3DC223(1).exe
mp3DC223_2.exe
Mp3DirectCut.exe
sample.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Runtime DLLs
UDP communications