× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 49d29162fed5d8665af2a15564d57f79c125a8707c5fd47075f2f25179d240da
File name: Coffee.exe
Detection ratio: 0 / 51
Analysis date: 2014-03-31 22:45:39 UTC ( 2 weeks, 1 day ago )
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
AVG 20140331
Ad-Aware 20140331
AegisLab 20140331
Agnitum 20140331
AhnLab-V3 20140331
AntiVir 20140331
Antiy-AVL 20140331
Avast 20140331
Baidu-International 20140331
BitDefender 20140331
Bkav 20140331
ByteHero 20140331
CAT-QuickHeal 20140330
CMC 20140331
ClamAV 20140331
Commtouch 20140331
Comodo 20140331
DrWeb 20140331
ESET-NOD32 20140331
Emsisoft 20140331
F-Prot 20140331
F-Secure 20140331
Fortinet 20140331
GData 20140331
Ikarus 20140331
Jiangmin 20140331
K7AntiVirus 20140331
K7GW 20140331
Kaspersky 20140331
Kingsoft 20140331
Malwarebytes 20140331
McAfee 20140331
McAfee-GW-Edition 20140331
MicroWorld-eScan 20140331
Microsoft 20140331
NANO-Antivirus 20140331
Norman 20140331
Panda 20140331
Qihoo-360 20140331
Rising 20140331
SUPERAntiSpyware 20140331
Sophos 20140331
Symantec 20140331
TheHacker 20140329
TotalDefense 20140331
TrendMicro 20140331
TrendMicro-HouseCall 20140331
VBA32 20140331
VIPRE 20140331
ViRobot 20140331
nProtect 20140331
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright (c) 1999-2009 Igor Pavlov

Publisher Igor Pavlov
Product 7-Zip
Original name 7z.sfx.exe
Internal name 7z.sfx
File version 4.65
Description 7z SFX
Packers identified
F-PROT 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, 7Z, AutoIt, 7Z, AutoIt, 7Z, AutoIt, 7Z, AutoIt, 7Z, UPX_LZMA, 7Z
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-02-03 07:21:07
Link date 8:21 AM 2/3/2009
Entry Point 0x0001939C
Number of sections 4
PE sections
PE imports
AreFileApisANSI
GetLastError
GetStdHandle
EnterCriticalSection
FileTimeToSystemTime
lstrlenA
RemoveDirectoryW
WaitForSingleObject
SetEvent
GetCommandLineW
SetFileTime
SetFileAttributesW
GetVersionExA
RemoveDirectoryA
DeleteFileA
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoA
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetFileSize
CreateDirectoryA
GetModuleHandleW
GetCurrentDirectoryA
MultiByteToWideChar
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
FormatMessageA
SetFileAttributesA
SetFilePointer
GetFullPathNameW
CloseHandle
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleA
ReadFile
WriteFile
FormatMessageW
FindFirstFileA
ResetEvent
FindFirstFileW
GetProcAddress
GetFullPathNameA
LocalFree
MoveFileA
InitializeCriticalSection
CreateFileW
VirtualFree
CreateEventA
FindClose
Sleep
MoveFileW
SetEndOfFile
CreateFileA
VirtualAlloc
SetLastError
LeaveCriticalSection
_purecall
__p__fmode
malloc
__CxxFrameHandler
??1type_info@@UAE@XZ
memset
__dllonexit
_controlfp
_except_handler3
_onexit
exit
_XcptFilter
memcmp
__setusermatherr
__p__commode
_acmdln
_CxxThrowException
_adjust_fdiv
free
__getmainargs
memcpy
memmove
_beginthreadex
_initterm
_exit
__set_app_type
SysFreeString
VariantClear
SysAllocString
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
EndDialog
KillTimer
MessageBoxW
PostMessageA
CharUpperW
DialogBoxParamW
SetWindowLongA
DialogBoxParamA
CharUpperA
SetWindowTextA
SendMessageW
LoadStringA
SendMessageA
LoadStringW
SetWindowTextW
GetDlgItem
GetWindowLongA
GetWindowTextLengthA
SetTimer
IsDlgButtonChecked
GetWindowTextW
GetWindowTextLengthW
GetWindowTextA
CoUninitialize
CoInitialize
Number of PE resources by type
RT_STRING 5
RT_DIALOG 5
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 14
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.65.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
47616

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 1999-2009 Igor Pavlov

FileVersion
4.65

TimeStamp
2009:02:03 08:21:07+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
7z.sfx

FileAccessDate
2014:03:31 23:46:17+01:00

ProductVersion
4.65

FileDescription
7z SFX

OSVersion
4.0

FileCreateDate
2014:03:31 23:46:17+01:00

OriginalFilename
7z.sfx.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Igor Pavlov

CodeSize
109056

ProductName
7-Zip

ProductVersionNumber
4.65.0.0

EntryPoint
0x1939c

ObjectFileType
Executable application

File identification
MD5 68695f8c2b554324bd158de45d00718f
SHA1 6025c807f56fe3a825fee0de3c914584e6ff4096
SHA256 49d29162fed5d8665af2a15564d57f79c125a8707c5fd47075f2f25179d240da
ssdeep
12288:2dOpVVWTqAlh/mzT65B3dgpC/qGwqc4xiQB3:2diiqAlh/i6DdgpCvwpUR

imphash 26fbf291a240b90efae516aa59675d40
File size 413.8 KB ( 423700 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe armadillo

VirusTotal metadata
First submission 2010-02-07 21:16:45 UTC ( 4 years, 2 months ago )
Last submission 2014-03-31 22:45:39 UTC ( 2 weeks, 1 day ago )
File names 7z.sfx.exe
Coffee (1).exe
file-4673700_exe
Coffee.exe
7z.sfx
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!