× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 49d29162fed5d8665af2a15564d57f79c125a8707c5fd47075f2f25179d240da
File name: 7z.sfx
Detection ratio: 0 / 57
Analysis date: 2015-08-14 23:54:05 UTC ( 2 weeks, 2 days ago )
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
ALYac 20150813
AVG 20150814
AVware 20150815
Ad-Aware 20150815
AegisLab 20150814
Agnitum 20150814
AhnLab-V3 20150814
Alibaba 20150814
Antiy-AVL 20150814
Arcabit 20150815
Avast 20150815
Avira 20150814
Baidu-International 20150814
BitDefender 20150815
Bkav 20150814
ByteHero 20150815
CAT-QuickHeal 20150814
CMC 20150814
ClamAV 20150814
Comodo 20150814
Cyren 20150815
DrWeb 20150815
ESET-NOD32 20150814
Emsisoft 20150815
F-Prot 20150814
F-Secure 20150815
Fortinet 20150813
GData 20150815
Ikarus 20150814
Jiangmin 20150814
K7AntiVirus 20150814
K7GW 20150814
Kaspersky 20150815
Kingsoft 20150815
Malwarebytes 20150814
McAfee 20150815
McAfee-GW-Edition 20150814
MicroWorld-eScan 20150815
Microsoft 20150814
NANO-Antivirus 20150814
Panda 20150814
Qihoo-360 20150815
Rising 20150815
SUPERAntiSpyware 20150815
Sophos 20150815
Symantec 20150814
Tencent 20150815
TheHacker 20150814
TotalDefense 20150815
TrendMicro 20150815
TrendMicro-HouseCall 20150815
VBA32 20150814
VIPRE 20150815
ViRobot 20150815
Zillya 20150813
Zoner 20150815
nProtect 20150813
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 1999-2009 Igor Pavlov

Publisher Igor Pavlov
Product 7-Zip
Original name 7z.sfx.exe
Internal name 7z.sfx
File version 4.65
Description 7z SFX
Packers identified
F-PROT AutoIt, UPX_LZMA, 7Z
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-02-03 07:21:07
Link date 8:21 AM 2/3/2009
Entry Point 0x0001939C
Number of sections 4
PE sections
Overlays
MD5 ec3907e974d166e620c9ed40ccc1727e
File type data
Offset 140288
Size 283412
Entropy 8.00
PE imports
AreFileApisANSI
GetLastError
GetStdHandle
EnterCriticalSection
FileTimeToSystemTime
lstrlenA
RemoveDirectoryW
WaitForSingleObject
SetEvent
GetCommandLineW
SetFileTime
SetFileAttributesW
GetVersionExA
RemoveDirectoryA
DeleteFileA
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoA
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetFileSize
CreateDirectoryA
GetModuleHandleW
GetCurrentDirectoryA
MultiByteToWideChar
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
FormatMessageA
SetFileAttributesA
SetFilePointer
GetFullPathNameW
CloseHandle
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleA
ReadFile
WriteFile
FormatMessageW
FindFirstFileA
ResetEvent
FindFirstFileW
GetProcAddress
GetFullPathNameA
LocalFree
MoveFileA
InitializeCriticalSection
CreateFileW
VirtualFree
CreateEventA
FindClose
Sleep
MoveFileW
SetEndOfFile
CreateFileA
VirtualAlloc
SetLastError
LeaveCriticalSection
_purecall
__p__fmode
malloc
__CxxFrameHandler
??1type_info@@UAE@XZ
memset
__dllonexit
_controlfp
_except_handler3
_onexit
exit
_XcptFilter
memcmp
__setusermatherr
__p__commode
_acmdln
_CxxThrowException
_adjust_fdiv
free
__getmainargs
memcpy
memmove
_beginthreadex
_initterm
_exit
__set_app_type
SysFreeString
VariantClear
SysAllocString
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
EndDialog
KillTimer
MessageBoxW
PostMessageA
CharUpperW
DialogBoxParamW
SetWindowLongA
DialogBoxParamA
CharUpperA
SetWindowTextA
SendMessageW
LoadStringA
SendMessageA
LoadStringW
SetWindowTextW
GetDlgItem
GetWindowLongA
GetWindowTextLengthA
SetTimer
IsDlgButtonChecked
GetWindowTextW
GetWindowTextLengthW
GetWindowTextA
CoUninitialize
CoInitialize
Number of PE resources by type
RT_STRING 5
RT_DIALOG 5
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 14
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
47616

ImageVersion
0.0

ProductName
7-Zip

FileVersionNumber
4.65.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
7z.sfx.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.65

TimeStamp
2009:02:03 08:21:07+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
7z.sfx

ProductVersion
4.65

FileDescription
7z SFX

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright (c) 1999-2009 Igor Pavlov

MachineType
Intel 386 or later, and compatibles

CompanyName
Igor Pavlov

CodeSize
109056

FileSubtype
0

ProductVersionNumber
4.65.0.0

EntryPoint
0x1939c

ObjectFileType
Executable application

File identification
MD5 68695f8c2b554324bd158de45d00718f
SHA1 6025c807f56fe3a825fee0de3c914584e6ff4096
SHA256 49d29162fed5d8665af2a15564d57f79c125a8707c5fd47075f2f25179d240da
ssdeep
12288:2dOpVVWTqAlh/mzT65B3dgpC/qGwqc4xiQB3:2diiqAlh/i6DdgpCvwpUR

authentihash 07f5bd09b90eb3b359a2a0cc3a083e93d528a771fd8271f2ea777a4dd33fbd8b
imphash 26fbf291a240b90efae516aa59675d40
File size 413.8 KB ( 423700 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe armadillo overlay

VirusTotal metadata
First submission 2010-02-07 21:16:45 UTC ( 5 years, 6 months ago )
Last submission 2015-08-01 09:57:20 UTC ( 4 weeks, 1 day ago )
File names 7z.sfx.exe
49D29162FED5D8665AF2A15564D57F79C125A8707C5FD47075F2F25179D240DA
141494750368196-Coffee.exe
coffee.exe
file-4673700_exe
7z.sfx
Coffee.exe
Coffee (1).exe
Coffee.exe
Coffee.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!