× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 49d29162fed5d8665af2a15564d57f79c125a8707c5fd47075f2f25179d240da
File name: 7z.sfx
Detection ratio: 0 / 56
Analysis date: 2015-07-01 04:00:04 UTC ( 6 days, 9 hours ago )
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
ALYac 20150630
AVG 20150701
AVware 20150701
Ad-Aware 20150701
AegisLab 20150701
Agnitum 20150630
AhnLab-V3 20150630
Alibaba 20150630
Antiy-AVL 20150630
Arcabit 20150630
Avast 20150701
Avira 20150630
Baidu-International 20150630
BitDefender 20150701
Bkav 20150630
ByteHero 20150701
CAT-QuickHeal 20150630
ClamAV 20150701
Comodo 20150701
Cyren 20150701
DrWeb 20150701
ESET-NOD32 20150630
Emsisoft 20150701
F-Prot 20150701
F-Secure 20150701
Fortinet 20150701
GData 20150701
Ikarus 20150701
Jiangmin 20150630
K7AntiVirus 20150630
K7GW 20150701
Kaspersky 20150701
Kingsoft 20150701
Malwarebytes 20150701
McAfee 20150701
McAfee-GW-Edition 20150630
MicroWorld-eScan 20150701
Microsoft 20150701
NANO-Antivirus 20150630
Panda 20150630
Qihoo-360 20150701
Rising 20150630
SUPERAntiSpyware 20150701
Sophos 20150701
Symantec 20150701
Tencent 20150701
TheHacker 20150701
TotalDefense 20150630
TrendMicro 20150701
TrendMicro-HouseCall 20150701
VBA32 20150630
VIPRE 20150701
ViRobot 20150701
Zillya 20150630
Zoner 20150701
nProtect 20150630
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Developer metadata
Copyright
Copyright (c) 1999-2009 Igor Pavlov

Publisher Igor Pavlov
Product 7-Zip
Original name 7z.sfx.exe
Internal name 7z.sfx
File version 4.65
Description 7z SFX
Packers identified
F-PROT AutoIt, UPX_LZMA, 7Z
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-02-03 07:21:07
Link date 8:21 AM 2/3/2009
Entry Point 0x0001939C
Number of sections 4
PE sections
Overlays
MD5 ec3907e974d166e620c9ed40ccc1727e
File type data
Offset 140288
Size 283412
Entropy 8.00
PE imports
AreFileApisANSI
GetLastError
GetStdHandle
EnterCriticalSection
FileTimeToSystemTime
lstrlenA
RemoveDirectoryW
WaitForSingleObject
SetEvent
GetCommandLineW
SetFileTime
SetFileAttributesW
GetVersionExA
RemoveDirectoryA
DeleteFileA
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoA
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetFileSize
CreateDirectoryA
GetModuleHandleW
GetCurrentDirectoryA
MultiByteToWideChar
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
FormatMessageA
SetFileAttributesA
SetFilePointer
GetFullPathNameW
CloseHandle
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleA
ReadFile
WriteFile
FormatMessageW
FindFirstFileA
ResetEvent
FindFirstFileW
GetProcAddress
GetFullPathNameA
LocalFree
MoveFileA
InitializeCriticalSection
CreateFileW
VirtualFree
CreateEventA
FindClose
Sleep
MoveFileW
SetEndOfFile
CreateFileA
VirtualAlloc
SetLastError
LeaveCriticalSection
_purecall
__p__fmode
malloc
__CxxFrameHandler
??1type_info@@UAE@XZ
memset
__dllonexit
_controlfp
_except_handler3
_onexit
exit
_XcptFilter
memcmp
__setusermatherr
__p__commode
_acmdln
_CxxThrowException
_adjust_fdiv
free
__getmainargs
memcpy
memmove
_beginthreadex
_initterm
_exit
__set_app_type
SysFreeString
VariantClear
SysAllocString
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
EndDialog
KillTimer
MessageBoxW
PostMessageA
CharUpperW
DialogBoxParamW
SetWindowLongA
DialogBoxParamA
CharUpperA
SetWindowTextA
SendMessageW
LoadStringA
SendMessageA
LoadStringW
SetWindowTextW
GetDlgItem
GetWindowLongA
GetWindowTextLengthA
SetTimer
IsDlgButtonChecked
GetWindowTextW
GetWindowTextLengthW
GetWindowTextA
CoUninitialize
CoInitialize
Number of PE resources by type
RT_STRING 5
RT_DIALOG 5
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 14
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.65.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
47616

EntryPoint
0x1939c

OriginalFileName
7z.sfx.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 1999-2009 Igor Pavlov

FileVersion
4.65

TimeStamp
2009:02:03 08:21:07+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
7z.sfx

ProductVersion
4.65

FileDescription
7z SFX

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Igor Pavlov

CodeSize
109056

ProductName
7-Zip

ProductVersionNumber
4.65.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 68695f8c2b554324bd158de45d00718f
SHA1 6025c807f56fe3a825fee0de3c914584e6ff4096
SHA256 49d29162fed5d8665af2a15564d57f79c125a8707c5fd47075f2f25179d240da
ssdeep
12288:2dOpVVWTqAlh/mzT65B3dgpC/qGwqc4xiQB3:2diiqAlh/i6DdgpCvwpUR

authentihash 07f5bd09b90eb3b359a2a0cc3a083e93d528a771fd8271f2ea777a4dd33fbd8b
imphash 26fbf291a240b90efae516aa59675d40
File size 413.8 KB ( 423700 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe armadillo overlay

VirusTotal metadata
First submission 2010-02-07 21:16:45 UTC ( 5 years, 5 months ago )
Last submission 2015-06-01 07:54:41 UTC ( 1 month ago )
File names 7z.sfx.exe
141494750368196-Coffee.exe
coffee.exe
file-4673700_exe
7z.sfx
Coffee.exe
Coffee (1).exe
Coffee.exe
Coffee.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!