× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 49d29162fed5d8665af2a15564d57f79c125a8707c5fd47075f2f25179d240da
File name: 7z.sfx
Detection ratio: 0 / 57
Analysis date: 2015-03-21 02:35:10 UTC ( 6 days ago )
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
ALYac 20150321
AVG 20150321
AVware 20150320
Ad-Aware 20150321
AegisLab 20150321
Agnitum 20150320
AhnLab-V3 20150320
Alibaba 20150320
Antiy-AVL 20150320
Avast 20150321
Avira 20150321
Baidu-International 20150320
BitDefender 20150321
Bkav 20150320
ByteHero 20150321
CAT-QuickHeal 20150320
CMC 20150317
ClamAV 20150320
Comodo 20150321
Cyren 20150321
DrWeb 20150321
ESET-NOD32 20150321
Emsisoft 20150321
F-Prot 20150321
F-Secure 20150321
Fortinet 20150321
GData 20150321
Ikarus 20150320
Jiangmin 20150320
K7AntiVirus 20150320
K7GW 20150320
Kaspersky 20150321
Kingsoft 20150321
Malwarebytes 20150321
McAfee 20150321
McAfee-GW-Edition 20150321
MicroWorld-eScan 20150321
Microsoft 20150321
NANO-Antivirus 20150321
Norman 20150320
Panda 20150318
Qihoo-360 20150321
Rising 20150320
SUPERAntiSpyware 20150321
Sophos 20150321
Symantec 20150321
Tencent 20150321
TheHacker 20150319
TotalDefense 20150321
TrendMicro 20150321
TrendMicro-HouseCall 20150321
VBA32 20150321
VIPRE 20150321
ViRobot 20150321
Zillya 20150321
Zoner 20150320
nProtect 20150320
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Developer metadata
Copyright
Copyright (c) 1999-2009 Igor Pavlov

Publisher Igor Pavlov
Product 7-Zip
Original name 7z.sfx.exe
Internal name 7z.sfx
File version 4.65
Description 7z SFX
Packers identified
F-PROT AutoIt, UPX_LZMA, 7Z
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-02-03 07:21:07
Link date 8:21 AM 2/3/2009
Entry Point 0x0001939C
Number of sections 4
PE sections
PE imports
AreFileApisANSI
GetLastError
GetStdHandle
EnterCriticalSection
FileTimeToSystemTime
lstrlenA
RemoveDirectoryW
WaitForSingleObject
SetEvent
GetCommandLineW
SetFileTime
SetFileAttributesW
GetVersionExA
RemoveDirectoryA
DeleteFileA
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoA
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetFileSize
CreateDirectoryA
GetModuleHandleW
GetCurrentDirectoryA
MultiByteToWideChar
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
FormatMessageA
SetFileAttributesA
SetFilePointer
GetFullPathNameW
CloseHandle
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleA
ReadFile
WriteFile
FormatMessageW
FindFirstFileA
ResetEvent
FindFirstFileW
GetProcAddress
GetFullPathNameA
LocalFree
MoveFileA
InitializeCriticalSection
CreateFileW
VirtualFree
CreateEventA
FindClose
Sleep
MoveFileW
SetEndOfFile
CreateFileA
VirtualAlloc
SetLastError
LeaveCriticalSection
_purecall
__p__fmode
malloc
__CxxFrameHandler
??1type_info@@UAE@XZ
memset
__dllonexit
_controlfp
_except_handler3
_onexit
exit
_XcptFilter
memcmp
__setusermatherr
__p__commode
_acmdln
_CxxThrowException
_adjust_fdiv
free
__getmainargs
memcpy
memmove
_beginthreadex
_initterm
_exit
__set_app_type
SysFreeString
VariantClear
SysAllocString
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
EndDialog
KillTimer
MessageBoxW
PostMessageA
CharUpperW
DialogBoxParamW
SetWindowLongA
DialogBoxParamA
CharUpperA
SetWindowTextA
SendMessageW
LoadStringA
SendMessageA
LoadStringW
SetWindowTextW
GetDlgItem
GetWindowLongA
GetWindowTextLengthA
SetTimer
IsDlgButtonChecked
GetWindowTextW
GetWindowTextLengthW
GetWindowTextA
CoUninitialize
CoInitialize
Number of PE resources by type
RT_STRING 5
RT_DIALOG 5
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 14
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.65.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
47616

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 1999-2009 Igor Pavlov

FileVersion
4.65

TimeStamp
2009:02:03 08:21:07+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
7z.sfx

ProductVersion
4.65

FileDescription
7z SFX

OSVersion
4.0

OriginalFilename
7z.sfx.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Igor Pavlov

CodeSize
109056

ProductName
7-Zip

ProductVersionNumber
4.65.0.0

EntryPoint
0x1939c

ObjectFileType
Executable application

File identification
MD5 68695f8c2b554324bd158de45d00718f
SHA1 6025c807f56fe3a825fee0de3c914584e6ff4096
SHA256 49d29162fed5d8665af2a15564d57f79c125a8707c5fd47075f2f25179d240da
ssdeep
12288:2dOpVVWTqAlh/mzT65B3dgpC/qGwqc4xiQB3:2diiqAlh/i6DdgpCvwpUR

authentihash 07f5bd09b90eb3b359a2a0cc3a083e93d528a771fd8271f2ea777a4dd33fbd8b
imphash 26fbf291a240b90efae516aa59675d40
File size 413.8 KB ( 423700 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe armadillo

VirusTotal metadata
First submission 2010-02-07 21:16:45 UTC ( 5 years, 1 month ago )
Last submission 2015-03-10 02:01:33 UTC ( 2 weeks, 3 days ago )
File names 7z.sfx.exe
141494750368196-Coffee.exe
coffee.exe
file-4673700_exe
7z.sfx
Coffee.exe
Coffee (1).exe
Coffee.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!