× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4b3195884d02fbefa4e09a7b7fca913e34b9a1a66e75c189c3b9470b9838d3e6
File name: WoWLauncher.exe
Detection ratio: 0 / 42
Analysis date: 2012-11-23 23:38:54 UTC ( 4 years, 7 months ago )
Antivirus Result Update
Yandex 20121123
AhnLab-V3 20121122
AntiVir 20121123
Antiy-AVL 20121122
Avast 20121123
AVG 20121123
BitDefender 20121123
ByteHero 20121116
CAT-QuickHeal 20121122
ClamAV 20121123
Commtouch 20121123
Comodo 20121123
Emsisoft 20121123
eSafe 20121121
ESET-NOD32 20121123
F-Prot 20121123
F-Secure 20121123
Fortinet 20121123
GData 20121123
Ikarus 20121123
Jiangmin 20121123
K7AntiVirus 20121122
Kaspersky 20121123
Kingsoft 20121119
McAfee 20121123
McAfee-GW-Edition 20121123
Microsoft 20121123
eScan 20121123
Norman 20121123
nProtect 20121123
Panda 20121123
PCTools 20121123
Rising 20121123
Sophos 20121123
SUPERAntiSpyware 20121123
Symantec 20121122
TheHacker 20121123
TotalDefense 20121122
TrendMicro 20121123
TrendMicro-HouseCall 20121123
VIPRE 20121123
ViRobot 20121123
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-11-23 23:37:51
Entry Point 0x0000C408
Number of sections 5
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteKeyW
RegSetValueExW
Ord(15)
Ord(14)
Ord(17)
Ord(13)
SetBkMode
CreateSolidBrush
GetStockObject
SetTextColor
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
InitOnceExecuteOnce
EnterCriticalSection
ReadFile
GetCPInfo
RemoveDirectoryW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
EncodePointer
FlsGetValue
GetStdHandle
FlushFileBuffers
GetEnvironmentStringsW
FlsSetValue
GetFileAttributesW
RtlUnwind
GetModuleFileNameA
RaiseException
IsProcessorFeaturePresent
GetProcessHeap
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
HeapSize
WriteConsoleW
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
GetStartupInfoW
SetFilePointerEx
FreeEnvironmentStringsW
FlsAlloc
DeleteFileW
GetProcAddress
FlsFree
GetFileType
GetTickCount64
SetStdHandle
GetStringTypeW
SetEndOfFile
CreateThread
GetModuleFileNameW
SetFilePointer
FindNextFileW
SetUnhandledExceptionFilter
WriteFile
InterlockedIncrement
CloseHandle
GetSystemTimeAsFileTime
GetCommandLineA
FindFirstFileW
GetACP
HeapReAlloc
DecodePointer
GetModuleHandleW
GetFileAttributesExW
TerminateProcess
ResumeThread
LoadLibraryW
WideCharToMultiByte
GetModuleHandleExW
IsValidCodePage
OutputDebugStringW
SetLastError
CreateFileW
CreateProcessW
FindClose
InterlockedDecrement
Sleep
MoveFileW
ReadConsoleW
HeapAlloc
GetCurrentThreadId
SetFileAttributesW
ExitProcess
LCMapStringEx
LeaveCriticalSection
SHGetPathFromIDListW
SHBrowseForFolderW
SetFocus
RegisterWindowMessageW
GetMonitorInfoW
UpdateWindow
GetMessageW
DefWindowProcW
PostQuitMessage
ShowWindow
GetSystemMetrics
MessageBoxW
RegisterClassExW
TranslateMessage
PostMessageW
GetSysColor
DispatchMessageW
SendMessageW
MonitorFromWindow
LoadImageW
EnableWindow
LoadCursorW
LoadIconW
CreateWindowExW
wsprintfW
DestroyWindow
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
Ord(23)
Ord(16)
Ord(116)
Ord(4)
Ord(115)
Ord(52)
Ord(19)
Ord(9)
CoTaskMemFree
OleInitialize
Number of PE resources by type
RT_ICON 3
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 6
ExifTool file metadata
SubsystemVersion
6.0

InitializedDataSize
72704

ImageVersion
0.0

ProductName
World of Warcraft Launcher Application

FileVersionNumber
1.2.115.1201

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

CharacterSet
Unicode

LinkerVersion
11.0

FileOS
Win32

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.2.115.1201

TimeStamp
2012:11:23 23:37:51+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
WoWLauncher

ProductVersion
1.2.115.1201

FileDescription
World of Warcraft Launcher

OSVersion
6.0

OriginalFilename
WoWLauncher.exe

LegalCopyright
Copyright (C) 2012

MachineType
Intel 386 or later, and compatibles

CompanyName
Recelate Studios

CodeSize
88576

FileSubtype
0

ProductVersionNumber
1.2.115.1201

EntryPoint
0xc408

ObjectFileType
Executable application

File identification
MD5 c9d5559c31dd588b21c26f7be92885ff
SHA1 4d5aa405990b1211f930e22a8b11b1a675993bf8
SHA256 4b3195884d02fbefa4e09a7b7fca913e34b9a1a66e75c189c3b9470b9838d3e6
ssdeep
3072:NRxW7lQ+GoPh2ATmTv5TplWJRcGiZ+rK5rtPYqHATMF:NlATy6JOGALfLbF

File size 151.0 KB ( 154624 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (75.0%)
Win32 Executable Generic (16.9%)
Generic Win/DOS Executable (3.9%)
DOS Executable Generic (3.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2012-11-23 23:38:54 UTC ( 4 years, 7 months ago )
Last submission 2012-11-23 23:38:54 UTC ( 4 years, 7 months ago )
File names WoWLauncher.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!