× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4b7285b0b6e4863ccbc5c41650ad868dfd8031d1afa269209714c13626e7556e
File name: taskmgr
Detection ratio: 2 / 69
Analysis date: 2018-12-31 12:34:54 UTC ( 2 months, 3 weeks ago )
Antivirus Result Update
Cylance Unsafe 20181231
Trapmine suspicious.low.ml.score 20181205
Acronis 20181227
Ad-Aware 20181231
AegisLab 20181231
Alibaba 20180921
ALYac 20181231
Antiy-AVL 20181231
Arcabit 20181231
Avast 20181231
Avast-Mobile 20181231
AVG 20181231
Avira (no cloud) 20181230
Babable 20180918
Baidu 20181207
BitDefender 20181231
Bkav 20181227
CAT-QuickHeal 20181230
ClamAV 20181231
CMC 20181230
Comodo 20181231
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cyren 20181231
DrWeb 20181231
eGambit 20181231
Emsisoft 20181231
Endgame 20181108
ESET-NOD32 20181231
F-Prot 20181231
F-Secure 20181231
Fortinet 20181231
GData 20181231
Ikarus 20181230
Sophos ML 20181128
Jiangmin 20181231
K7AntiVirus 20181231
K7GW 20181231
Kaspersky 20181231
Kingsoft 20181231
Malwarebytes 20181231
MAX 20181231
McAfee 20181231
McAfee-GW-Edition 20181231
Microsoft 20181230
eScan 20181231
NANO-Antivirus 20181231
Palo Alto Networks (Known Signatures) 20181231
Panda 20181231
Qihoo-360 20181231
Rising 20181231
SentinelOne (Static ML) 20181223
Sophos AV 20181231
SUPERAntiSpyware 20181226
Symantec 20181230
Symantec Mobile Insight 20181225
TACHYON 20181231
Tencent 20181231
TheHacker 20181230
TotalDefense 20181231
TrendMicro 20181231
TrendMicro-HouseCall 20181231
Trustlook 20181231
VBA32 20181229
ViRobot 20181230
Webroot 20181231
Yandex 20181229
Zillya 20181228
ZoneAlarm by Check Point 20181231
Zoner 20181231
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Корпорация Майкрософт. Все права защищены.

Product Операционная система Microsoft® Windows®
Original name taskmgr.exe
Internal name taskmgr
File version 5.1.2600.5512 (xpsp.080413-2105)
Description Диспетчер задач Windows
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2008-04-13 18:35:32
Entry Point 0x00005944
Number of sections 3
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
OpenProcessToken
RegSetValueExW
IsValidSid
RegQueryValueExA
RegOpenKeyExW
OpenThreadToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExA
RegQueryValueExW
CreateStatusWindowW
ImageList_Create
ImageList_Remove
Ord(17)
ImageList_SetIconSize
ImageList_ReplaceIcon
CreateFontIndirectW
CreatePen
CombineRgn
Rectangle
GetDeviceCaps
LineTo
DeleteDC
SetBkMode
GetObjectW
BitBlt
SetTextColor
GetCurrentObject
FillRgn
MoveToEx
GetStockObject
CreateCompatibleDC
CreateRectRgn
SelectObject
GetCharWidth32W
CreateCompatibleBitmap
CreateSolidBrush
DeleteObject
SetRectRgn
GetLastError
HeapFree
lstrcpynW
ReleaseMutex
DelayLoadFailureHook
LoadLibraryW
WaitForSingleObject
GetVersionExW
SetEvent
QueryPerformanceCounter
LocalAlloc
GetTickCount
SetProcessShutdownParameters
GetProcessHeap
GetVersionExA
LoadLibraryA
GetCommandLineW
lstrcmpiW
HeapAlloc
GetCurrentProcess
GetPriorityClass
GetCurrentDirectoryW
GetCurrentProcessId
OpenProcess
ProcessIdToSessionId
lstrlenW
UnhandledExceptionFilter
MultiByteToWideChar
HeapSize
SetProcessAffinityMask
GetProcAddress
InterlockedCompareExchange
GetStartupInfoW
GetComputerNameW
lstrcpyW
CreateThread
ExpandEnvironmentStringsW
SetUnhandledExceptionFilter
CreateMutexW
CloseHandle
GetSystemTimeAsFileTime
GetThreadTimes
lstrcmpW
HeapReAlloc
GetModuleHandleW
SetPriorityClass
FreeLibrary
LocalFree
FormatMessageW
TerminateProcess
GetProcessAffinityMask
CreateEventW
CreateProcessW
lstrcatW
Sleep
GetCurrentThread
ExitProcess
GetCurrentThreadId
GetLocaleInfoW
GetNumberFormatW
SetLastError
IsBadWritePtr
Shell_NotifyIconW
Ord(61)
Ord(245)
Ord(236)
Ord(100)
ShellAboutW
Ord(241)
Ord(437)
wnsprintfW
StrStrIW
Ord(413)
StrFormatByteSizeW
GetUserNameExW
MapWindowPoints
GetForegroundWindow
DrawTextW
EnumDesktopsW
DestroyMenu
PostQuitMessage
SetWindowPos
GetScrollInfo
IsWindow
EndPaint
OpenIcon
OpenWindowStationW
SetMenuItemInfoW
DispatchMessageW
GetCursorPos
CharLowerBuffW
GetDlgCtrlID
LockWorkStation
SendMessageW
GetClientRect
AllowSetForegroundWindow
SetMenuDefaultItem
SetScrollPos
GetThreadDesktop
LoadImageW
GetWindowTextW
GetWindowTextLengthW
LoadAcceleratorsW
EnumWindowStationsW
DestroyWindow
DrawEdge
GetParent
UpdateWindow
GetGuiResources
EnumWindows
GetMessageW
ShowWindow
EnableWindow
ShowWindowAsync
TranslateMessage
SetThreadDesktop
GetWindow
InternalGetWindowText
RegisterClassW
OpenDesktopW
IsZoomed
LoadStringW
SetWindowLongW
IsHungAppWindow
EnableMenuItem
TrackPopupMenuEx
GetSubMenu
SetTimer
IsDialogMessageW
FillRect
DeferWindowPos
GetDialogBaseUnits
CreateWindowExW
GetWindowLongW
SetFocus
RegisterWindowMessageW
BeginPaint
DefWindowProcW
KillTimer
CheckMenuRadioItem
GetSystemMetrics
IsIconic
GetWindowRect
SetProcessWindowStation
GetProcessWindowStation
InvalidateRect
CheckDlgButton
CreateDialogParamW
CheckMenuItem
GetWindowLongA
GetClassLongW
GetLastActivePopup
SetWindowTextW
GetDlgItem
PostMessageW
CloseWindowStation
PostThreadMessageW
GetMenuItemCount
IsDlgButtonChecked
GetDesktopWindow
LoadCursorW
LoadIconW
GetDC
SwitchToThisWindow
SetForegroundWindow
ExitWindowsEx
GetMenuItemInfoW
GetAsyncKeyState
ReleaseDC
EndDialog
FindWindowW
EndTask
GetShellWindow
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
BeginDeferWindowPos
MessageBoxW
GetMenu
SetMenu
MoveWindow
DialogBoxParamW
CascadeWindows
SendMessageTimeoutW
GetSysColor
SetDlgItemTextW
SetScrollInfo
GetKeyState
EndDeferWindowPos
DestroyIcon
IsWindowVisible
TileWindows
SystemParametersInfoW
SetRect
DeleteMenu
MonitorFromRect
CallWindowProcW
GetClassInfoW
CloseDesktop
GetFocus
wsprintfW
SetCursor
TranslateAcceleratorW
VDMTerminateTaskWOW
VDMEnumTaskWOWEx
GetInterfaceInfo
GetIfEntry
GetNumberOfInterfaces
NhGetInterfaceNameFromDeviceGuid
NtQuerySystemInformation
_wcsicmp
_chkstk
RtlTimeToElapsedTimeFields
memmove
mbstowcs
NtPowerInformation
NtShutdownSystem
NtInitiatePowerAction
NtOpenThread
_snwprintf
RtlAnsiStringToUnicodeString
wcstol
NtClose
RtlLargeIntegerToChar
strrchr
RtlUnwind
NtQueryVirtualMemory
_ui64tow
Number of PE resources by type
RT_ICON 30
RT_STRING 28
RT_GROUP_ICON 16
RT_DIALOG 15
RT_MENU 11
RT_BITMAP 5
RT_MANIFEST 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
RUSSIAN 108
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
122368

ImageVersion
5.1

ProductName
Microsoft Windows

FileVersionNumber
5.1.2600.5512

UninitializedDataSize
0

LanguageCode
Russian

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

LinkerVersion
7.1

FileTypeExtension
exe

OriginalFileName
taskmgr.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
5.1.2600.5512 (xpsp.080413-2105)

TimeStamp
2008:04:13 18:35:32+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
taskmgr

ProductVersion
5.1.2600.5512

FileDescription
Windows

OSVersion
5.1

FileOS
Windows NT 32-bit

LegalCopyright
. .

MachineType
Intel 386 or later, and compatibles

CodeSize
81920

FileSubtype
0

ProductVersionNumber
5.1.2600.5512

Warning
Possibly corrupt Version resource

EntryPoint
0x5944

ObjectFileType
Executable application

Execution parents
File identification
MD5 75196de8329ac2104063128e97196ed1
SHA1 a37f43674bb2dbb71dfd20a192bc19284a82248d
SHA256 4b7285b0b6e4863ccbc5c41650ad868dfd8031d1afa269209714c13626e7556e
ssdeep
3072:Pckh3VK2abS5VHwO8KdKiZuNuEJ+4PmCUSH/KhH:PZVQO8uZUE42SH/K

authentihash 678ebe2c9049c24913fde3dbde0dd9374172d89f988be602d47d780bc65ce33b
imphash a91ce4b8d930e2a6762727a205af58c7
File size 200.5 KB ( 205312 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (64.5%)
Win32 Dynamic Link Library (generic) (13.6%)
Win32 Executable (generic) (9.3%)
OS/2 Executable (generic) (4.1%)
Generic Win/DOS Executable (4.1%)
Tags
peexe

VirusTotal metadata
First submission 2009-05-26 17:19:15 UTC ( 9 years, 10 months ago )
Last submission 2017-05-30 08:28:47 UTC ( 1 year, 9 months ago )
File names taskmgr.exe
taskmgr.exe
taskmgr.exe
taskmgr.exe
taskmgr.exe
taskmgr.exe
taskmgr
file-2316232_exe
TASKMGR.EXE
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!