× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4fb3968f4c036aeca2f5c25600ccefae53f7cc7449c6f7cd4fbea92fd2a8817e
File name: Back_To_The_Future_Turkce_Yama_v2.00.exe
Detection ratio: 0 / 56
Analysis date: 2015-01-12 13:26:15 UTC ( 4 years, 3 months ago )
Antivirus Result Update
Ad-Aware 20150112
AegisLab 20150112
Yandex 20150111
AhnLab-V3 20150112
ALYac 20150112
Antiy-AVL 20150112
Avast 20150112
AVG 20150112
Avira (no cloud) 20150110
AVware 20150112
Baidu-International 20150112
BitDefender 20150112
Bkav 20150112
ByteHero 20150112
CAT-QuickHeal 20150112
ClamAV 20150112
CMC 20150109
Comodo 20150112
Cyren 20150112
DrWeb 20150112
Emsisoft 20150112
ESET-NOD32 20150112
F-Prot 20150112
F-Secure 20150112
Fortinet 20150111
GData 20150112
Ikarus 20150112
Jiangmin 20150112
K7AntiVirus 20150112
K7GW 20150112
Kaspersky 20150112
Kingsoft 20150112
Malwarebytes 20150112
McAfee 20150112
McAfee-GW-Edition 20150112
Microsoft 20150112
eScan 20150112
NANO-Antivirus 20150112
Norman 20150112
nProtect 20150112
Panda 20150112
Qihoo-360 20150112
Rising 20150111
Sophos AV 20150112
SUPERAntiSpyware 20150112
Symantec 20150112
Tencent 20150112
TheHacker 20150106
TotalDefense 20150112
TrendMicro 20150112
TrendMicro-HouseCall 20150112
VBA32 20150112
VIPRE 20150112
ViRobot 20150112
Zillya 20150111
Zoner 20150112
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2010 - OyunCeviri.com

Publisher www.OyunCeviri.com
Product Back to the Future Türkçe Yama
File version 2.00
Description Back to the Future Türkçe Yama v2.00
Comments Oyunlar artýk Türkçe :)
Packers identified
F-PROT NSIS, appended
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-12-05 22:50:46
Entry Point 0x0000323C
Number of sections 5
PE sections
PE imports
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyA
RegDeleteValueA
ImageList_Create
Ord(17)
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
SetBkMode
CreateBrushIndirect
CreateFontIndirectA
SelectObject
SetBkColor
DeleteObject
SetTextColor
GetLastError
lstrlenA
GetFileAttributesA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
CopyFileA
ExitProcess
SetFileTime
GlobalUnlock
GetModuleFileNameA
LoadLibraryA
GetShortPathNameA
GetCurrentProcess
LoadLibraryExA
CompareFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileSize
lstrcatA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GlobalLock
SetFileAttributesA
SetFilePointer
GetTempPathA
CreateThread
lstrcmpiA
GetModuleHandleA
lstrcmpA
ReadFile
WriteFile
FindFirstFileA
CloseHandle
GetTempFileNameA
lstrcpynA
FindNextFileA
RemoveDirectoryA
GetSystemDirectoryA
GetDiskFreeSpaceA
ExpandEnvironmentStringsA
GetFullPathNameA
FreeLibrary
MoveFileA
CreateProcessA
GlobalAlloc
SearchPathA
FindClose
Sleep
CreateFileA
GetTickCount
GetVersion
GetProcAddress
SetCurrentDirectoryA
MulDiv
SHGetFileInfoA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHFileOperationA
EmptyClipboard
GetMessagePos
EndPaint
CharPrevA
EndDialog
BeginPaint
PostQuitMessage
DefWindowProcA
SetWindowTextA
SetClassLongA
LoadBitmapA
SetWindowPos
GetSystemMetrics
IsWindow
AppendMenuA
GetWindowRect
DispatchMessageA
ScreenToClient
SetDlgItemTextA
MessageBoxIndirectA
LoadImageA
GetDlgItemTextA
PeekMessageA
SetWindowLongA
IsWindowEnabled
GetSysColor
CheckDlgButton
GetDC
FindWindowExA
SystemParametersInfoA
CreatePopupMenu
wsprintfA
DialogBoxParamA
SetClipboardData
IsWindowVisible
GetClassInfoA
SetForegroundWindow
GetClientRect
CreateWindowExA
GetDlgItem
CreateDialogParamA
DrawTextA
EnableMenuItem
RegisterClassA
InvalidateRect
GetWindowLongA
SendMessageTimeoutA
SetTimer
LoadCursorA
TrackPopupMenu
SendMessageA
FillRect
ShowWindow
OpenClipboard
CharNextA
CallWindowProcA
GetSystemMenu
EnableWindow
CloseClipboard
DestroyWindow
ExitWindowsEx
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
OleUninitialize
CoTaskMemFree
OleInitialize
CoCreateInstance
Number of PE resources by type
RT_DIALOG 5
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 8
NEUTRAL 1
PE resources
ExifTool file metadata
LegalTrademarks
Back to the Future The Game TellTale Games

UninitializedDataSize
1024

Comments
Oyunlar art k T rk e :)

InitializedDataSize
119808

ImageVersion
6.0

CompanyWebsite
http://www.oyunceviri.com

ProductName
Back to the Future T rk e Yama

FileVersionNumber
2.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x0000

FileDescription
Back to the Future T rk e Yama v2.00

CharacterSet
Windows, Latin1

LinkerVersion
6.0

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
2.0

TimeStamp
2009:12:05 23:50:46+01:00

FileType
Win32 EXE

PEType
PE32

FileAccessDate
2015:01:12 14:26:24+01:00

ProductVersion
2.0

SubsystemVersion
4.0

OSVersion
4.0

FileCreateDate
2015:01:12 14:26:24+01:00

FileOS
Win32

LegalCopyright
2010 - OyunCeviri.com

MachineType
Intel 386 or later, and compatibles

CompanyName
www.OyunCeviri.com

CodeSize
23552

FileSubtype
0

ProductVersionNumber
2.0.0.0

EntryPoint
0x323c

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 335474c9bbfafd21d13c4de341d3152c
SHA1 a64e5d7c38c7b917f6da0078e2c73c29f6fb9786
SHA256 4fb3968f4c036aeca2f5c25600ccefae53f7cc7449c6f7cd4fbea92fd2a8817e
ssdeep
98304:x5cZmZbn/hxNW3F/xbG5FuCni+HlldG9ASlC:x2ZmL/W3F4wWBHXoNC

authentihash 9e264cc900cfdf0f1085245e84d43058666682b813c97c282994ae7d46eb5b66
imphash 099c0646ea7282d232219f8807883be0
File size 3.2 MB ( 3308558 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID NSIS - Nullsoft Scriptable Install System (94.8%)
Win32 Executable MS Visual C++ (generic) (3.4%)
Win32 Dynamic Link Library (generic) (0.7%)
Win32 Executable (generic) (0.5%)
Generic Win/DOS Executable (0.2%)
Tags
nsis peexe

VirusTotal metadata
First submission 2011-03-05 07:10:32 UTC ( 8 years, 1 month ago )
Last submission 2015-01-12 13:26:15 UTC ( 4 years, 3 months ago )
File names Back_To_The_Future_Turkce_Yama_v2.00.exe
01.Bölüm.exe
file-5282234_exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created mutexes
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.