× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 50c83da34270e39382f9d611ca1fa36a45eb4de8c9efbbc76bba46b91edba9ea
File name: Ketarin.exe
Detection ratio: 0 / 54
Analysis date: 2014-07-13 14:54:16 UTC ( 4 years ago ) View latest
Antivirus Result Update
Ad-Aware 20140713
AegisLab 20140713
Yandex 20140712
AhnLab-V3 20140713
AntiVir 20140713
Antiy-AVL 20140713
Avast 20140713
AVG 20140713
Baidu-International 20140713
BitDefender 20140713
Bkav 20140711
ByteHero 20140713
CAT-QuickHeal 20140712
ClamAV 20140712
CMC 20140711
Commtouch 20140713
Comodo 20140712
DrWeb 20140713
Emsisoft 20140713
ESET-NOD32 20140713
F-Prot 20140713
F-Secure 20140713
Fortinet 20140713
GData 20140713
Ikarus 20140713
Jiangmin 20140713
K7AntiVirus 20140711
K7GW 20140711
Kaspersky 20140713
Kingsoft 20140713
Malwarebytes 20140713
McAfee 20140713
McAfee-GW-Edition 20140712
Microsoft 20140713
eScan 20140713
NANO-Antivirus 20140713
Norman 20140713
nProtect 20140713
Panda 20140713
Qihoo-360 20140713
Rising 20140713
Sophos AV 20140713
SUPERAntiSpyware 20140713
Symantec 20140713
Tencent 20140713
TheHacker 20140711
TotalDefense 20140713
TrendMicro 20140713
TrendMicro-HouseCall 20140713
VBA32 20140712
VIPRE 20140713
ViRobot 20140713
Zillya 20140712
Zoner 20140711
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Canneverbe Limited 2008-2010

Product Ketarin
Original name Ketarin.exe
Internal name Ketarin.exe
File version 1.6.0.434
Description Ketarin
Comments A small application to keep a collection of setup files up-to-date.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-05-28 17:07:29
Entry Point 0x001291BE
Number of sections 3
.NET details
Module Version ID a18cc964-b047-4873-aa12-388adb965aae
TypeLib ID ee3d820e-ddd5-44f4-875c-d146a1e3c54c
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 8
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 11
PE resources
Debug information
ExifTool file metadata
FileDescription
Ketarin

Comments
A small application to keep a collection of setup files up-to-date.

InitializedDataSize
122880

ImageVersion
0.0

ProductName
Ketarin

FileVersionNumber
1.6.0.434

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
Ketarin.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.6.0.434

TimeStamp
2011:05:28 18:07:29+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Ketarin.exe

SubsystemVersion
4.0

ProductVersion
1.6.0.434

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Canneverbe Limited 2008-2010

MachineType
Intel 386 or later, and compatibles

CompanyName
Canneverbe Limited

CodeSize
1208832

FileSubtype
0

ProductVersionNumber
1.6.0.434

EntryPoint
0x1291be

ObjectFileType
Executable application

AssemblyVersion
1.6.0.434

CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
Execution parents
Compressed bundles
File identification
MD5 dcd49ad66ef25c91d16d7a10ca461048
SHA1 0c4bbaee45b7a281fbce1df190f9ba248fdadcb6
SHA256 50c83da34270e39382f9d611ca1fa36a45eb4de8c9efbbc76bba46b91edba9ea
ssdeep
12288:zOdR2ySSW5DKa/h0XUEhhK2xGQYxhPEFMdKmYhYCehSIPJnYhm4p4nuTw2U/qU6V:XbSW5DKa/h0XUoKgjMaIBnp29oaMQ5d

authentihash f5aeb3a43ed4930b46f9f186a1ad5c960b63a6f4ac04d7a3ec2e30d5b7eb7a38
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 1.3 MB ( 1332224 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (57.2%)
Win64 Executable (generic) (21.5%)
DOS Borland compiled Executable (generic) (7.8%)
Win32 Dynamic Link Library (generic) (5.1%)
Win32 Executable (generic) (3.5%)
Tags
peexe assembly

VirusTotal metadata
First submission 2011-06-01 15:40:34 UTC ( 7 years, 1 month ago )
Last submission 2018-01-06 22:49:06 UTC ( 6 months, 2 weeks ago )
File names file-4528896_exe
smona130885432090496406113
smona131652204822408562902
smona_50c83da34270e39382f9d611ca1fa36a45eb4de8c9efbbc76bba46b91edba9ea.bin
smona131713926986676666159
smona132207550278045138569
smona132485443813661959439
Ketarin.exe
ketarin.exe
smona132316249488952259984
Ketarin.exe
D59C46DC0095FB2454901434E7DB4700A559245F.exe
smona131759531200362807055
smona132123459981100549187
Ketarin.exe
smona130729678438718546224
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!