× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 50faa530830231d47d40ba9f5d69b607a0788e55737897f670ca9a81d66d191b
File name: search.json.exe
Detection ratio: 31 / 67
Analysis date: 2018-07-25 01:06:51 UTC ( 9 months ago ) View latest
Antivirus Result Update
AegisLab Troj.Spy.W32.Panda!c 20180725
ALYac Spyware.Banker.panda 20180725
Avast FileRepMalware 20180725
AVG FileRepMalware 20180725
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9998 20180724
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cybereason malicious.283d0c 20180225
Cyren W32/Trojan.UXEK-2140 20180725
DrWeb Trojan.MulDrop8.31866 20180725
Endgame malicious (high confidence) 20180711
ESET-NOD32 a variant of Win32/GenKryptik.CGCJ 20180724
Fortinet W32/Panda.BJT!tr 20180724
GData Win32.Backdoor.Zeus.H99BWX 20180725
Ikarus Backdoor.Win32.Cycbot 20180724
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 00538b8d1 ) 20180724
K7GW Trojan ( 00538b8d1 ) 20180724
Kaspersky Trojan-Spy.Win32.Panda.bjt 20180725
McAfee Artemis!92A2996283D0 20180725
McAfee-GW-Edition BehavesLike.Win32.Dropper.ch 20180724
NANO-Antivirus Virus.Win32.Gen.ccmw 20180724
Palo Alto Networks (Known Signatures) generic.ml 20180725
Qihoo-360 Win32/Trojan.Spy.f45 20180725
Rising Spyware.Zbot!8.16B (CLOUD) 20180724
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV Mal/Generic-S 20180724
Symantec Trojan.Gen.2 20180725
TrendMicro-HouseCall Suspicious_GEN.F47V0723 20180725
VBA32 BScope.Trojan.Fuerboos 20180724
Webroot W32.Trojan.Gen 20180725
ZoneAlarm by Check Point Trojan-Spy.Win32.Panda.bjt 20180724
Ad-Aware 20180725
AhnLab-V3 20180724
Alibaba 20180713
Antiy-AVL 20180725
Arcabit 20180725
Avast-Mobile 20180724
Avira (no cloud) 20180724
AVware 20180725
Babable 20180406
BitDefender 20180725
Bkav 20180724
CAT-QuickHeal 20180724
ClamAV 20180725
CMC 20180724
Comodo 20180725
Cylance 20180725
eGambit 20180725
Emsisoft 20180725
F-Prot 20180725
F-Secure 20180725
Jiangmin 20180724
Kingsoft 20180725
Malwarebytes 20180724
MAX 20180725
eScan 20180725
Panda 20180724
SUPERAntiSpyware 20180724
TACHYON 20180725
Tencent 20180725
TheHacker 20180723
TotalDefense 20180722
TrendMicro 20180725
Trustlook 20180725
VIPRE 20180724
ViRobot 20180724
Yandex 20180720
Zillya 20180724
Zoner 20180724
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2006-2015 - TortoiseSVN

Product TortoiseIDiff
Original name TortoiseIDiff.exe
Internal name TortoiseIDiff.exe
File version 1.9.0.26652
Description TortoiseIDiff
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-02-24 03:59:35
Entry Point 0x00004999
Number of sections 5
PE sections
PE imports
InitCommonControlsEx
CreateStatusWindowW
ImageList_Create
PropertySheetW
ImageList_LoadImageW
ImageList_Add
GetDeviceCaps
CreateSolidBrush
LineTo
GetTextMetricsW
TextOutW
CreateFontIndirectW
SelectObject
MoveToEx
CreatePen
GetStockObject
PtVisible
Polyline
DeleteObject
PatBlt
SetBkColor
CreateDIBSection
GetTextExtentPoint32W
SetTextColor
GetTextExtentPointW
GetLastError
GetComputerNameExW
EnterCriticalSection
OutputDebugStringW
GetModuleFileNameW
GlobalFree
WaitForSingleObject
FreeLibrary
QueryPerformanceCounter
GetTickCount
VirtualProtect
GlobalUnlock
GetFileAttributesW
LoadLibraryA
GlobalSize
DeleteCriticalSection
GetPriorityClass
LoadLibraryExA
SizeofResource
GetCurrentDirectoryW
GetFileSize
lstrcatA
LockResource
ExpandEnvironmentStringsA
GetWindowsDirectoryA
UnhandledExceptionFilter
LoadLibraryExW
SetEnvironmentVariableW
GlobalLock
SetFilePointer
WideCharToMultiByte
LoadLibraryW
GetModuleHandleA
ReadFile
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetModuleHandleW
SetErrorMode
SetEvent
FormatMessageW
TerminateProcess
GetModuleFileNameA
GetModuleHandleExW
InitializeCriticalSection
LoadResource
FindResourceW
CreateFileW
GlobalAlloc
CreateProcessW
CreateEventA
Sleep
DebugBreak
GetCurrentThreadId
GetProcAddress
SetLastError
WNetDisconnectDialog
DragAcceptFiles
RedrawWindow
GetForegroundWindow
DestroyWindow
DestroyMenu
PostQuitMessage
SetWindowPos
EndPaint
OpenIcon
WindowFromPoint
SetMenuItemInfoW
SetActiveWindow
GetDC
GetCursorPos
ChildWindowFromPointEx
GetMenu
GetClientRect
DrawTextW
CallNextHookEx
IsClipboardFormatAvailable
ClientToScreen
GetActiveWindow
GetWindowTextW
SetDlgItemTextW
GetWindowTextLengthW
LoadAcceleratorsW
PtInRect
GetParent
UpdateWindow
CheckRadioButton
GetMessageW
ShowWindow
SetDlgItemInt
PeekMessageW
InsertMenuItemW
SetWindowPlacement
TranslateMessage
IsWindowEnabled
GetDlgItemTextW
GetDlgItemInt
SetParent
SetClipboardData
IsZoomed
GetWindowPlacement
LoadStringW
DrawMenuBar
IsIconic
GetSubMenu
GetDCEx
IsDialogMessageW
FillRect
CopyRect
GetSysColorBrush
CreateWindowExW
GetWindowLongW
GetMenuItemInfoW
IsChild
MapWindowPoints
RegisterWindowMessageW
BeginPaint
OffsetRect
DefWindowProcW
KillTimer
SetTimer
GetClipboardData
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
GetMenuState
SendDlgItemMessageW
PostMessageW
GetScrollInfo
WaitMessage
CreatePopupMenu
CheckMenuItem
GetTitleBarInfo
DrawIconEx
SetWindowTextW
CreateMenu
GetDlgItem
BringWindowToTop
ScreenToClient
TrackPopupMenu
GetMenuItemCount
IsDlgButtonChecked
CheckDlgButton
GetDesktopWindow
SetWindowsHookExW
LoadCursorW
LoadIconW
DispatchMessageW
SetFocus
OpenClipboard
EmptyClipboard
ReleaseDC
SetLayeredWindowAttributes
EndDialog
GetCapture
MessageBeep
RemoveMenu
GetWindowThreadProcessId
DeferWindowPos
BeginDeferWindowPos
MessageBoxW
SendMessageW
RegisterClassExW
MoveWindow
DialogBoxParamW
GetWindowDC
GetSysColor
RegisterClipboardFormatW
GetKeyState
EndDeferWindowPos
EnableMenuItem
IsWindowVisible
SystemParametersInfoW
SetRect
DeleteMenu
InvalidateRect
AdjustWindowRect
ModifyMenuW
GetFocus
EnableWindow
CloseClipboard
SetCursor
TranslateAcceleratorW
__p__fmode
malloc
__iob_func
realloc
memset
strncat
fprintf
printf
fgets
fflush
feof
_memicmp
strncpy
_amsg_exit
?terminate@@YAXXZ
puts
memcpy
fputs
exit
sprintf
_snprintf
__setusermatherr
_controlfp
_XcptFilter
_cexit
_strlwr
__p__commode
free
getenv
atoi
__getmainargs
_exit
_vsnprintf
strstr
isalnum
memmove
strchr
_beginthreadex
_initterm
__set_app_type
CoTaskMemFree
CoCreateInstance
CoInitializeEx
Number of PE resources by type
RT_GROUP_CURSOR 2
RT_ICON 2
RT_MENU 2
RT_CURSOR 2
RT_GROUP_ICON 2
RT_MANIFEST 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 8
ENGLISH US 5
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.9.0.26652

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
TortoiseIDiff

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
51200

EntryPoint
0x4999

OriginalFileName
TortoiseIDiff.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2006-2015 - TortoiseSVN

FileVersion
1.9.0.26652

TimeStamp
2018:02:24 04:59:35+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
TortoiseIDiff.exe

ProductVersion
1.9.0.26652

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
http://tortoisesvn.net

CodeSize
147456

ProductName
TortoiseIDiff

ProductVersionNumber
1.9.0.26652

FileTypeExtension
exe

ObjectFileType
Executable application

Execution parents
File identification
MD5 92a2996283d0c9520711f965e454595f
SHA1 63a30b76b417d547b6d179c7527bac47e26d166a
SHA256 50faa530830231d47d40ba9f5d69b607a0788e55737897f670ca9a81d66d191b
ssdeep
6144:F1WNv3L6cPPorCpeCGXGHZ8MZUzdfD0VpcLYLq:F1WRnPMCpXGW58MeBD0jcLYL

authentihash d25a18f9ed65b0887eb7eceec66c666ba3f1a9c8bc9487f7d738ade1d768c887
imphash 3a9bbf30fa917ff98abed253b875bec4
File size 195.0 KB ( 199680 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (35.8%)
OS/2 Executable (generic) (16.1%)
Clipper DOS Executable (16.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-07-23 15:52:17 UTC ( 9 months ago )
Last submission 2018-07-23 15:52:17 UTC ( 9 months ago )
File names sqlite3.exe
key3.exe
TortoiseIDiff.exe
search.json.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Created mutexes
Opened mutexes
Runtime DLLs