× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 541bf42861424241dfc2e4829aafdc8037eda3eb9e19700a9b5ab8c4c979f810
File name: 1341954292-DiskTT.exe
Detection ratio: 1 / 56
Analysis date: 2015-03-26 17:44:07 UTC ( 1 day, 11 hours ago )
Antivirus Result Update
Bkav HW32.Packed.810C 20150326
ALYac 20150326
AVG 20150326
AVware 20150326
Ad-Aware 20150326
AegisLab 20150326
Agnitum 20150325
AhnLab-V3 20150326
Alibaba 20150326
Antiy-AVL 20150326
Avast 20150326
Avira 20150326
Baidu-International 20150326
BitDefender 20150326
ByteHero 20150326
CAT-QuickHeal 20150326
CMC 20150325
ClamAV 20150326
Comodo 20150326
Cyren 20150326
DrWeb 20150326
ESET-NOD32 20150326
Emsisoft 20150326
F-Prot 20150326
F-Secure 20150326
Fortinet 20150326
GData 20150326
Ikarus 20150326
K7AntiVirus 20150326
K7GW 20150326
Kaspersky 20150326
Kingsoft 20150326
Malwarebytes 20150326
McAfee 20150326
McAfee-GW-Edition 20150326
MicroWorld-eScan 20150326
Microsoft 20150326
NANO-Antivirus 20150326
Norman 20150326
Panda 20150326
Qihoo-360 20150326
Rising 20150326
SUPERAntiSpyware 20150326
Sophos 20150326
Symantec 20150326
Tencent 20150326
TheHacker 20150324
TotalDefense 20150326
TrendMicro 20150326
TrendMicro-HouseCall 20150326
VBA32 20150326
VIPRE 20150326
ViRobot 20150326
Zillya 20150325
Zoner 20150326
nProtect 20150326
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Developer metadata
Copyright
© 2009 Object Software Ontwikkeling BV

Publisher Object Software Ontwikkeling BV
Product Disk Thruput Tester
Internal name DiskTT
File version 2.2.15.215
Comments Written by R.M. de Mare
Packers identified
F-PROT UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-05-24 10:22:38
Link date 11:22 AM 5/24/2012
Entry Point 0x000D0740
Number of sections 3
PE sections
PE imports
RegCloseKey
ImageList_Add
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
CoTaskMemFree
VariantInit
ShellExecuteA
Number of PE resources by type
RT_BITMAP 23
RT_STRING 15
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_RCDATA 3
RT_ICON 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 49
ENGLISH US 7
DUTCH 4
ExifTool file metadata
UninitializedDataSize
548864

Comments
Written by R.M. de Mare

InitializedDataSize
8192

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.2.15.215

LanguageCode
Dutch

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
5.0

MIMEType
application/octet-stream

LegalCopyright
2009 Object Software Ontwikkeling BV

FileVersion
2.2.15.215

TimeStamp
2012:05:24 11:22:38+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
DiskTT

ProductVersion
2.01 release 13

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Object Software Ontwikkeling BV

CodeSize
303104

ProductName
Disk Thruput Tester

ProductVersionNumber
2.2.15.215

EntryPoint
0xd0740

ObjectFileType
Executable application

File identification
MD5 9a7cf76097ac75aa9fb48f2eb49959a9
SHA1 2baa8f41f873a7277e8070dda1fca50d93dce60f
SHA256 541bf42861424241dfc2e4829aafdc8037eda3eb9e19700a9b5ab8c4c979f810
ssdeep
6144:U05mQDMYdrjH/aWYynWPSCDtMIXA8TMpaZAPBZHFAvpzZwD1Y:x5mQMc/H/HYynjWtnXRYMYFABz

authentihash 84c3ad0a27219743560f32426bcd5dd65007bcdcedb067b96da3542e66527dd4
imphash 35d755e1aef2815be20e11a417dd9d03
File size 302.0 KB ( 309248 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (42.3%)
Win32 EXE Yoda's Crypter (36.7%)
Win32 Dynamic Link Library (generic) (9.1%)
Win32 Executable (generic) (6.2%)
Generic Win/DOS Executable (2.7%)
Tags
peexe upx

VirusTotal metadata
First submission 2012-05-30 10:00:20 UTC ( 2 years, 10 months ago )
Last submission 2015-03-26 17:44:07 UTC ( 1 day, 11 hours ago )
File names a8a183c6ee5318185bd03665a0.exe
file-4024875_exe
1341954292-DiskTT.exe
DiskTT 2.02.15 - Setup (Disk Throughput Tester, measure performance of harddrive read_write function).exe
output.23870290.txt
myfile
23870290
9a7cf76097ac75aa9fb48f2eb49959a9.exe
DiskTT
DiskTT.exe
DiskTT.exe
5B6BCE0A00CC0CADB8F50402A9F7BF00492496A0.exe
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/doc/pua.html .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs