× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 54f6e10b291eeb98900061cb12a8dcc34b9276bb3185c7d7db0dcf96d47c28ce
File name: explorer
Detection ratio: 0 / 55
Analysis date: 2016-07-26 13:00:20 UTC ( 2 years, 10 months ago )
Antivirus Result Update
Ad-Aware 20160726
AegisLab 20160726
AhnLab-V3 20160726
Alibaba 20160726
ALYac 20160726
Antiy-AVL 20160726
Arcabit 20160726
Avast 20160726
AVG 20160726
Avira (no cloud) 20160726
AVware 20160726
Baidu 20160726
BitDefender 20160726
Bkav 20160726
CAT-QuickHeal 20160726
ClamAV 20160726
CMC 20160725
Comodo 20160726
Cyren 20160726
DrWeb 20160726
Emsisoft 20160726
ESET-NOD32 20160726
F-Prot 20160726
F-Secure 20160726
Fortinet 20160726
GData 20160726
Ikarus 20160726
Jiangmin 20160726
K7AntiVirus 20160726
K7GW 20160726
Kaspersky 20160726
Kingsoft 20160726
Malwarebytes 20160726
McAfee 20160726
McAfee-GW-Edition 20160726
Microsoft 20160726
eScan 20160726
NANO-Antivirus 20160726
nProtect 20160726
Panda 20160725
Qihoo-360 20160726
Sophos AV 20160726
SUPERAntiSpyware 20160726
Symantec 20160726
Tencent 20160726
TheHacker 20160724
TotalDefense 20160726
TrendMicro 20160726
TrendMicro-HouseCall 20160726
VBA32 20160725
VIPRE 20160726
ViRobot 20160726
Yandex 20160724
Zillya 20160724
Zoner 20160726
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© ?????????? ??????????. ??? ????? ????????.

Product ???????????? ??????? Microsoft® Windows®
Original name EXPLORER.EXE
Internal name explorer
File version 6.00.2900.5512 (xpsp.080413-2105)
Description ?????????
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2008-04-13 19:17:04
Entry Point 0x0001A55F
Number of sections 4
PE sections
PE imports
RegCreateKeyExW
RegEnumValueW
RegCloseKey
GetUserNameW
RegDeleteValueW
RegQueryInfoKeyW
RegQueryValueExA
RegEnumKeyExW
RegEnumKeyW
RegCreateKeyW
RegOpenKeyExA
RegOpenKeyExW
RegNotifyChangeKeyValue
RegSetValueW
RegQueryValueExW
RegQueryValueW
RegSetValueExW
Ord(118)
Ord(106)
Ord(107)
Ord(135)
GetTextMetricsW
CreateFontIndirectW
PatBlt
SetStretchBltMode
CreateRectRgnIndirect
CombineRgn
GetClipBox
GetViewportOrgEx
GetLayout
GetDeviceCaps
TranslateCharsetInfo
OffsetViewportOrgEx
DeleteDC
SetBkMode
DeleteObject
IntersectClipRect
BitBlt
CreateDIBSection
SetTextColor
OffsetWindowOrgEx
CreatePatternBrush
ExtTextOutW
GetObjectW
GetTextExtentPoint32W
GetStockObject
SetViewportOrgEx
SelectClipRgn
CreateCompatibleDC
StretchBlt
CreateRectRgn
GetClipRgn
SelectObject
SetBkColor
GetTextExtentPointW
GetBkColor
CreateCompatibleBitmap
ReleaseMutex
DeactivateActCtx
WaitForSingleObject
CreateJobObjectW
GetFileAttributesW
SetInformationJobObject
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
UnhandledExceptionFilter
SetErrorMode
GetLocaleInfoW
LoadLibraryW
InterlockedExchange
GetSystemTimeAsFileTime
HeapReAlloc
GetThreadPriority
FreeLibrary
LocalFree
ResumeThread
InitializeCriticalSection
FindClose
HeapDestroy
MoveFileW
GetEnvironmentVariableW
SetLastError
DeviceIoControl
InterlockedDecrement
GetUserDefaultLangID
GetModuleFileNameW
ExitProcess
lstrcmpiW
LoadLibraryExA
SetThreadPriority
DelayLoadFailureHook
ActivateActCtx
GetSystemDefaultLCID
LoadLibraryExW
FlushInstructionCache
GetPrivateProfileStringW
RegisterWaitForSingleObject
CreateThread
GetSystemDirectoryW
SetUnhandledExceptionFilter
CreateMutexW
MulDiv
SetPriorityClass
TerminateProcess
GetModuleHandleExW
GlobalAlloc
GetCurrentThreadId
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
TerminateThread
lstrcmpiA
GetLastError
SetEvent
QueryPerformanceCounter
GetTickCount
GetVersionExA
LoadLibraryA
GetWindowsDirectoryW
OpenProcess
GetDateFormatW
GetStartupInfoW
ReadProcessMemory
GetUserDefaultLCID
GetProcessHeap
GetTimeFormatW
lstrcpyW
GetBinaryTypeW
ExpandEnvironmentStringsW
FindNextFileW
ResetEvent
FindFirstFileW
lstrcmpW
GetProcAddress
CreateEventW
CreateFileW
CreateEventA
HeapAlloc
LeaveCriticalSection
GlobalGetAtomNameW
SystemTimeToFileTime
GlobalFree
AssignProcessToJobObject
GetSystemWindowsDirectoryW
SetProcessShutdownParameters
lstrlenW
VirtualFree
GetQueuedCompletionStatus
CompareFileTime
GetCurrentProcessId
CreateIoCompletionPort
GetCommandLineW
HeapSize
InterlockedCompareExchange
GetCurrentThread
lstrcpynW
GetModuleHandleA
CloseHandle
GetModuleHandleW
GetFileAttributesExW
GetLongPathNameW
UnregisterWait
OpenEventW
CreateProcessW
Sleep
GetProcessTimes
VirtualAlloc
VariantClear
SysAllocString
Ord(110)
Ord(125)
Ord(111)
SHBindToParent
Ord(154)
Ord(727)
Ord(127)
Ord(91)
Ord(152)
Ord(245)
Ord(89)
Ord(54)
Ord(60)
Ord(162)
Ord(155)
Ord(241)
Ord(85)
Ord(18)
Ord(731)
Ord(653)
Ord(68)
DuplicateIcon
Ord(16)
Ord(149)
Ord(182)
Ord(190)
Ord(719)
Ord(77)
Ord(645)
SHGetPathFromIDListW
Ord(196)
Ord(733)
Ord(132)
SHChangeNotify
Ord(17)
ShellExecuteExW
Ord(64)
Ord(72)
Ord(201)
Ord(188)
SHGetPathFromIDListA
Ord(195)
Ord(233)
Ord(161)
Ord(102)
Ord(747)
Ord(193)
Ord(147)
Ord(100)
Ord(61)
SHGetDesktopFolder
Ord(25)
Ord(90)
Ord(71)
Ord(244)
Ord(711)
Ord(660)
Ord(137)
Ord(134)
Ord(4)
Ord(732)
SHGetSpecialFolderPathW
Ord(680)
SHGetFolderLocation
Ord(2)
Ord(82)
Ord(723)
SHGetFolderPathW
Ord(181)
Ord(753)
SHAddToRecentDocs
Ord(148)
Ord(23)
Ord(22)
Ord(644)
Ord(6)
Ord(21)
Ord(67)
Ord(236)
Ord(202)
SHGetSpecialFolderLocation
SHUpdateRecycleBinIcon
ExtractIconExW
SHParseDisplayName
Ord(200)
Ord(254)
Ord(156)
Ord(217)
SHRegGetUSValueW
PathIsDirectoryW
Ord(192)
SHRegGetBoolUSValueW
Ord(184)
Ord(237)
SHDeleteValueW
Ord(476)
Ord(346)
Ord(250)
StrToIntW
Ord(176)
SHRegOpenUSKeyW
PathUnquoteSpacesW
PathFindFileNameW
Ord(164)
SHCreateThreadRef
PathQuoteSpacesW
Ord(460)
PathRemoveBlanksW
Ord(199)
SHSetValueW
Ord(154)
Ord(548)
Ord(219)
Ord(178)
StrRetToBufW
Ord(437)
PathParseIconLocationW
PathFindExtensionW
PathRemoveArgsW
SHDeleteKeyW
SHGetValueW
Ord(292)
Ord(171)
Ord(165)
StrCatW
StrCmpIW
Ord(467)
Ord(204)
Ord(478)
PathRemoveFileSpecW
StrCatBuffW
StrCpyW
Ord(244)
PathAppendW
Ord(163)
StrCmpW
StrCmpNW
StrCpyNW
Ord(197)
Ord(16)
Ord(563)
Ord(212)
PathGetArgsW
Ord(509)
Ord(479)
PathIsPrefixW
Ord(278)
PathGetDriveNumberW
Ord(213)
PathStripToRootW
PathCombineW
Ord(439)
Ord(9)
AssocQueryKeyW
Ord(413)
SHRegSetUSValueW
StrStrIW
SHRegQueryUSValueW
Ord(513)
Ord(175)
AssocQueryStringW
SHRegCloseUSKey
PathIsNetworkPathW
StrDupW
Ord(10)
SHSetThreadRef
AssocCreate
Ord(172)
Ord(8)
SHRegWriteUSValueW
StrCmpNIW
SHOpenRegStream2W
Ord(225)
Ord(512)
SHStrDupW
Ord(174)
Ord(241)
Ord(433)
Ord(279)
StrChrW
wnsprintfW
PathFileExistsW
Ord(194)
Ord(215)
SHRegCreateUSKeyW
Ord(157)
Ord(240)
Ord(260)
Ord(177)
Ord(193)
Ord(158)
Ord(236)
SHQueryValueExW
StrRetToStrW
RedrawWindow
ChangeDisplaySettingsW
GetMessagePos
SetWindowRgn
UnregisterHotKey
LoadBitmapW
DestroyMenu
PostQuitMessage
GetForegroundWindow
LockSetForegroundWindow
SetWindowPos
GetNextDlgTabItem
IsWindow
EndPaint
WindowFromPoint
CascadeWindows
CharUpperBuffW
SetMenuItemInfoW
SetActiveWindow
GetDC
GetCursorPos
ReleaseDC
GetDlgCtrlID
SendMessageW
GetClientRect
AllowSetForegroundWindow
DrawTextW
SetScrollPos
LoadImageW
ClientToScreen
GetActiveWindow
RegisterHotKey
RegisterClipboardFormatW
LoadAcceleratorsW
GetMenuItemID
PtInRect
DrawEdge
GetParent
UpdateWindow
GetPropW
EqualRect
SetClassLongW
EnumWindows
GetMenuState
GetMessageW
ShowWindow
GetNextDlgGroupItem
SetPropW
EnumDisplayMonitors
PeekMessageW
EnableWindow
SetWindowPlacement
CharUpperW
ShowWindowAsync
GetSystemMenu
ChildWindowFromPoint
TranslateMessage
IsWindowEnabled
GetWindow
GetMenuDefaultItem
GetDlgItemInt
SetMenuDefaultItem
InternalGetWindowText
GetIconInfo
MsgWaitForMultipleObjects
PrintWindow
SetParent
RegisterClassW
IsZoomed
GetWindowPlacement
LoadStringW
IsHungAppWindow
IsIconic
EnumDisplayDevicesW
TrackPopupMenuEx
DrawFocusRect
GetDCEx
FillRect
MonitorFromPoint
CopyRect
GetSysColorBrush
CreateWindowExW
GetWindowLongW
GetWindowInfo
GetSubMenu
IsChild
SetFocus
RegisterWindowMessageW
GetMonitorInfoW
OpenInputDesktop
BeginPaint
OffsetRect
DefWindowProcW
CopyIcon
KillTimer
CharNextA
TrackMouseEvent
SendNotifyMessageW
MapWindowPoints
GetClassInfoExW
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetCapture
EnumChildWindows
EnumDisplaySettingsExW
SetWindowLongA
SendDlgItemMessageW
PostMessageW
InvalidateRect
CheckDlgButton
DrawCaption
WaitMessage
CreatePopupMenu
CheckMenuItem
GetWindowLongA
GetClassLongW
GetLastActivePopup
SetWindowTextW
SetTimer
GetDlgItem
RemovePropW
BringWindowToTop
ScreenToClient
GetScrollInfo
TrackPopupMenu
GetMenuItemCount
IsDlgButtonChecked
SetDlgItemInt
LoadCursorW
LoadIconW
DispatchMessageW
InsertMenuW
SwitchToThisWindow
SetForegroundWindow
NotifyWinEvent
ExitWindowsEx
GetMenuItemInfoW
GetAsyncKeyState
ChildWindowFromPointEx
IntersectRect
EndDialog
FindWindowW
GetCapture
EndTask
GetShellWindow
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
DeferWindowPos
BeginDeferWindowPos
MessageBoxW
RegisterClassExW
MoveWindow
DialogBoxParamW
AppendMenuW
AdjustWindowRectEx
GetFocus
GetSysColor
SendMessageCallbackW
SetScrollInfo
GetKeyState
EndDeferWindowPos
GetDoubleClickTime
DestroyIcon
IsWindowVisible
TileWindows
GetDesktopWindow
SubtractRect
SetCursorPos
SystemParametersInfoW
UnionRect
MonitorFromWindow
SetRect
DeleteMenu
MonitorFromRect
CharNextW
CallWindowProcW
GetClassNameW
DestroyWindow
ModifyMenuW
EnableMenuItem
CloseDesktop
IsRectEmpty
SendMessageTimeoutW
SetCursor
GetAncestor
TranslateAcceleratorW
GetThemeFont
GetThemeBackgroundRegion
GetThemeMargins
GetThemeRect
GetThemeBackgroundContentRect
Ord(47)
GetThemeBool
GetThemeTextExtent
DrawThemeText
OpenThemeData
IsAppThemed
DrawThemeParentBackground
CloseThemeData
DrawThemeBackground
GetThemeColor
GetThemePartSize
SetWindowTheme
_except_handler3
malloc
memmove
realloc
free
_ftol
_itow
_vsnwprintf
RtlNtStatusToDosError
NtQueryInformationProcess
CoInitializeEx
OleUninitialize
CoUninitialize
OleInitialize
CoRevokeClassObject
RevokeDragDrop
RegisterDragDrop
CoMarshalInterThreadInterfaceInStream
CoFreeUnusedLibraries
DoDragDrop
CreateBindCtx
CoRegisterClassObject
CoCreateInstance
Number of PE resources by type
RT_ICON 113
RT_BITMAP 34
RT_STRING 22
RT_GROUP_ICON 18
RT_DIALOG 7
RT_MENU 5
Struct(240) 1
RT_MANIFEST 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
RUSSIAN 203
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
7.1

ImageVersion
5.1

FileSubtype
0

FileVersionNumber
6.0.2900.5512

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
1291264

EntryPoint
0x1a55f

OriginalFileName
EXPLORER.EXE

MIMEType
application/octet-stream

LegalCopyright
. .

FileVersion
6.00.2900.5512 (xpsp.080413-2105)

TimeStamp
2008:04:13 20:17:04+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
explorer

ProductVersion
6.00.2900.5512

SubsystemVersion
4.1

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
282112

ProductName
Microsoft Windows

ProductVersionNumber
6.0.2900.5512

Warning
Possibly corrupt Version resource

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 af02b5c915e873a836f9eb436b1b7651
SHA1 f488332fe0106d340b7f7c18f7d0519815228f73
SHA256 54f6e10b291eeb98900061cb12a8dcc34b9276bb3185c7d7db0dcf96d47c28ce
ssdeep
49152:PmpcN7KgGqvB2g0gVKKPA2CnkcRVZvaXPt/:Pmpc7cBvaXPt

authentihash be676a057e327827c32ccbcea41a8ad99e39c138edd7a1f7f871b2542b468eda
imphash c3eb9567e9430e65e703dca7bb8343fa
File size 1.5 MB ( 1574400 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe

VirusTotal metadata
First submission 2016-06-28 12:44:27 UTC ( 2 years, 11 months ago )
Last submission 2016-06-28 12:44:27 UTC ( 2 years, 11 months ago )
File names explorer
EXPLORER.EXE
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Runtime DLLs