× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 55be431890e64dc95b332a742039b846d16df2af5fc2fd4a1f8f8c8812ef82ed
File name: ultradefrag-7.0.2.bin.ia64.exe
Detection ratio: 0 / 57
Analysis date: 2017-02-27 06:27:03 UTC ( 2 years, 2 months ago ) View latest
Antivirus Result Update
Ad-Aware 20170227
AegisLab 20170227
AhnLab-V3 20170226
Alibaba 20170227
ALYac 20170227
Antiy-AVL 20170227
Arcabit 20170227
Avast 20170227
AVG 20170227
Avira (no cloud) 20170226
AVware 20170227
Baidu 20170224
BitDefender 20170227
Bkav 20170225
CAT-QuickHeal 20170227
ClamAV 20170227
CMC 20170227
Comodo 20170227
CrowdStrike Falcon (ML) 20170130
Cyren 20170227
DrWeb 20170227
Emsisoft 20170227
Endgame 20170222
ESET-NOD32 20170227
F-Prot 20170227
F-Secure 20170227
Fortinet 20170227
GData 20170227
Ikarus 20170226
Sophos ML 20170203
Jiangmin 20170227
K7AntiVirus 20170227
K7GW 20170227
Kaspersky 20170227
Kingsoft 20170227
Malwarebytes 20170227
McAfee 20170225
McAfee-GW-Edition 20170227
Microsoft 20170227
eScan 20170227
NANO-Antivirus 20170227
nProtect 20170227
Panda 20170226
Qihoo-360 20170227
Rising 20170227
Sophos AV 20170227
SUPERAntiSpyware 20170226
Symantec 20170226
Tencent 20170227
TheHacker 20170223
TrendMicro-HouseCall 20170227
Trustlook 20170227
VBA32 20170224
VIPRE 20170227
ViRobot 20170227
Webroot 20170227
WhiteArmor 20170222
Yandex 20170225
Zillya 20170224
Zoner 20170227
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2007-2013 UltraDefrag Development Team

Product Ultra Defragmenter
File version 7.0.2
Description Ultra Defragmenter Setup
Packers identified
F-PROT UPX, NSIS, appended, UTF-8, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-12-05 22:50:46
Entry Point 0x0004D610
Number of sections 3
PE sections
Overlays
MD5 7848ee015e52630ecb1c325b13fae58c
File type data
Offset 80896
Size 3241468
Entropy 8.00
PE imports
RegEnumKeyA
SetBkMode
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
ShellExecuteA
VerQueryValueA
CoTaskMemFree
Number of PE resources by type
RT_ICON 11
RT_DIALOG 7
RT_MANIFEST 1
RT_BITMAP 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 21
NEUTRAL 1
PE resources
ExifTool file metadata
UninitializedDataSize
294912

LinkerVersion
6.0

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
7.0.2.0

LanguageCode
Neutral

FileFlagsMask
0x0000

FileDescription
Ultra Defragmenter Setup

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
61440

EntryPoint
0x4d610

MIMEType
application/octet-stream

LegalCopyright
Copyright 2007-2013 UltraDefrag Development Team

FileVersion
7.0.2

TimeStamp
2009:12:05 23:50:46+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
UltraDefrag Development Team

CodeSize
20480

ProductName
Ultra Defragmenter

ProductVersionNumber
7.0.2.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 3e6c3bd29c1a994b671ee2bfa4d522d1
SHA1 c8c9ded7a7bd606a386d255f61c5247db6b49456
SHA256 55be431890e64dc95b332a742039b846d16df2af5fc2fd4a1f8f8c8812ef82ed
ssdeep
49152:AWl3fC1z/4sHP8KI8VNTfs2aq0Pwl3D3YxNVdvuWhDbCqeQFt/lmcD/C9pfmRsXn:AW12HPPIkNIdT63D3Bi2qemtNmcD/TS3

authentihash d088118828e7828367a7ece88dcfce5718d95cc50086c15698f0ac2f4a79601f
imphash 2134f794bcda54794e74b7208adb2204
File size 3.2 MB ( 3322364 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (38.2%)
Win32 EXE Yoda's Crypter (37.5%)
Win32 Dynamic Link Library (generic) (9.2%)
Win32 Executable (generic) (6.3%)
OS/2 Executable (generic) (2.8%)
Tags
nsis peexe upx overlay

VirusTotal metadata
First submission 2016-12-17 10:36:46 UTC ( 2 years, 5 months ago )
Last submission 2018-06-25 19:57:54 UTC ( 11 months ago )
File names ultradefrag-7.0.2.bin.ia64.exe
ultradefrag-7.0.2.bin.ia64.exe
ultradefrag-7.0.2.bin.ia64.exe
ultradefrag-7.0.2.bin.ia64.exe
ultradefrag-7.0.2.bin.ia64.exe
ultradefrag-7.0.2.bin.ia64.exe
ultradefrag-itanium_7-0-2_fr_68760.exe
ultradefrag-7.0.2.bin.ia64.exe
UltraDefrag_(64bit)_v7.0.2.exe
ultradefrag-7.0.2.bin.ia64.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Runtime DLLs
UDP communications