× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 56601a120722fa40100674b8a3fe0bae39e8e63de131d7a71b63811ad8509f2b
File name: bitcoin-0.3.22rc4-win32-setup.exe
Detection ratio: 1 / 41
Analysis date: 2011-06-09 07:11:41 UTC ( 3 years, 1 month ago )
Antivirus Result Update
NOD32 probably unknown NewHeur_PE 20110609
AVG 20110608
AhnLab-V3 20110609
AntiVir 20110609
Antiy-AVL 20110607
Avast 20110608
Avast5 20110608
BitDefender 20110609
CAT-QuickHeal 20110609
ClamAV 20110609
Commtouch 20110608
Comodo 20110609
DrWeb 20110609
F-Prot 20110608
Fortinet 20110609
GData 20110609
Ikarus 20110609
Jiangmin 20110608
K7AntiVirus 20110608
Kaspersky 20110609
McAfee 20110609
McAfee-GW-Edition 20110609
Microsoft 20110609
Norman 20110608
PCTools 20110608
Panda 20110608
Prevx 20110609
Rising 20110608
SUPERAntiSpyware 20110609
Sophos 20110609
Symantec 20110609
TheHacker 20110609
TrendMicro 20110609
TrendMicro-HouseCall 20110609
VBA32 20110608
VIPRE 20110609
ViRobot 20110609
VirusBuster 20110608
eSafe 20110606
eTrust-Vet 20110608
nProtect 20110609
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Publisher Bitcoin project
Product Bitcoin
File version 0.3.22
PE header basic information
Number of sections 7
PE sections
PE imports
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControls
CreateBrushIndirect
CreateFontIndirectA
DeleteObject
GetDeviceCaps
SelectObject
SetBkColor
SetBkMode
SetTextColor
CloseHandle
CompareFileTime
CopyFileA
CreateDirectoryA
CreateFileA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetDiskFreeSpaceA
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
GetTickCount
GetVersion
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
LoadLibraryExA
MoveFileA
MulDiv
MultiByteToWideChar
ReadFile
RemoveDirectoryA
SearchPathA
SetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
SetFilePointer
SetFileTime
Sleep
WaitForSingleObject
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize
SHBrowseForFolderA
SHFileOperationA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
AppendMenuA
BeginPaint
CallWindowProcA
CharNextA
CharPrevA
CheckDlgButton
CloseClipboard
CreateDialogParamA
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
ExitWindowsEx
FillRect
FindWindowExA
GetClassInfoA
GetClientRect
GetDC
GetDlgItem
GetDlgItemTextA
GetMessagePos
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
IsWindow
IsWindowEnabled
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadImageA
MessageBoxIndirectA
OpenClipboard
PeekMessageA
PostQuitMessage
RegisterClassA
ScreenToClient
SendMessageA
SendMessageTimeoutA
SetClassLongA
SetClipboardData
SetCursor
SetDlgItemTextA
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
TrackPopupMenu
wsprintfA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
14848

ImageVersion
6.0

CompanyWebsite
http://www.bitcoin.org/

ProductName
Bitcoin

FileVersionNumber
0.3.22.0

UninitializedDataSize
154624

LanguageCode
Neutral

FileFlagsMask
0x0000

CharacterSet
ASCII

LinkerVersion
2.56

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
0.3.22

TimeStamp
2010:01:05 09:27:24+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
0.3.22

OSVersion
4.0

FileOS
Win32

MachineType
Intel 386 or later, and compatibles

CompanyName
Bitcoin project

CodeSize
34816

FileSubtype
0

ProductVersionNumber
0.3.22.0

EntryPoint
0x3e3f

ObjectFileType
Executable application

File identification
MD5 947877ec934829d58e1f8060ef94c540
SHA1 d2750d92d9f2921c8469fa8abc783483c5cb568f
SHA256 56601a120722fa40100674b8a3fe0bae39e8e63de131d7a71b63811ad8509f2b
ssdeep
196608:QJuPOHcs+/7DCIl6/FjsxlIY8YLd/6wTnN:QJuu2DCACQJ8Ad1N

File size 6.1 MB ( 6363270 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable MS Visual C++ (generic) (75.0%)
Win32 Executable Generic (16.9%)
Generic Win/DOS Executable (3.9%)
DOS Executable Generic (3.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2011-06-09 07:11:41 UTC ( 3 years, 1 month ago )
Last submission 2011-06-09 07:11:41 UTC ( 3 years, 1 month ago )
File names bitcoin-0.3.22rc4-win32-setup.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!