× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5ad9a4a5ab08de90568a85efad94ca9be956baffce1b771b345342a96a288b17
File name: De-CMOS64.exe
Detection ratio: 1 / 67
Analysis date: 2018-06-09 00:00:03 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
Cybereason malicious.227d03 20180225
Ad-Aware 20180609
AegisLab 20180609
AhnLab-V3 20180608
Alibaba 20180608
ALYac 20180609
Antiy-AVL 20180609
Arcabit 20180609
Avast 20180609
Avast-Mobile 20180608
AVG 20180609
Avira (no cloud) 20180609
AVware 20180609
Babable 20180406
Baidu 20180608
BitDefender 20180609
Bkav 20180608
CAT-QuickHeal 20180609
ClamAV 20180608
CMC 20180608
Comodo 20180609
CrowdStrike Falcon (ML) 20180530
Cylance 20180609
Cyren 20180609
DrWeb 20180609
eGambit 20180609
Emsisoft 20180609
Endgame 20180507
ESET-NOD32 20180608
F-Prot 20180609
F-Secure 20180608
Fortinet 20180609
GData 20180609
Ikarus 20180608
Sophos ML 20180601
Jiangmin 20180608
K7AntiVirus 20180608
K7GW 20180608
Kaspersky 20180609
Kingsoft 20180609
MAX 20180609
McAfee 20180609
McAfee-GW-Edition 20180608
Microsoft 20180609
eScan 20180609
NANO-Antivirus 20180609
Palo Alto Networks (Known Signatures) 20180609
Panda 20180608
Qihoo-360 20180609
Rising 20180609
SentinelOne (Static ML) 20180225
Sophos AV 20180609
SUPERAntiSpyware 20180608
Symantec 20180608
Symantec Mobile Insight 20180605
TACHYON 20180608
Tencent 20180609
TheHacker 20180608
TotalDefense 20180608
TrendMicro 20180609
TrendMicro-HouseCall 20180609
Trustlook 20180609
VBA32 20180608
VIPRE 20180609
ViRobot 20180608
Webroot 20180609
Yandex 20180608
Zillya 20180608
ZoneAlarm by Check Point 20180609
Zoner 20180608
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
FileVersionInfo properties
Copyright
(C) 2010 Jozef Bogin

Product CMOS De-Animator x64
Original name DE-CMOS64.EXE
Internal name CMOS De-Animator
File version 1, 0, 0, 0
Description CMOS De-Animator x64
PE header basic information
Target machine x64
Compilation timestamp 2010-08-17 17:11:01
Entry Point 0x000310C2
Number of sections 3
PE sections
PE imports
GetProcAddress
GetModuleHandleA
MessageBoxA
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_RCDATA 1
RT_GROUP_ICON 1
Number of PE resources by language
SLOVAK DEFAULT 4
PE resources
ExifTool file metadata
CodeSize
49152

SubsystemVersion
5.2

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

FileDescription
CMOS De-Animator x64

ImageFileCharacteristics
Executable, Large address aware, No debug

CharacterSet
Unicode

InitializedDataSize
137216

EntryPoint
0x310c2

OriginalFileName
DE-CMOS64.EXE

MIMEType
application/octet-stream

LegalCopyright
(C) 2010 Jozef Bogin

FileVersion
1, 0, 0, 0

TimeStamp
2010:08:17 18:11:01+01:00

FileType
Win64 EXE

PEType
PE32+

InternalName
CMOS De-Animator

ProductVersion
1, 0, 0, 0

UninitializedDataSize
0

OSVersion
5.2

FileOS
Unknown (0)

Subsystem
Windows GUI

MachineType
AMD AMD64

CompanyName
ST-WARE Softworks

LegalTrademarks
(C) 2010 Jozef Bogin

ProductName
CMOS De-Animator x64

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

PE resource-wise parents
Compressed bundles
File identification
MD5 d7d6d2e756b92a116f785d0857e1f4ae
SHA1 3e69eb7227d0316df0c86f8d124b89fee962af96
SHA256 5ad9a4a5ab08de90568a85efad94ca9be956baffce1b771b345342a96a288b17
ssdeep
1536:reLlnWqlO1RDIgGCkynn5pRJGh53qbSgJjazsUXID8uPU/5IM+:rGGC2n5pah5ESgYM0RIM+

authentihash 0af0c6f88c27d921659f372b41daaf522de4ff0cd22007a61675f003df526c4e
imphash edde0414dac6027c066f48d36f7f81dd
File size 68.0 KB ( 69632 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID Generic Win/DOS Executable (50.0%)
DOS Executable Generic (49.9%)
Tags
64bits peexe

VirusTotal metadata
First submission 2010-08-17 18:28:47 UTC ( 8 years, 3 months ago )
Last submission 2018-09-18 06:17:27 UTC ( 2 months ago )
File names d7d6d2e756b92a116f785d0857e1f4ae
De-CMOS_64.exe
De-CMOS64.exe
aa
De-CMOS64 (1).exe
De-CMOS64.exe
jjLgCukb.vbs
CMOS De-Animator
Bios x64.exe
DE-CMOS64.EXE
qKwi.pps
De-CMOS64.exe
3e69eb7227d0316df0c86f8d124b89fee962af96.bin
smona132105407806161508725
De-CMOS64.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!