× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5aee633f7ebda1bdf21281d699648fb571ddfa85acc184003c70a643856e5586
File name: MCP_1-0-0-3.exe
Detection ratio: 1 / 44
Analysis date: 2012-10-14 20:29:20 UTC ( 6 years, 3 months ago )
Antivirus Result Update
Jiangmin TrojanDownloader.Adload.rxs 20121014
Yandex 20121014
AhnLab-V3 20121014
AntiVir 20121014
Antiy-AVL 20121014
Avast 20121014
AVG 20121014
BitDefender 20121014
ByteHero 20121009
CAT-QuickHeal 20121014
ClamAV 20121013
Commtouch 20121014
Comodo 20121014
DrWeb 20121014
Emsisoft 20120919
eSafe 20121014
ESET-NOD32 20121014
F-Prot 20121013
F-Secure 20121003
Fortinet 20121014
GData 20121014
Ikarus 20121014
K7AntiVirus 20121013
Kaspersky 20121014
Kingsoft 20121008
McAfee 20121014
McAfee-GW-Edition 20121014
Microsoft 20121014
eScan 20121014
Norman 20121014
nProtect 20121014
Panda 20121014
PCTools 20121014
Rising 20121012
Sophos AV 20121014
SUPERAntiSpyware 20121014
Symantec 20121014
TheHacker 20121014
TotalDefense 20121014
TrendMicro 20121014
TrendMicro-HouseCall 20121014
VBA32 20121012
VIPRE 20121014
ViRobot 20121014
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2012 PantherMan594

Publisher PantherMan594
Product MCPortable
Original name MCPortable.exe
Internal name MCP.exe
File version 1.0.0.3
Description MCPortable Installer
Packers identified
F-PROT 7Z
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-11-18 16:27:33
Entry Point 0x0001D262
Number of sections 5
PE sections
PE imports
AreFileApisANSI
GetLastError
GetStdHandle
EnterCriticalSection
FileTimeToSystemTime
lstrlenA
RemoveDirectoryW
WaitForSingleObject
SetEvent
GetCommandLineW
GetTickCount
SetFileTime
SetFileAttributesW
GetVersionExA
RemoveDirectoryA
DeleteFileA
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoA
SetFileAttributesA
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetFileSize
lstrcatA
CreateDirectoryA
GetModuleHandleW
GetCurrentDirectoryA
FormatMessageW
MultiByteToWideChar
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
FormatMessageA
GetFullPathNameA
SetFilePointer
GetFullPathNameW
CloseHandle
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleA
ReadFile
WriteFile
GetCurrentProcess
FindFirstFileA
ResetEvent
FindFirstFileW
GetProcAddress
SetPriorityClass
LocalFree
MoveFileA
InitializeCriticalSection
CreateFileW
VirtualFree
CreateEventA
FindClose
Sleep
MoveFileW
SetEndOfFile
CreateFileA
VirtualAlloc
SetLastError
LeaveCriticalSection
_purecall
__p__fmode
malloc
__CxxFrameHandler
??1type_info@@UAE@XZ
memset
__dllonexit
_except_handler3
_onexit
wcslen
exit
_XcptFilter
memcmp
__setusermatherr
_controlfp
_adjust_fdiv
_acmdln
_CxxThrowException
__p__commode
free
__getmainargs
memcpy
memmove
_beginthreadex
_initterm
_exit
__set_app_type
Ord(6)
Ord(2)
Ord(9)
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
MapDialogRect
EndDialog
CharUpperW
KillTimer
ShowWindow
MessageBoxW
GetWindowRect
SetDlgItemTextA
PostMessageA
MoveWindow
DialogBoxParamW
SetWindowLongA
DialogBoxParamA
CharUpperA
LoadStringA
SystemParametersInfoA
SetWindowTextA
SendMessageW
GetWindowLongA
SendMessageA
LoadStringW
SetWindowTextW
GetDlgItem
ScreenToClient
InvalidateRect
wsprintfA
GetWindowTextLengthA
SetTimer
LoadCursorA
LoadIconA
IsDlgButtonChecked
GetWindowTextW
GetWindowTextLengthW
GetWindowTextA
SetCursor
CoUninitialize
CoInitialize
Number of PE resources by type
RT_ICON 15
RT_STRING 9
RT_DIALOG 4
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 30
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.3

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
629248

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 2012 PantherMan594

FileVersion
1.0.0.3

TimeStamp
2010:11:18 17:27:33+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MCP.exe

ProductVersion
1.0.0.3

FileDescription
MCPortable Installer

OSVersion
4.0

OriginalFilename
MCPortable.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
PantherMan594

CodeSize
127488

ProductName
MCPortable

ProductVersionNumber
1.0.0.3

EntryPoint
0x1d262

ObjectFileType
Executable application

File identification
MD5 9273a2f8dd72a37e07422c53af47f4e1
SHA1 28cfe80594243f50c0812121b0f13d6ed842323c
SHA256 5aee633f7ebda1bdf21281d699648fb571ddfa85acc184003c70a643856e5586
ssdeep
24576:uWvknOMEBiF6sO2fsgrIxHcRsydxLOIFzaEx:uUeOMAiF6Z2frcx86yd59aS

File size 1.2 MB ( 1282729 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe armadillo

VirusTotal metadata
First submission 2012-10-14 20:29:20 UTC ( 6 years, 3 months ago )
Last submission 2012-10-14 20:29:20 UTC ( 6 years, 3 months ago )
File names MCPortable.exe
MCP_1-0-0-3.exe
MCP.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!