× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5c09d8822d6f2135c89d7a46366af1956be5dd035d48ad78cec685d0f5d82965
File name: 406447
Detection ratio: 0 / 54
Analysis date: 2016-02-09 05:03:07 UTC ( 3 years, 1 month ago ) View latest
Antivirus Result Update
Ad-Aware 20160209
AegisLab 20160209
Yandex 20160206
AhnLab-V3 20160208
Alibaba 20160204
Antiy-AVL 20160209
Arcabit 20160209
Avast 20160209
AVG 20160209
Avira (no cloud) 20160209
Baidu-International 20160208
BitDefender 20160209
Bkav 20160204
ByteHero 20160209
CAT-QuickHeal 20160208
ClamAV 20160208
CMC 20160205
Comodo 20160208
Cyren 20160209
DrWeb 20160209
Emsisoft 20160209
ESET-NOD32 20160209
F-Prot 20160129
F-Secure 20160209
Fortinet 20160209
GData 20160209
Ikarus 20160209
Jiangmin 20160209
K7AntiVirus 20160208
K7GW 20160209
Kaspersky 20160209
Malwarebytes 20160208
McAfee 20160209
McAfee-GW-Edition 20160209
Microsoft 20160209
eScan 20160209
NANO-Antivirus 20160209
nProtect 20160205
Panda 20160208
Qihoo-360 20160209
Rising 20160208
Sophos AV 20160209
SUPERAntiSpyware 20160209
Symantec 20160208
Tencent 20160209
TheHacker 20160208
TotalDefense 20160208
TrendMicro 20160209
TrendMicro-HouseCall 20160209
VBA32 20160208
VIPRE 20160209
ViRobot 20160209
Zillya 20160208
Zoner 20160209
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product Virtual Desk
Original name stub32i.exe
Internal name stub32i.exe
File version 1.1
Packers identified
F-PROT CAB, MSLZ
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2000-06-16 18:00:04
Entry Point 0x000084A7
Number of sections 4
PE sections
Overlays
MD5 e148aee926741e4374ba8d1223aed023
File type data
Offset 163840
Size 2248894
Entropy 8.00
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetDeviceCaps
GetObjectA
CreateCompatibleDC
DeleteDC
SetBkMode
GetTextExtentPointA
BitBlt
CreatePalette
GetStockObject
CreateDIBitmap
SelectPalette
CreateFontIndirectA
CreateSolidBrush
SelectObject
SetBkColor
TextOutA
EnumFontFamiliesExA
DeleteObject
RealizePalette
SetTextColor
GetStdHandle
GetFileAttributesA
WaitForSingleObject
HeapDestroy
FreeEnvironmentStringsA
GetCurrentProcess
LocalAlloc
lstrcatA
UnhandledExceptionFilter
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
WideCharToMultiByte
GetStringTypeA
WriteFile
GetDiskFreeSpaceA
GetStringTypeW
SetFileAttributesA
GetOEMCP
LocalFree
LoadResource
FindClose
FormatMessageA
HeapAlloc
RemoveDirectoryA
GetPrivateProfileStringA
GetSystemDefaultLCID
MultiByteToWideChar
WritePrivateProfileSectionA
GetModuleHandleA
SetUnhandledExceptionFilter
MulDiv
GetSystemDirectoryA
MoveFileExA
TerminateProcess
GlobalAlloc
LocalFileTimeToFileTime
GetVersion
HeapFree
SetHandleCount
lstrcmpiA
FreeLibrary
IsBadWritePtr
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetProcAddress
GetProcessHeap
FindFirstFileA
lstrcpyA
CompareStringA
GetTempFileNameA
CreateFileMappingA
FindNextFileA
GlobalLock
GetFileType
GetPrivateProfileSectionA
CreateFileA
ExitProcess
GetLastError
DosDateTimeToFileTime
LCMapStringW
HeapCreate
lstrlenA
GlobalFree
LCMapStringA
HeapReAlloc
GetEnvironmentStringsW
GlobalUnlock
IsDBCSLeadByte
GetModuleFileNameA
GetShortPathNameA
SizeofResource
WritePrivateProfileStringA
LockResource
SetFileTime
GetCPInfo
GetCommandLineA
MapViewOfFile
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetACP
GetEnvironmentStrings
CreateProcessA
UnmapViewOfFile
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
VirtualAlloc
LZCopy
LZClose
LZOpenFileA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SetFocus
GetParent
MapDialogRect
DrawTextA
BeginPaint
CharNextA
CreateDialogIndirectParamA
CheckRadioButton
ShowWindow
SetWindowPos
SendDlgItemMessageA
IsWindow
LoadIconA
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
PostMessageA
MoveWindow
GetDlgItemTextA
MessageBoxA
PeekMessageA
SetWindowLongA
GetWindowLongA
TranslateMessage
IsWindowEnabled
GetWindow
GetSysColor
SetActiveWindow
GetDC
ReleaseDC
SetWindowTextA
LoadStringA
SetParent
SendMessageA
GetClientRect
GetDlgItem
CreateDialogParamA
GetNextDlgTabItem
ScreenToClient
InvalidateRect
wsprintfA
UpdateWindow
GetActiveWindow
FillRect
IsDlgButtonChecked
GetSysColorBrush
GetDesktopWindow
LoadImageA
EndPaint
GetWindowTextA
IsDialogMessageA
DestroyWindow
Number of PE resources by type
RT_DIALOG 9
RT_STRING 7
RT_ICON 4
RT_BITMAP 2
Struct(255) 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 25
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
90112

ImageVersion
0.0

ProductName
Virtual Desk

FileVersionNumber
2.11.15.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
stub32i.exe

MIMEType
application/octet-stream

FileVersion
1.1

TimeStamp
2000:06:16 20:00:04+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
stub32i.exe

ProductVersion
1.1

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
JDSoft

CodeSize
69632

FileSubtype
0

ProductVersionNumber
2.11.15.0

EntryPoint
0x84a7

ObjectFileType
Executable application

File identification
MD5 e6dcbe67eb6460fea4ca908901cf4784
SHA1 ff0a89cac35674f19f9254d832dd810041ac6680
SHA256 5c09d8822d6f2135c89d7a46366af1956be5dd035d48ad78cec685d0f5d82965
ssdeep
49152:1uVftthlgx3ONRpKQyzyvdta1JbuzmS5EALexM82NNYMyPqHwbfD:efDgeczuuTbWmzAyM5NiMGFrD

authentihash 4c392c98576048aeec791b3d8e32f98ffb85031cd3c826b474942053e5280836
imphash 690c9e79bb34f8d71799aa65a51d3c5d
File size 2.3 MB ( 2412734 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe armadillo overlay

VirusTotal metadata
First submission 2008-01-18 04:51:14 UTC ( 11 years, 2 months ago )
Last submission 2017-02-23 19:32:21 UTC ( 2 years ago )
File names virtualdesk.exe
virtualdesk.exe
virtualdesk.exe
1282198021-virtualdesk.exe
19538803
406447
output.19538803.txt
stub32i.exe
5C09D8822D6F2135C89D7A46366AF1956BE5DD035D48AD78CEC685D0F5D82965
virtualdesk.exe
5c09d8822d6f2135c89d7a46366af1956be5dd035d48ad78cec685d0f5d82965
virtualdesk.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!