× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5d0328165c0520de5be15820f6e46319c7999c3ea133c5a8d8221c5b7bc1f23f
File name: iZotope Iris
Detection ratio: 0 / 69
Analysis date: 2018-09-24 00:56:46 UTC ( 7 months ago )
Antivirus Result Update
Ad-Aware 20180924
AegisLab 20180923
AhnLab-V3 20180923
Alibaba 20180921
ALYac 20180924
Antiy-AVL 20180924
Arcabit 20180923
Avast 20180924
Avast-Mobile 20180923
AVG 20180924
Avira (no cloud) 20180923
AVware 20180923
Babable 20180918
Baidu 20180914
BitDefender 20180923
Bkav 20180921
CAT-QuickHeal 20180923
ClamAV 20180923
CMC 20180923
Comodo 20180924
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180924
Cyren 20180924
DrWeb 20180924
eGambit 20180924
Emsisoft 20180923
Endgame 20180730
ESET-NOD32 20180923
F-Prot 20180923
F-Secure 20180923
Fortinet 20180923
GData 20180923
Ikarus 20180923
Sophos ML 20180717
Jiangmin 20180924
K7AntiVirus 20180923
K7GW 20180923
Kaspersky 20180923
Kingsoft 20180924
Malwarebytes 20180924
MAX 20180924
McAfee 20180923
McAfee-GW-Edition 20180923
Microsoft 20180923
eScan 20180923
NANO-Antivirus 20180923
Palo Alto Networks (Known Signatures) 20180924
Panda 20180923
Qihoo-360 20180924
Rising 20180923
SentinelOne (Static ML) 20180830
Sophos AV 20180923
SUPERAntiSpyware 20180907
Symantec 20180923
Symantec Mobile Insight 20180918
TACHYON 20180924
Tencent 20180924
TheHacker 20180920
TotalDefense 20180923
TrendMicro 20180924
TrendMicro-HouseCall 20180924
Trustlook 20180924
VBA32 20180921
VIPRE 20180924
ViRobot 20180923
Webroot 20180924
Yandex 20180922
Zillya 20180922
ZoneAlarm by Check Point 20180924
Zoner 20180923
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2012

Product iZotope Iris
Original name RXSynth.rc
Internal name iZotope Iris
File version 1, 0, 0, 0
Description iZotope Iris
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-04-13 01:31:32
Entry Point 0x00411F91
Number of sections 5
PE sections
PE imports
RegCreateKeyExW
RegDeleteValueW
CryptReleaseContext
RegCloseKey
CryptAcquireContextA
RegSetValueExW
RegQueryValueExA
RegEnumKeyExW
RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegEnumValueW
RegDeleteKeyW
RegOpenKeyExA
CryptHashData
CryptVerifySignatureA
RegQueryValueExW
CryptDestroyHash
CryptCreateHash
InitCommonControlsEx
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
CertFreeCertificateContext
CertFindCertificateInStore
CertCloseStore
PFXImportCertStore
CryptImportPublicKeyInfo
BitBlt
DeleteDC
CreateDIBSection
SetBkMode
GetTextExtentPoint32A
CreateFontA
GetStockObject
CreateCompatibleBitmap
TextOutA
GetTextMetricsA
CreateSolidBrush
SelectObject
SetBkColor
GetTextExtentExPointA
SelectClipRgn
CreateCompatibleDC
DeleteObject
CreateFontW
SetTextColor
GetStdHandle
GetDriveTypeW
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
EncodePointer
GetFileAttributesW
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
OpenFileMappingA
SetErrorMode
GetLogicalDrives
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
InterlockedExchange
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
FreeLibrary
LocalFree
ResumeThread
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
GetFullPathNameW
OutputDebugStringA
SetLastError
PeekNamedPipe
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
HeapAlloc
GetVersionExA
GetModuleFileNameA
QueryPerformanceFrequency
HeapSetInformation
GetVolumeInformationA
SetThreadPriority
GetUserDefaultLCID
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
DeleteTimerQueueTimer
CreateMutexA
GetModuleHandleA
SetFileAttributesW
CreateThread
MoveFileExW
GetSystemDirectoryW
SetNamedPipeHandleState
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
ExitThread
DecodePointer
SetEnvironmentVariableA
TerminateProcess
CreateSemaphoreW
VirtualQuery
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
LoadLibraryW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetSystemDirectoryA
GlobalSize
GetWindowsDirectoryW
WaitForMultipleObjects
DeleteFileA
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CompareStringW
WaitNamedPipeW
RemoveDirectoryW
GetFileInformationByHandle
FindFirstFileExA
FindNextFileW
ResetEvent
CreateTimerQueueTimer
CreateFileMappingA
FindFirstFileW
DuplicateHandle
FindFirstFileExW
ExpandEnvironmentStringsA
SetEvent
GetProcessAffinityMask
GetTimeZoneInformation
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GetShortPathNameW
HeapCreate
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
GetEnvironmentStringsW
GlobalUnlock
GlobalAlloc
TransactNamedPipe
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
InterlockedCompareExchange
GetCurrentThread
RaiseException
ReleaseSemaphore
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GlobalLock
GetModuleHandleW
GetLongPathNameW
CreateProcessA
IsValidCodePage
UnmapViewOfFile
WriteFile
CreateProcessW
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
AccessibleObjectFromWindow
LresultFromObject
SysFreeString
VariantClear
SysAllocString
UuidCreateSequential
DragQueryFileW
SHBrowseForFolderW
SHGetFolderPathW
ShellExecuteW
SHGetPathFromIDListW
DragQueryFileA
SHGetMalloc
CommandLineToArgvW
PathMakeSystemFolderW
PathIsSystemFolderW
PathUnmakeSystemFolderW
RedrawWindow
RegisterClipboardFormatA
GetForegroundWindow
DestroyMenu
PostQuitMessage
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
VkKeyScanA
WindowFromPoint
SetMenuItemInfoW
GetDC
GetAsyncKeyState
ReleaseDC
GetDlgCtrlID
SendMessageW
UnregisterClassA
SendMessageA
UnregisterClassW
GetClientRect
IsClipboardFormatAvailable
GetActiveWindow
GetWindowTextW
GetWindowTextLengthW
GetWindowTextA
GetKeyState
DestroyWindow
GetMessageA
GetParent
UpdateWindow
SetPropA
CheckRadioButton
GetClassInfoExA
ShowWindow
GetPropA
InsertMenuItemW
SetWindowPlacement
GetDlgItemTextA
PeekMessageA
TranslateMessage
IsWindowEnabled
GetDlgItemTextW
CreateCursor
SetClipboardData
GetWindowPlacement
DrawMenuBar
EnableMenuItem
DrawFocusRect
SetTimer
FillRect
EnumThreadWindows
CreateAcceleratorTableW
IsWindowUnicode
CreateWindowExW
GetWindowLongW
GetCursorPos
GetWindowInfo
IsChild
SetFocus
SetCapture
BeginPaint
DefWindowProcW
KillTimer
GetMonitorInfoA
RegisterWindowMessageA
DefWindowProcA
GetClipboardData
GetClassInfoExW
SetWindowLongW
GetWindowRect
PostMessageA
ReleaseCapture
SetWindowLongA
PostMessageW
MonitorFromRect
CheckDlgButton
WaitMessage
CreatePopupMenu
CheckMenuItem
GetWindowLongA
SetWindowTextW
CreateMenu
GetDlgItem
ScreenToClient
LoadCursorA
TrackPopupMenu
DialogBoxIndirectParamW
IsDlgButtonChecked
DestroyAcceleratorTable
GetDesktopWindow
GetSystemMenu
NotifyWinEvent
OpenClipboard
EmptyClipboard
SetLayeredWindowAttributes
EndDialog
SendInput
GetCapture
RemovePropA
SetWindowTextA
RemoveMenu
MessageBoxW
RegisterClassExW
SetMenu
SetDlgItemTextA
MoveWindow
DialogBoxParamW
AppendMenuW
DestroyCursor
AdjustWindowRectEx
DialogBoxParamA
GetSysColor
SetDlgItemTextW
RegisterClassExA
LoadIconW
InvalidateRect
TranslateAcceleratorA
GetFocus
EnableWindow
CloseClipboard
GetAncestor
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
HttpQueryInfoA
midiOutLongMsg
waveOutReset
waveInOpen
midiOutGetDevCapsA
midiInStop
midiInOpen
waveOutGetDevCapsA
midiInGetErrorTextA
timeSetEvent
midiStreamStop
midiStreamClose
timeBeginPeriod
midiOutGetErrorTextA
midiOutShortMsg
waveOutOpen
waveOutPrepareHeader
waveInGetDevCapsA
midiInStart
waveOutGetNumDevs
midiStreamOut
midiInReset
waveOutClose
midiInClose
waveInAddBuffer
timeGetTime
midiOutOpen
midiInGetDevCapsA
waveInClose
midiInGetNumDevs
midiInUnprepareHeader
waveInGetNumDevs
midiOutClose
midiStreamPosition
midiInAddBuffer
midiStreamProperty
midiOutGetNumDevs
midiOutPrepareHeader
waveInPrepareHeader
waveOutUnprepareHeader
midiStreamOpen
waveInUnprepareHeader
midiOutUnprepareHeader
waveInStart
waveOutWrite
midiStreamRestart
waveInReset
midiInPrepareHeader
htonl
ioctlsocket
WSAStartup
connect
getsockname
htons
inet_ntoa
select
getsockopt
closesocket
inet_addr
send
getservbyport
ntohs
WSAGetLastError
gethostbyaddr
listen
__WSAFDIsSet
gethostbyname
WSASetLastError
recv
socket
bind
getservbyname
GdipDeletePrivateFontCollection
GdipGetFontCollectionFamilyCount
GdipCreateSolidFill
GdipFlush
GdipDeleteBrush
GdipGetCellDescent
GdipGetGenericFontFamilySansSerif
GdipDeleteStringFormat
GdipSetStringFormatMeasurableCharacterRanges
GdipCreateBitmapFromScan0
GdipGetRegionBounds
GdiplusShutdown
GdipDeleteFontFamily
GdipCloneFontFamily
GdipDisposeImage
GdipGetEmHeight
GdipCloneImage
GdipCreateRegion
GdipGetFamilyName
GdiplusStartup
GdipMeasureCharacterRanges
GdipSetSolidFillColor
GdipDeleteGraphics
GdipDeleteFont
GdipGetCellAscent
GdipGetImageWidth
GdipAlloc
GdipCreateFont
GdipDeleteRegion
GdipCloneBrush
GdipFree
GdipDrawString
GdipCreateFontFamilyFromName
GdipCreateStringFormat
GdipPrivateAddFontFile
GdipGetFontCollectionFamilyList
GdipNewPrivateFontCollection
GdipGetImageGraphicsContext
GdipSetTextRenderingHint
OleUninitialize
CoUninitialize
CoInitialize
OleInitialize
ReleaseStgMedium
RegisterDragDrop
CoCreateInstance
DoDragDrop
RevokeDragDrop
IIDFromString
CoTaskMemFree
CoTaskMemAlloc
PE exports
Number of PE resources by type
RT_CURSOR 24
RT_DIALOG 12
RT_ICON 10
RT_GROUP_CURSOR 6
RT_GROUP_ICON 2
RT_MANIFEST 1
IZRESEMBED 1
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 58
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.748

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

FileDescription
iZotope Iris

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
3573760

EntryPoint
0x411f91

OriginalFileName
RXSynth.rc

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2012

FileVersion
1, 0, 0, 0

TimeStamp
2012:04:13 02:31:32+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
iZotope Iris

ProductVersion
1, 0, 0, 0

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
iZotope, Inc.

CodeSize
4808704

ProductName
iZotope Iris

ProductVersionNumber
1.0.0.748

FileTypeExtension
exe

ObjectFileType
Unknown

Execution parents
File identification
MD5 3f113ab768b9b1b9438078920c0b02b5
SHA1 b5691e33230ab78eaf6e16bfba03ac7c0d2c6eac
SHA256 5d0328165c0520de5be15820f6e46319c7999c3ea133c5a8d8221c5b7bc1f23f
ssdeep
98304:wkxUwVhw6HNeWvQMnnIUIxDiPEttDuHViVTX3NkzHtoBgkWZV7FfjpVyZ+kS25oO:HwOQEIzDRiHkz3VgkCLy5S2d

authentihash e00f23c663cedf6d59965031bf9a118e448ec4b45b9ba3438bb56a9981ed2ccf
imphash 359c0f484679dc74f2a548738ff9a995
File size 8.0 MB ( 8383488 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (72.3%)
Win32 Executable (generic) (11.8%)
OS/2 Executable (generic) (5.3%)
Generic Win/DOS Executable (5.2%)
DOS Executable Generic (5.2%)
Tags
peexe

VirusTotal metadata
First submission 2014-09-28 18:39:03 UTC ( 4 years, 6 months ago )
Last submission 2014-09-28 18:39:03 UTC ( 4 years, 6 months ago )
File names izotope iris.exe
iZotope Iris.exe
iZotope Iris.exe
RXSynth.rc
iZotope Iris
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Deleted files
Created mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.