× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5f0bd9280ca7270fba311c64e2e9dac66cb95e953b29bba7fa4365771cb68fb9
File name: Trainer.exe
Detection ratio: 0 / 43
Analysis date: 2012-02-02 05:04:22 UTC ( 5 years, 9 months ago ) View latest
Antivirus Result Update
AhnLab-V3 20120201
AntiVir 20120201
Antiy-AVL 20120131
Avast 20120202
AVG 20120202
BitDefender 20120202
ByteHero 20120126
CAT-QuickHeal 20120131
ClamAV 20120202
Commtouch 20120201
Comodo 20120202
DrWeb 20120202
Emsisoft 20120202
eSafe 20120130
eTrust-Vet 20120201
F-Prot 20120201
F-Secure 20120202
Fortinet 20120202
GData 20120202
Ikarus 20120202
Jiangmin 20120201
K7AntiVirus 20120201
Kaspersky 20120202
McAfee 20120202
McAfee-GW-Edition 20120202
Microsoft 20120201
NOD32 20120202
Norman 20120201
nProtect 20120201
Panda 20120201
PCTools 20120201
Prevx 20120202
Rising 20120118
Sophos AV 20120202
SUPERAntiSpyware 20120202
Symantec 20120202
TheHacker 20120202
TrendMicro 20120201
TrendMicro-HouseCall 20120202
VBA32 20120131
VIPRE 20120202
ViRobot 20120202
VirusBuster 20120202
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
File version 1.0.0.0
PE header basic information
Number of sections 7
PE sections
PE imports
AdjustTokenPrivileges, LookupPrivilegeValueA, OpenProcessToken
InitCommonControls
CreateFontA, DeleteObject, EnumFontFamiliesA, GetDeviceCaps, GetStockObject, SetBkMode, SetTextColor
AddAtomA, CloseHandle, CreateToolhelp32Snapshot, DeleteCriticalSection, EnterCriticalSection, ExitProcess, FindAtomA, GetAtomNameA, GetCommandLineA, GetCurrentProcess, GetModuleHandleA, GetProcAddress, GetTickCount, InitializeCriticalSection, InterlockedExchange, IsDebuggerPresent, LeaveCriticalSection, Module32First, Module32Next, OpenProcess, QueryPerformanceCounter, QueryPerformanceFrequency, ReadProcessMemory, SetUnhandledExceptionFilter, Sleep, VirtualProtect, VirtualQuery, WriteProcessMemory
EnumProcesses, GetModuleFileNameExA
ShellExecuteA
CreateDialogParamA, DefWindowProcA, DestroyWindow, DialogBoxParamA, DispatchMessageA, EndDialog, FindWindowA, FindWindowExA, GetDC, GetDlgItem, GetWindowTextA, IsDialogMessageA, LoadCursorA, LoadIconA, LoadImageA, PeekMessageA, PostQuitMessage, RegisterClassExA, ReleaseDC, SendMessageA, SetDlgItemTextA, ShowWindow, TranslateMessage, UpdateWindow
__getmainargs, __mb_cur_max, __p__environ, __p__fmode, __set_app_type, _assert, _cexit, _controlfp, _errno, _fmode, _fpreset, _iob, _isctype, _onexit, _pctype, _setmode, abort, atexit, calloc, exit, fprintf, free, fwrite, localeconv, malloc, memcpy, rand, realloc, signal, srand, strlen, strtok, toupper, vfprintf
ExifTool file metadata
UninitializedDataSize
27648

InitializedDataSize
161280

ImageVersion
1.0

FileVersionNumber
1.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
ASCII

LinkerVersion
2.56

MIMEType
application/octet-stream

FileVersion
1.0.0.0

TimeStamp
2012:02:02 05:47:27+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
43008

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x1110

ObjectFileType
Executable application

File identification
MD5 15a56d37ce4763010609935adbd914d6
SHA1 ef8ac2a6f068d473dc1c61966a529fabcc09b0a3
SHA256 5f0bd9280ca7270fba311c64e2e9dac66cb95e953b29bba7fa4365771cb68fb9
ssdeep
3072:bftajpCxxrTr74ucSP7R9eS9iMBA04cUhsHmxlrZUubCadc:gtsnr74u/P3fZUh8mxlrqubD

File size 158.5 KB ( 162304 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
VirusTotal metadata
First submission 2012-02-02 05:04:22 UTC ( 5 years, 9 months ago )
Last submission 2012-02-02 19:26:40 UTC ( 5 years, 9 months ago )
File names 15a56d37ce4763010609935adbd914d6
Trainer.exe
file-3495543_exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!