× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 631daad4cb8fdfd3def0cbddbb5bf531262dc53c868581315be7472e394a915e
File name: QGifer-0.2.1-Setup.exe
Detection ratio: 0 / 69
Analysis date: 2018-12-20 00:30:49 UTC ( 1 month, 4 weeks ago ) View latest
Antivirus Result Update
Acronis 20180726
Ad-Aware 20181220
AegisLab 20181219
AhnLab-V3 20181219
Alibaba 20180921
ALYac 20181219
Antiy-AVL 20181219
Arcabit 20181219
Avast 20181219
Avast-Mobile 20181219
AVG 20181219
Avira (no cloud) 20181219
Babable 20180918
Baidu 20181207
BitDefender 20181219
Bkav 20181219
CAT-QuickHeal 20181219
ClamAV 20181219
CMC 20181219
Comodo 20181219
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181220
Cyren 20181219
DrWeb 20181219
eGambit 20181220
Emsisoft 20181219
Endgame 20181108
ESET-NOD32 20181219
F-Prot 20181219
F-Secure 20181219
Fortinet 20181219
GData 20181219
Ikarus 20181219
Sophos ML 20181128
Jiangmin 20181219
K7AntiVirus 20181219
K7GW 20181219
Kaspersky 20181219
Kingsoft 20181220
Malwarebytes 20181219
MAX 20181220
McAfee 20181219
McAfee-GW-Edition 20181219
Microsoft 20181219
eScan 20181219
NANO-Antivirus 20181219
Palo Alto Networks (Known Signatures) 20181220
Panda 20181219
Qihoo-360 20181220
Rising 20181219
SentinelOne (Static ML) 20181011
Sophos AV 20181219
SUPERAntiSpyware 20181212
Symantec 20181219
Symantec Mobile Insight 20181215
TACHYON 20181219
Tencent 20181220
TheHacker 20181216
Trapmine 20181205
TrendMicro 20181219
TrendMicro-HouseCall 20181220
Trustlook 20181220
VBA32 20181219
ViRobot 20181219
Webroot 20181220
Yandex 20181219
Zillya 20181219
ZoneAlarm by Check Point 20181220
Zoner 20181220
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product QGifer
Original name Windows-build.tmp
File version 0.2.1.0
Description QGifer 0.2.1 Setup
Packers identified
F-PROT PECompact, PecBundle
PEiD PECompact 2.xx --> BitSum Technologies
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-03-13 23:18:18
Entry Point 0x000012A0
Number of sections 2
PE sections
Overlays
MD5 2df645234d868b1886f2aba8467380fd
File type data
Offset 792576
Size 13926577
Entropy 7.99
PE imports
VirtualFree
LoadLibraryA
VirtualAlloc
GetProcAddress
Number of PE resources by type
RT_GROUP_CURSOR 77
RT_CURSOR 77
RT_ICON 6
RT_DIALOG 1
RT_MANIFEST 1
RT_BITMAP 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 165
PE resources
ExifTool file metadata
UninitializedDataSize
15360

LinkerVersion
2.56

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
0.2.1.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
QGifer 0.2.1 Setup

ImageFileCharacteristics
No relocs, Executable, No line numbers, 32-bit, No debug

CharacterSet
Unicode

InitializedDataSize
2084864

EntryPoint
0x12a0

OriginalFileName
Windows-build.tmp

MIMEType
application/octet-stream

FileVersion
0.2.1.0

TimeStamp
2010:03:14 00:18:18+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
0.2.1

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
1686016

ProductName
QGifer

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 9d9483a26c4d552addf82ba3f494f0fc
SHA1 33d8ee910dd394411c205650d5a31de37b52c58e
SHA256 631daad4cb8fdfd3def0cbddbb5bf531262dc53c868581315be7472e394a915e
ssdeep
393216:HZlyA0Jbg+5jERagjS0rJHipwmHjrTCdVwoJyy7OI:5cEP/CpwycJy

authentihash 3dad75e113a1258a050eb34069514a8a5297bfe567f59a41b36db18c05b14677
imphash 09d0478591d4f788cb3e5ea416c25237
File size 14.0 MB ( 14719153 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 EXE PECompact compressed (v2.x) (53.1%)
Win32 EXE PECompact compressed (generic) (37.3%)
Win32 Executable (generic) (4.0%)
OS/2 Executable (generic) (1.8%)
Generic Win/DOS Executable (1.8%)
Tags
pecompact peexe overlay

VirusTotal metadata
First submission 2013-06-08 08:31:58 UTC ( 5 years, 8 months ago )
Last submission 2019-01-24 18:41:29 UTC ( 3 weeks, 1 day ago )
File names QGifer 0.2.1.exe
631daad4cb8fdfd3def0cbddbb5bf531262dc53c868581315be7472e394a915e.exe
QGifer_0.2.1.exe
output.12650998.txt
file-6584704_exe
QGifer-0.2.1-Setup.exe
output.25743229.txt
QGifer-0.2.1-Setup.exe
animatedgifcreator.exe
QGifer-0.2.1-Setup.exe
filename
QGifer-0.2.1-Setup.exe
qgifer-0.2.1-setup.exe
12650998
Windows-build.tmp
631daad4cb8fdfd3def0cbddbb5bf531262dc53c868581315be7472e394a915e.bin
371791
qgifer.exe
QGifer-0.2.1-Setup.exe
25743229
QGifer-0.2.1-Setup(1).exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!