× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 650e939a133da9573ea09b800bd220fb1fe58a00aabd31a3515997aba04097e8
File name: file-4512894_exe
Detection ratio: 0 / 42
Analysis date: 2012-09-14 17:35:33 UTC ( 1 year, 7 months ago )
Antivirus Result Update
AVG 20120914
AhnLab-V3 20120914
AntiVir 20120914
Antiy-AVL 20120911
Avast 20120914
BitDefender 20120914
ByteHero 20120910
CAT-QuickHeal 20120914
ClamAV 20120914
Commtouch 20120914
Comodo 20120914
DrWeb 20120914
ESET-NOD32 20120914
Emsisoft 20120914
F-Prot 20120913
F-Secure 20120914
Fortinet 20120830
GData 20120914
Ikarus 20120914
Jiangmin 20120914
K7AntiVirus 20120914
Kaspersky 20120914
McAfee 20120914
McAfee-GW-Edition 20120914
Microsoft 20120914
Norman 20120914
PCTools 20120914
Panda 20120914
Rising 20120914
SUPERAntiSpyware 20120911
Sophos 20120914
Symantec 20120914
TheHacker 20120911
TotalDefense 20120913
TrendMicro 20120914
TrendMicro-HouseCall 20120914
VBA32 20120914
VIPRE 20120914
ViRobot 20120914
VirusBuster 20120914
eSafe 20120914
nProtect 20120914
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright (c) 2000 Daniel Werner

Product RegCompact
Original name RegCompact.exe
Internal name RegCompact
File version 1.0
Description RegCompact
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2000-10-28 07:16:14
Entry Point 0x000031B0
Number of sections 4
PE sections
PE imports
LookupPrivilegeValueA
RegOpenKeyA
RegSaveKeyA
OpenProcessToken
RegReplaceKeyA
AdjustTokenPrivileges
RegEnumValueA
RegOpenKeyExA
RegCloseKey
ImageList_Create
Ord(17)
ImageList_ReplaceIcon
SetBkMode
CreateFontA
DeleteObject
GetStockObject
SetTextColor
GetLastError
HeapFree
GetStdHandle
LCMapStringW
SetHandleCount
GetOEMCP
LCMapStringA
HeapDestroy
HeapAlloc
IsBadWritePtr
FlushFileBuffers
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
RtlUnwind
GetACP
GetShortPathNameA
FreeEnvironmentStringsA
GetCurrentProcess
GetEnvironmentStrings
GetFileType
GetStringTypeW
GetFileSize
DeleteFileA
WideCharToMultiByte
UnhandledExceptionFilter
MultiByteToWideChar
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
IsBadReadPtr
SetStdHandle
SetFilePointer
GetTempPathA
RaiseException
GetCPInfo
GetStringTypeA
GetModuleHandleA
ReadFile
IsBadCodePtr
WriteFile
GetStartupInfoA
CloseHandle
GetTempFileNameA
GetSystemDirectoryA
HeapReAlloc
MoveFileExA
SetFileAttributesA
MoveFileA
TerminateProcess
GetModuleFileNameA
SetUnhandledExceptionFilter
HeapCreate
VirtualFree
FormatMessageA
SetEndOfFile
CreateFileA
ExitProcess
GetVersion
VirtualAlloc
SetCurrentDirectoryA
ShellExecuteA
GetCursorPos
GetMessageA
GetDlgCtrlID
LoadCursorA
LoadIconA
DispatchMessageA
SetDlgItemTextA
TranslateMessage
SendMessageA
MessageBoxA
PeekMessageA
GetDlgItem
CreateDialogParamA
PostQuitMessage
WinHelpA
ShowWindow
DestroyWindow
ScreenToClient
ExitWindowsEx
SetWindowPos
SetCursor
Number of PE resources by type
RT_ICON 6
RT_GROUP_ICON 3
RT_DIALOG 1
RT_GROUP_CURSOR 1
RT_BITMAP 1
RT_CURSOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 14
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
English (Australian)

FileFlagsMask
0x003f

FileDescription
RegCompact

CharacterSet
Unicode

InitializedDataSize
40960

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Copyright 2000 Daniel Werner

FileVersion
1.0

TimeStamp
2000:10:28 00:16:14-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
RegCompact

ProductVersion
1.0

UninitializedDataSize
0

OSVersion
4.0

OriginalFilename
RegCompact.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName

CodeSize
36864

ProductName
RegCompact

ProductVersionNumber
1.0.0.0

EntryPoint
0x31b0

ObjectFileType
Executable application

File identification
MD5 f5e3fbb6209a0ed15e82be0f2b1847f7
SHA1 52ab8b8d344c8935e8ff13b6f05a226992008e88
SHA256 650e939a133da9573ea09b800bd220fb1fe58a00aabd31a3515997aba04097e8
ssdeep
768:encw17j3AXniyY6V2T5LQGZr/5CnvW9u1Xh3iB9JncU7+kmB1oANbkOuco:encKj3AXq64roBN+cUn8oABm

File size 72.0 KB ( 73728 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable Generic (54.6%)
Win32 Executable MS Visual C++ (generic) (24.0%)
Windows Screen Saver (8.3%)
Win32 Executable Generic (5.4%)
Win32 Dynamic Link Library (generic) (4.8%)
Tags
peexe armadillo mz

VirusTotal metadata
First submission 2012-09-14 17:31:12 UTC ( 1 year, 7 months ago )
Last submission 2012-09-14 17:35:33 UTC ( 1 year, 7 months ago )
File names RegCompact
RegCompact.exe
file-4512894_exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!