× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 65c100f2577dbcd6b93f540a50649de8ab143328220a98e3e25090fa05be0521
File name: 15.tmp
Detection ratio: 3 / 57
Analysis date: 2015-04-14 13:40:40 UTC ( 4 years, 1 month ago ) View latest
Antivirus Result Update
ByteHero Virus.Win32.Heur.p 20150414
CMC Heur.Win32.VBKrypt.3!O 20150413
Tencent Trojan.Win32.Qudamah.Gen.17 20150414
Ad-Aware 20150414
AegisLab 20150414
Yandex 20150414
AhnLab-V3 20150414
Alibaba 20150414
ALYac 20150414
Antiy-AVL 20150414
Avast 20150414
AVG 20150414
Avira (no cloud) 20150414
AVware 20150414
Baidu-International 20150414
BitDefender 20150414
Bkav 20150414
CAT-QuickHeal 20150414
ClamAV 20150414
Comodo 20150414
Cyren 20150414
DrWeb 20150414
Emsisoft 20150414
ESET-NOD32 20150414
F-Prot 20150414
F-Secure 20150414
Fortinet 20150414
GData 20150414
Ikarus 20150414
Jiangmin 20150413
K7AntiVirus 20150414
K7GW 20150414
Kaspersky 20150414
Kingsoft 20150414
Malwarebytes 20150414
McAfee 20150414
McAfee-GW-Edition 20150414
Microsoft 20150414
eScan 20150414
NANO-Antivirus 20150414
Norman 20150414
nProtect 20150414
Panda 20150414
Qihoo-360 20150414
Rising 20150414
Sophos AV 20150414
SUPERAntiSpyware 20150414
Symantec 20150414
TheHacker 20150414
TotalDefense 20150414
TrendMicro 20150414
TrendMicro-HouseCall 20150414
VBA32 20150414
VIPRE 20150414
ViRobot 20150414
Zillya 20150414
Zoner 20150413
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
REW is room acoustics analysis software for measuring

Product REW is room acoustics analysis software for measuring
Original name TextConv.exe
Internal name TextConv
File version 1.00.0078
Description REW is room acoustics analysis software for measuring
Comments REW is room acoustics analysis software for measuring
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-04-14 11:58:19
Entry Point 0x0000113C
Number of sections 3
PE sections
Overlays
MD5 2f9d7723d2f16da9f2764216598e2034
File type data
Offset 122880
Size 51453
Entropy 7.95
PE imports
EVENT_SINK_QueryInterface
Ord(537)
Ord(516)
Ord(616)
EVENT_SINK_Invoke
Ord(320)
Ord(685)
Ord(525)
EVENT_SINK_AddRef
Ord(300)
EVENT_SINK_GetIDsOfNames
Ord(717)
__vbaExceptHandler
MethCallEngine
DllFunctionCall
Zombie_GetTypeInfoCount
Zombie_GetTypeInfo
Ord(599)
Ord(608)
Ord(570)
Ord(534)
Ord(100)
Ord(319)
Ord(321)
ProcCallEngine
Ord(711)
EVENT_SINK_Release
Ord(595)
Ord(306)
Ord(631)
Ord(563)
Number of PE resources by type
RT_ICON 4
RT_STRING 1
RT_VERSION 1
CEROL 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 6
THAI DEFAULT 2
PE resources
ExifTool file metadata
LegalTrademarks
REW is room acoustics analysis software for measuring

SubsystemVersion
4.0

Comments
REW is room acoustics analysis software for measuring

LinkerVersion
6.0

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.78

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
REW is room acoustics analysis software for measuring

CharacterSet
Unicode

InitializedDataSize
53248

EntryPoint
0x113c

OriginalFileName
TextConv.exe

MIMEType
application/octet-stream

LegalCopyright
REW is room acoustics analysis software for measuring

FileVersion
1.00.0078

TimeStamp
2015:04:14 12:58:19+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
TextConv

ProductVersion
1.00.0078

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
REW is room acoustics analysis software for measuring

CodeSize
77824

ProductName
REW is room acoustics analysis software for measuring

ProductVersionNumber
1.0.0.78

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 8a00f0fe4d167fcbcdaef910bb9de671
SHA1 0b80f281ebadd952bc5901b1c4d23676b8a63934
SHA256 65c100f2577dbcd6b93f540a50649de8ab143328220a98e3e25090fa05be0521
ssdeep
3072:NOQhZOOQhZOOQhZPz5pO20OQhZOOQhZOOQhZe7+mKQDtouWI:v+mroRI

authentihash 1c4df13829713155b330053868398779aacb0f1fdfe2ec7eb409d9c1d3235e73
imphash 1f614779d3e100250648b5b97afb050f
File size 170.2 KB ( 174333 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (90.6%)
Win32 Executable (generic) (4.9%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-04-14 13:40:40 UTC ( 4 years, 1 month ago )
Last submission 2015-04-14 13:40:40 UTC ( 4 years, 1 month ago )
File names TextConv.exe
TextConv
15.tmp
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!