× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 68b1574317ef89976202599b4c78cdaa745b54c0f3ddc9fb92bc779bcde8ecba
File name: GoogleEarthHotkeys
Detection ratio: 1 / 68
Analysis date: 2018-08-29 16:33:22 UTC ( 2 months, 2 weeks ago )
Antivirus Result Update
Bkav W32.eHeur.Malware12 20180829
Ad-Aware 20180829
AegisLab 20180829
AhnLab-V3 20180829
Alibaba 20180713
ALYac 20180829
Antiy-AVL 20180829
Arcabit 20180829
Avast 20180829
Avast-Mobile 20180829
AVG 20180829
Avira (no cloud) 20180829
AVware 20180823
Babable 20180822
Baidu 20180829
BitDefender 20180829
CAT-QuickHeal 20180829
ClamAV 20180829
CMC 20180829
Comodo 20180829
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180829
Cyren 20180829
DrWeb 20180829
eGambit 20180829
Emsisoft 20180829
Endgame 20180730
ESET-NOD32 20180829
F-Prot 20180829
F-Secure 20180829
Fortinet 20180829
GData 20180829
Ikarus 20180829
Sophos ML 20180717
Jiangmin 20180829
K7AntiVirus 20180829
K7GW 20180829
Kaspersky 20180829
Kingsoft 20180829
Malwarebytes 20180829
MAX 20180829
McAfee 20180829
McAfee-GW-Edition 20180829
Microsoft 20180829
eScan 20180829
NANO-Antivirus 20180829
Palo Alto Networks (Known Signatures) 20180829
Panda 20180829
Qihoo-360 20180829
Rising 20180829
SentinelOne (Static ML) 20180701
Sophos AV 20180829
SUPERAntiSpyware 20180829
Symantec 20180829
Symantec Mobile Insight 20180829
TACHYON 20180829
Tencent 20180829
TheHacker 20180829
TotalDefense 20180829
TrendMicro 20180829
TrendMicro-HouseCall 20180829
Trustlook 20180829
VBA32 20180829
VIPRE 20180829
ViRobot 20180829
Webroot 20180829
Yandex 20180829
Zillya 20180828
ZoneAlarm by Check Point 20180829
Zoner 20180828
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
David Tryse

Product GoogleEarthHotkeys
Original name GoogleEarthHotkeys.exe
Internal name GoogleEarthHotkeys
File version 1.03
Description GoogleEarthHotkeys
Packers identified
F-PROT AutoIt
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-09-25 18:57:32
Entry Point 0x00042B4F
Number of sections 4
PE sections
Overlays
MD5 9313617d0caf968352436673addecbab
File type data
Offset 440320
Size 11430
Entropy 7.98
PE imports
RegDeleteKeyA
CloseServiceHandle
LookupPrivilegeValueA
RegEnumKeyExA
GetUserNameA
OpenProcessToken
AdjustTokenPrivileges
RegQueryValueExA
LockServiceDatabase
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
OpenSCManagerA
UnlockServiceDatabase
RegQueryInfoKeyA
RegConnectRegistryA
ImageList_Destroy
ImageList_AddMasked
ImageList_GetIconSize
ImageList_Create
Ord(6)
Ord(17)
ImageList_ReplaceIcon
CreatePolygonRgn
GetSystemPaletteEntries
GetTextMetricsA
GetClipBox
GetPixel
GetObjectA
ExcludeClipRect
EnumFontFamiliesExA
DeleteDC
SetBkMode
BitBlt
SetTextColor
GetDeviceCaps
FillRgn
CreateEllipticRgn
CreateDCA
CreateFontA
GetStockObject
GetDIBits
CreateRoundRectRgn
CreateCompatibleDC
GetTextFaceA
CreateRectRgn
GetClipRgn
CreateSolidBrush
SelectObject
SetBkColor
DeleteObject
CreateCompatibleBitmap
GetStdHandle
FileTimeToSystemTime
GetComputerNameA
GetFileAttributesA
GetDriveTypeA
HeapDestroy
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
SetErrorMode
FreeEnvironmentStringsW
GetFullPathNameA
GetTempPathA
WideCharToMultiByte
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
FreeLibrary
MoveFileA
GetEnvironmentVariableA
FindClose
FormatMessageA
OutputDebugStringA
SetLastError
GetSystemTime
DeviceIoControl
InitializeCriticalSection
WriteProcessMemory
Beep
CopyFileA
ExitProcess
FlushFileBuffers
GetModuleFileNameA
GetVolumeInformationA
GetPrivateProfileStringA
SetThreadPriority
UnhandledExceptionFilter
MultiByteToWideChar
CreateMutexA
SetFilePointer
CreateThread
GetExitCodeThread
MulDiv
SetEnvironmentVariableA
SetPriorityClass
TerminateProcess
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
GlobalSize
GetStartupInfoA
GetDateFormatA
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
ReadProcessMemory
GetCPInfo
GlobalLock
FindFirstFileA
GetDiskFreeSpaceA
GetTimeFormatA
CreateFileMappingA
FindNextFileA
GetProcAddress
GetFileType
SetVolumeLabelA
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
LCMapStringW
UnmapViewOfFile
GetSystemInfo
GlobalFree
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
VirtualQuery
RemoveDirectoryA
GetShortPathNameA
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
GetCurrentProcessId
SetFileTime
GetCurrentDirectoryA
HeapSize
GetCommandLineA
MapViewOfFile
GetModuleHandleA
ReadFile
CloseHandle
GetACP
SetStdHandle
CreateProcessA
HeapCreate
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
CompareStringA
OleLoadPicture
ExtractIconA
ShellExecuteExA
DragFinish
DragQueryFileA
DragQueryPoint
SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
Shell_NotifyIconA
SHGetMalloc
SHFileOperationA
RedrawWindow
GetMessagePos
SetWindowRgn
UnregisterHotKey
DestroyMenu
PostQuitMessage
GetForegroundWindow
SetWindowPos
IsWindow
DispatchMessageA
ScreenToClient
SetMenuItemInfoA
WindowFromPoint
CopyImage
SetActiveWindow
GetDC
GetAsyncKeyState
ReleaseDC
GetDlgCtrlID
GetMenu
CreateWindowExA
IsClipboardFormatAvailable
SendMessageA
GetClientRect
SetMenuDefaultItem
CallNextHookEx
LoadAcceleratorsA
GetWindowTextLengthA
CountClipboardFormats
GetTopWindow
RegisterHotKey
EnumClipboardFormats
LoadImageA
GetMenuStringA
GetWindowTextA
RegisterClassExA
DestroyWindow
GetMessageA
GetParent
UpdateWindow
VkKeyScanExA
EnumWindows
CheckRadioButton
ShowWindow
GetCaretPos
GetClipboardFormatNameA
EnableWindow
PeekMessageA
IsCharAlphaA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
SystemParametersInfoA
GetIconInfo
GetQueueStatus
SetClipboardData
IsCharLowerA
CharLowerA
IsZoomed
EnableMenuItem
TrackPopupMenuEx
GetSubMenu
CreateMenu
GetKeyboardLayout
FlashWindow
GetSysColorBrush
PtInRect
IsDialogMessageA
SetFocus
MapVirtualKeyA
EmptyClipboard
keybd_event
KillTimer
RegisterWindowMessageA
DefWindowProcA
ToAsciiEx
MapWindowPoints
GetClassNameA
SendDlgItemMessageA
GetSystemMetrics
IsIconic
GetWindowRect
PostMessageA
EnumChildWindows
SetClipboardViewer
SetWindowLongA
SetKeyboardState
CreatePopupMenu
CheckMenuItem
GetWindowLongA
DrawIconEx
SetTimer
GetDlgItem
BringWindowToTop
ClientToScreen
GetClassLongA
LoadCursorA
GetKeyboardState
SetWindowsHookExA
GetMenuItemCount
AttachThreadInput
GetDesktopWindow
GetMenuItemID
FillRect
SetForegroundWindow
ExitWindowsEx
PostThreadMessageA
OpenClipboard
GetCursorPos
DrawTextA
IntersectRect
EndDialog
FindWindowA
SetWindowTextA
MessageBeep
RemoveMenu
GetWindowThreadProcessId
AppendMenuA
SetMenu
SetDlgItemTextA
MoveWindow
MessageBoxA
GetCursor
ChangeClipboardChain
AdjustWindowRectEx
mouse_event
DialogBoxParamA
GetSysColor
GetKeyState
IsCharAlphaNumericA
DestroyIcon
GetKeyNameTextA
IsWindowVisible
GetClipboardData
SetRect
InvalidateRect
SendMessageTimeoutA
IsCharUpperA
TranslateAcceleratorA
DefDlgProcA
CallWindowProcA
IsMenu
GetFocus
CloseClipboard
UnhookWindowsHookEx
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
mixerGetLineInfoA
mixerGetDevCapsA
joyGetDevCapsA
mixerOpen
waveOutSetVolume
mixerSetControlDetails
mixerClose
mixerGetControlDetailsA
waveOutGetVolume
mixerGetLineControlsA
mciSendStringA
joyGetPosEx
WSAStartup
gethostbyname
gethostname
inet_addr
WSACleanup
GetOpenFileNameA
GetSaveFileNameA
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitialize
Number of PE resources by type
RT_ICON 6
RT_DIALOG 1
RT_MANIFEST 1
RT_MENU 1
RT_ACCELERATOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 11
ENGLISH EIRE 1
PE resources
ExifTool file metadata
Author
davidtryse@gmail.com

SubsystemVersion
4.0

InitializedDataSize
78848

ImageVersion
0.0

ProductName
GoogleEarthHotkeys

FileVersionNumber
1.0.3.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

LinkerVersion
7.1

FileTypeExtension
exe

OriginalFileName
GoogleEarthHotkeys.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.03

TimeStamp
2009:09:25 19:57:32+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
GoogleEarthHotkeys

ProductVersion
1.03

FileDescription
GoogleEarthHotkeys

OSVersion
4.0

FileOS
Win32

LegalCopyright
David Tryse

MachineType
Intel 386 or later, and compatibles

CodeSize
362496

FileSubtype
0

ProductVersionNumber
1.0.3.0

EntryPoint
0x42b4f

ObjectFileType
Executable application

File identification
MD5 d2dbcc879ba4bf4b0535b599c9cb3001
SHA1 fdea25c8b3fc6a8aa429a62f1921200d1a4dd6e1
SHA256 68b1574317ef89976202599b4c78cdaa745b54c0f3ddc9fb92bc779bcde8ecba
ssdeep
12288:UNIQAPGsAqY9IMVYd38sJdpQHlGlY8KfTd:VPGSY91VwNJcFMqTd

authentihash 47e1401066396ce057f89a1c4c959e846836aece4aa31b550337fe59c3acad75
imphash 8cb987c79d5402d49bbd4392cc7a1ada
File size 441.2 KB ( 451750 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe overlay

VirusTotal metadata
First submission 2012-12-27 13:15:36 UTC ( 5 years, 10 months ago )
Last submission 2015-05-12 16:50:39 UTC ( 3 years, 6 months ago )
File names 68B1574317EF89976202599B4C78CDAA745B54C0F3DDC9FB92BC779BCDE8ECBA
GoogleEarthHotkeys1.03.exe
GoogleEarthHotkeys
GoogleEarthHotkeys1.03.exe
GoogleEarthHotkeys1.03.exe
GoogleEarthHotkeys.exe
1360576069-GoogleEarthHotkeys1.03.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Searched windows
Runtime DLLs