× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 68eb296a106456448b6c73a9ff1c2be7a7607606cb4bebc19a73700c6416df84
File name: SNB.exe
Detection ratio: 12 / 54
Analysis date: 2016-02-05 13:10:10 UTC ( 3 years, 2 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.760274 20160205
AegisLab Gen.Variant.Kazy!c 20160205
ALYac Gen:Variant.Kazy.760274 20160205
Arcabit Trojan.Kazy.DB99D2 20160205
BitDefender Gen:Variant.Kazy.760274 20160205
Emsisoft Gen:Variant.Kazy.760274 (B) 20160205
F-Secure Gen:Variant.Kazy.760274 20160205
GData Gen:Variant.Kazy.760274 20160205
Jiangmin Variant.Kazy.edp 20160205
McAfee Artemis!BD0D3ABAB495 20160205
McAfee-GW-Edition BehavesLike.Win32.Almanahe.dh 20160205
eScan Gen:Variant.Kazy.760274 20160205
Yandex 20160204
AhnLab-V3 20160205
Alibaba 20160204
Antiy-AVL 20160205
Avast 20160205
AVG 20160205
Avira (no cloud) 20160205
Baidu-International 20160205
Bkav 20160204
ByteHero 20160205
CAT-QuickHeal 20160205
ClamAV 20160204
CMC 20160205
Comodo 20160205
Cyren 20160205
DrWeb 20160205
ESET-NOD32 20160205
F-Prot 20160129
Fortinet 20160205
Ikarus 20160205
K7AntiVirus 20160205
K7GW 20160205
Kaspersky 20160205
Malwarebytes 20160205
Microsoft 20160205
NANO-Antivirus 20160205
nProtect 20160205
Panda 20160205
Qihoo-360 20160205
Rising 20160205
Sophos AV 20160205
SUPERAntiSpyware 20160205
Symantec 20160204
Tencent 20160205
TheHacker 20160203
TrendMicro 20160205
TrendMicro-HouseCall 20160205
VBA32 20160204
VIPRE 20160205
ViRobot 20160205
Zillya 20160204
Zoner 20160205
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2014

Product Skype: No Border
Original name SNB.exe
Internal name SNB.exe
File version 1.1.0.0
Description Skype: No Border
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-08-11 04:30:59
Entry Point 0x0000509D
Number of sections 5
PE sections
PE imports
SystemFunction036
GetStockObject
GetStdHandle
InterlockedPopEntrySList
SetEvent
EncodePointer
CreateTimerQueue
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
FreeEnvironmentStringsW
InitializeSListHead
SetStdHandle
WideCharToMultiByte
WriteFile
GetSystemTimeAsFileTime
GetCommandLineA
GetThreadTimes
HeapReAlloc
GetStringTypeW
FreeLibrary
GetThreadPriority
FreeLibraryAndExitThread
FindClose
TlsGetValue
SignalObjectAndWait
InterlockedPushEntrySList
SetLastError
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
HeapAlloc
SetThreadPriority
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
DeleteTimerQueueTimer
RegisterWaitForSingleObject
CreateThread
InterlockedFlushSList
GetExitCodeThread
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
ExitThread
DecodePointer
TerminateProcess
GetModuleHandleExW
ChangeTimerQueueTimer
GetCurrentThreadId
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
RtlUnwind
GetStartupInfoW
GetProcAddress
GetProcessHeap
QueryDepthSList
FindNextFileW
CreateTimerQueueTimer
DuplicateHandle
FindFirstFileExW
GetProcessAffinityMask
CreateEventW
CreateFileW
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GetConsoleCP
UnregisterWaitEx
GetEnvironmentStringsW
WaitForSingleObjectEx
SwitchToThread
UnregisterWait
GetCurrentProcessId
GetCommandLineW
GetCPInfo
HeapSize
SetThreadAffinityMask
GetCurrentThread
RaiseException
ReleaseSemaphore
TlsFree
GetModuleHandleA
CloseHandle
GetACP
GetModuleHandleW
GetLogicalProcessorInformation
GetNumaHighestNodeNumber
IsValidCodePage
VirtualFree
Sleep
VirtualAlloc
Shell_NotifyIconW
PostQuitMessage
DefWindowProcW
FindWindowW
GetMessageW
ShowWindow
GetSystemMetrics
MessageBoxW
RegisterClassExW
AppendMenuW
TranslateMessage
PostMessageW
DispatchMessageW
GetCursorPos
CreatePopupMenu
SendMessageW
LoadImageW
TrackPopupMenu
LoadCursorW
LoadIconW
CreateWindowExW
GetWindowLongW
SetForegroundWindow
DestroyWindow
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
Number of PE resources by type
RT_ICON 4
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 7
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
115200

ImageVersion
0.0

ProductName
Skype: No Border

FileVersionNumber
1.1.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Skype: No Border

CharacterSet
Unicode

LinkerVersion
14.0

FileTypeExtension
exe

OriginalFileName
SNB.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.1.0.0

TimeStamp
2015:08:11 05:30:59+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
SNB.exe

ProductVersion
1.1.0.0

SubsystemVersion
6.0

OSVersion
6.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright (C) 2014

MachineType
Intel 386 or later, and compatibles

CompanyName
Recelate

CodeSize
183808

FileSubtype
0

ProductVersionNumber
1.1.0.0

EntryPoint
0x509d

ObjectFileType
Unknown

Compressed bundles
File identification
MD5 bd0d3abab4953bc37d10906268216480
SHA1 16bdf7295676478683bea8cee5048065edf229d8
SHA256 68eb296a106456448b6c73a9ff1c2be7a7607606cb4bebc19a73700c6416df84
ssdeep
6144:9YB7eFsgnKsjgLIGXy/+5t5fn+3Bmgkp5KboY7pWWnFynkSFdV2:w7oKsn/cf+3Yv5SoY5nFr3

authentihash c931545b8152869f6294f137269e20e8d9c87a38b1455239e1ec8bd8035b60cf
imphash 76e87477d590b1b60886ab792b231cf5
File size 289.0 KB ( 295936 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.3%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2015-09-16 16:42:03 UTC ( 3 years, 7 months ago )
Last submission 2016-02-05 13:10:10 UTC ( 3 years, 2 months ago )
File names SNB.exe
SNB.exe
SNB.exe
SNB.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!