× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6afcdeaf04e2b6b295a9c7040a8c1c2ee624f611fe7173c1034d0c5a22a054ff
File name: stub32
Detection ratio: 1 / 56
Analysis date: 2015-03-27 06:07:13 UTC ( 4 years, 1 month ago )
Antivirus Result Update
Rising PE:Malware.FakePDF@CV!1.6AB2 20150326
Ad-Aware 20150327
AegisLab 20150327
Yandex 20150325
AhnLab-V3 20150326
Alibaba 20150327
ALYac 20150327
Antiy-AVL 20150327
Avast 20150327
AVG 20150327
Avira (no cloud) 20150327
AVware 20150327
Baidu-International 20150326
BitDefender 20150327
Bkav 20150326
ByteHero 20150327
CAT-QuickHeal 20150327
ClamAV 20150327
CMC 20150325
Comodo 20150327
Cyren 20150327
DrWeb 20150327
Emsisoft 20150327
ESET-NOD32 20150327
F-Prot 20150327
F-Secure 20150327
Fortinet 20150327
GData 20150327
Ikarus 20150327
Jiangmin 20150326
K7AntiVirus 20150327
K7GW 20150327
Kaspersky 20150327
Kingsoft 20150327
Malwarebytes 20150327
McAfee 20150327
McAfee-GW-Edition 20150327
Microsoft 20150327
eScan 20150327
NANO-Antivirus 20150327
Norman 20150327
nProtect 20150326
Panda 20150326
Qihoo-360 20150327
Sophos AV 20150327
SUPERAntiSpyware 20150327
Symantec 20150327
Tencent 20150327
TheHacker 20150324
TotalDefense 20150326
TrendMicro 20150327
TrendMicro-HouseCall 20150327
VBA32 20150326
VIPRE 20150327
ViRobot 20150327
Zillya 20150327
Zoner 20150326
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Publisher Samsung
Product ML-1910_2520_Print_32bit
Original name stub32i.exe
Internal name stub32
File version
Description
Comments
Packers identified
F-PROT CAB, appended, UTF-8, Unicode, NSIS
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-08-02 07:01:18
Entry Point 0x00008AF7
Number of sections 4
PE sections
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetObjectA
TextOutA
CreateCompatibleDC
DeleteDC
SetBkMode
GetTextExtentPointA
BitBlt
CreatePalette
GetStockObject
CreateDIBitmap
GetDeviceCaps
SelectPalette
CreateFontIndirectA
CreateSolidBrush
SelectObject
SetBkColor
EnumFontFamiliesExA
DeleteObject
RealizePalette
SetTextColor
GetStdHandle
GetFileAttributesA
WaitForSingleObject
HeapDestroy
FreeEnvironmentStringsA
GetCurrentProcess
LocalAlloc
lstrcatA
UnhandledExceptionFilter
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
WideCharToMultiByte
GetStringTypeA
WriteFile
GetDiskFreeSpaceA
GetStringTypeW
SetFileAttributesA
GetExitCodeProcess
LocalFree
GetEnvironmentVariableA
LoadResource
FindClose
FormatMessageA
HeapAlloc
GetVersionExA
RemoveDirectoryA
GetPrivateProfileStringA
GetSystemDefaultLCID
MultiByteToWideChar
WritePrivateProfileSectionA
GetModuleHandleA
SetUnhandledExceptionFilter
MulDiv
GetSystemDirectoryA
MoveFileExA
TerminateProcess
GlobalAlloc
LocalFileTimeToFileTime
GetVersion
HeapFree
SetHandleCount
lstrcmpiA
FreeLibrary
IsBadWritePtr
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetProcAddress
GetProcessHeap
FindFirstFileA
lstrcpyA
CompareStringA
GetTempFileNameA
CreateFileMappingA
FindNextFileA
GlobalLock
GetFileType
GetPrivateProfileSectionA
CreateFileA
ExitProcess
GetLastError
DosDateTimeToFileTime
LCMapStringW
HeapCreate
lstrlenA
GlobalFree
LCMapStringA
HeapReAlloc
GetEnvironmentStringsW
GlobalUnlock
IsDBCSLeadByte
GetModuleFileNameA
GetShortPathNameA
SizeofResource
WritePrivateProfileStringA
LockResource
SetFileTime
GetCPInfo
GetCommandLineA
MapViewOfFile
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetACP
GetEnvironmentStrings
CreateProcessA
UnmapViewOfFile
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
VirtualAlloc
GetOEMCP
LZCopy
LZClose
LZOpenFileA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SetFocus
GetParent
MapDialogRect
DrawTextA
BeginPaint
CreateDialogIndirectParamA
CheckRadioButton
ShowWindow
SetWindowPos
SendDlgItemMessageA
IsWindow
LoadIconA
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
PostMessageA
MoveWindow
GetDlgItemTextA
MessageBoxA
PeekMessageA
SetWindowLongA
GetSysColorBrush
IsWindowEnabled
GetWindow
GetSysColor
CheckDlgButton
GetDC
ReleaseDC
SetWindowTextA
GetWindowLongA
SetParent
TranslateMessage
SendMessageA
GetClientRect
GetDlgItem
CreateDialogParamA
GetNextDlgTabItem
ScreenToClient
InvalidateRect
wsprintfA
UpdateWindow
GetActiveWindow
FillRect
LoadStringA
IsDlgButtonChecked
CharNextA
SetActiveWindow
GetDesktopWindow
LoadImageA
EndPaint
GetWindowTextA
IsDialogMessageA
DestroyWindow
Number of PE resources by type
RT_DIALOG 10
RT_STRING 7
RT_ICON 4
RT_BITMAP 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 26
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
208896

ImageVersion
0.0

ProductName
ML-1910_2520_Print_32bit

FileVersionNumber
4.1.100.1332

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

TimeStamp
2002:08:02 08:01:18+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
stub32

SubsystemVersion
4.0

OSVersion
4.0

OriginalFilename
stub32i.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Samsung

CodeSize
77824

FileSubtype
0

ProductVersionNumber
4.1.0.0

EntryPoint
0x8af7

ObjectFileType
Executable application

File identification
MD5 ed1e4ca998b8733003f2a01f7c0e6abf
SHA1 10c1eb38391d6fb87970df3b3aaccf8c636ea4e4
SHA256 6afcdeaf04e2b6b295a9c7040a8c1c2ee624f611fe7173c1034d0c5a22a054ff
ssdeep
393216:B/NyKKWeEnixYGCYf1HyZfvM87ZauyCvm+oTp2C0qj6Nog:5NyHVEnBGCES90OyCO+oTp2C0qfg

authentihash 07e7874f7118f30abd69e601c1420a296c1b4aeabec83902ce164ea9ed5cbda6
imphash d84d991d25f1d024e6888428c049c5f2
File size 17.4 MB ( 18206260 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
nsis peexe armadillo

VirusTotal metadata
First submission 2013-06-24 01:21:06 UTC ( 5 years, 11 months ago )
Last submission 2013-06-24 01:21:06 UTC ( 5 years, 11 months ago )
File names stub32
6afcdeaf04e2b6b295a9c7040a8c1c2ee624f611fe7173c1034d0c5a22a054ff
stub32i.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Runtime DLLs
UDP communications