× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6de548b38f6a571441cf9d8e59248e88167c103bdc340b481fffce0cc6ec11df
File name: Win7_prt.exe
Detection ratio: 0 / 45
Analysis date: 2013-01-15 16:06:06 UTC ( 6 years, 3 months ago )
Antivirus Result Update
Yandex 20130115
AhnLab-V3 20130115
AntiVir 20130115
Antiy-AVL 20130115
Avast 20130115
AVG 20130115
BitDefender 20130115
ByteHero 20130115
CAT-QuickHeal 20130115
ClamAV 20130115
Commtouch 20130115
Comodo 20130115
DrWeb 20130115
Emsisoft 20130115
eSafe 20130113
ESET-NOD32 20130115
F-Prot 20130115
Fortinet 20130115
GData 20130115
Ikarus 20130115
Jiangmin 20121221
K7AntiVirus 20130115
Kaspersky 20130115
Kingsoft 20130115
Malwarebytes 20130115
McAfee 20130115
McAfee-GW-Edition 20130115
Microsoft 20130115
eScan 20130115
NANO-Antivirus 20130115
Norman 20130115
nProtect 20130115
Panda 20130115
PCTools 20130115
Rising 20130115
Sophos AV 20130115
SUPERAntiSpyware 20130115
Symantec 20130115
TheHacker 20130115
TotalDefense 20130115
TrendMicro 20130115
TrendMicro-HouseCall 20130115
VBA32 20130115
VIPRE 20130115
ViRobot 20130115
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT ZIP
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-06-14 19:11:00
Entry Point 0x0002CBBC
Number of sections 4
PE sections
PE imports
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegQueryValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyA
GetFileTitleA
SetMapMode
SaveDC
TextOutA
GetClipBox
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetTextColor
GetObjectA
CreateBitmap
RectVisible
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
ExtTextOutA
PtVisible
ScaleViewportExtEx
SelectObject
SetWindowExtEx
SetViewportExtEx
Escape
SetBkColor
DeleteObject
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
GetFileAttributesA
GetDriveTypeA
lstrcmpW
GetExitCodeProcess
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
GetTempPathA
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
EnumResourceLanguagesA
HeapReAlloc
GetStringTypeW
SetFileAttributesA
FreeLibrary
LocalFree
MoveFileA
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
SetLastError
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
GetVolumeInformationA
LoadLibraryExA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
SetFilePointer
GlobalAddAtomA
SetUnhandledExceptionFilter
ConvertDefaultLocale
MulDiv
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
SetCurrentDirectoryA
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
UnlockFile
GetFileSize
GlobalDeleteAtom
CreateDirectoryA
DeleteFileA
GetFullPathNameA
GetProcAddress
GetProcessHeap
CompareStringW
GetFileSizeEx
GlobalReAlloc
lstrcmpA
FindFirstFileA
GetDiskFreeSpaceA
CompareStringA
CreateFileMappingA
FindNextFileA
DuplicateHandle
GlobalLock
GetTimeZoneInformation
GlobalFindAtomA
GetFileType
SetVolumeLabelA
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LocalReAlloc
SystemTimeToFileTime
LCMapStringW
UnmapViewOfFile
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GlobalGetAtomNameA
GetEnvironmentStringsW
GlobalUnlock
LockFile
RemoveDirectoryA
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
SetFileTime
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
GlobalFlags
CloseHandle
GetACP
GetModuleHandleW
FreeResource
SizeofResource
CreateProcessA
WideCharToMultiByte
IsValidCodePage
HeapCreate
lstrcpyA
VirtualFree
Sleep
FindResourceA
VirtualAlloc
Ord(12)
Ord(8)
Ord(9)
SHFileOperationA
PathFindFileNameA
PathFindExtensionA
PathIsUNCA
PathStripToRootA
SetFocus
GetForegroundWindow
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
GetMessagePos
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
GrayStringA
GetMessageTime
SetActiveWindow
GetDC
GetCursorPos
DrawTextA
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
GetNextDlgTabItem
CallNextHookEx
GetTopWindow
MsgWaitForMultipleObjects
GetActiveWindow
GetWindowTextA
DestroyWindow
GetMessageA
GetParent
UpdateWindow
SetPropA
GetMenuState
GetClassInfoExA
ShowWindow
GetPropA
GetDesktopWindow
CharToOemBuffA
EnableWindow
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
GetWindowPlacement
OemToCharBuffA
IsIconic
RegisterClassA
TabbedTextOutA
GetWindowLongA
CreateWindowExA
CopyRect
GetSysColorBrush
PtInRect
IsDialogMessageA
MapWindowPoints
BeginPaint
RegisterWindowMessageA
DefWindowProcA
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
GetWindowRect
PostMessageA
DrawIcon
SetWindowLongA
RemovePropA
SetWindowTextA
CheckMenuItem
GetSubMenu
GetLastActivePopup
GetDlgItem
GetMenuCheckMarkDimensions
ClientToScreen
GetClassLongA
CreateDialogIndirectParamA
LoadCursorA
LoadIconA
SetWindowsHookExA
GetMenuItemCount
ValidateRect
GetMenuItemID
SetForegroundWindow
ReleaseDC
EndDialog
GetCapture
DrawTextExA
GetWindowThreadProcessId
SetMenu
MessageBoxA
AdjustWindowRectEx
GetSysColor
GetKeyState
SystemParametersInfoA
IsWindowVisible
WinHelpA
wsprintfA
CallWindowProcA
GetClassNameA
GetFocus
ModifyMenuA
UnhookWindowsHookEx
SetCursor
OpenPrinterA
DocumentPropertiesA
ClosePrinter
Number of PE resources by type
RT_CURSOR 16
RT_GROUP_CURSOR 15
RT_ICON 14
RT_STRING 13
RT_DIALOG 3
RT_BITMAP 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 66
ExifTool file metadata
UninitializedDataSize
0

Comments
Created with AutoPlay Media Studio (www.indigorose.com)

InitializedDataSize
341504

ImageVersion
0.0

ProductName
Win7 Protect

FileVersionNumber
1.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
ASCII

LinkerVersion
9.0

FileOS
Win32

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.0

TimeStamp
2012:06:14 20:11:00+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
ams_launch

ProductVersion
1.0.0.0

SubsystemVersion
5.0

OSVersion
5.0

OriginalFilename
Win7_prt.exe

LegalCopyright
Copyright 2013 www.sordum.net

MachineType
Intel 386 or later, and compatibles

CompanyName
Sordum.net

CodeSize
259584

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x2cbbc

ObjectFileType
Executable application

File identification
MD5 2b63c7ab6e1ca689ef40933d7bd61d34
SHA1 33fd7843bcc0d8a16e7a5ae5497f0c76676c1c02
SHA256 6de548b38f6a571441cf9d8e59248e88167c103bdc340b481fffce0cc6ec11df
ssdeep
98304:rmY+ZJ/pIQ/ohNjc9zvDZdHbrdNuSxV76IHOOLRojUP5s20EpfuqlWu:rmY+ZhpIQ/cFcFZtdAANzuz20EpWIWu

File size 5.0 MB ( 5237323 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Windows Screen Saver (51.1%)
Win32 Executable Generic (33.2%)
Generic Win/DOS Executable (7.8%)
DOS Executable Generic (7.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2013-01-15 16:06:06 UTC ( 6 years, 3 months ago )
Last submission 2013-01-15 16:06:06 UTC ( 6 years, 3 months ago )
File names Win7_prt.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!