× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 71150d734cff89d993f13abb084a50af08fe98867e4c35856ccff36dca0ba217
File name: cver.exe
Detection ratio: 0 / 51
Analysis date: 2016-09-18 20:44:47 UTC ( 2 years, 2 months ago )
Antivirus Result Update
Ad-Aware 20160918
AegisLab 20160918
AhnLab-V3 20160918
Alibaba 20160918
ALYac 20160918
Antiy-AVL 20160918
Arcabit 20160917
Avast 20160918
AVG 20160918
Avira (no cloud) 20160918
AVware 20160918
Baidu 20160914
BitDefender 20160918
Bkav 20160917
CAT-QuickHeal 20160917
CMC 20160916
Comodo 20160916
CrowdStrike Falcon (ML) 20160725
Cyren 20160918
DrWeb 20160918
Emsisoft 20160918
ESET-NOD32 20160918
F-Prot 20160918
F-Secure 20160918
Fortinet 20160918
GData 20160918
Ikarus 20160918
Sophos ML 20160917
Jiangmin 20160918
K7AntiVirus 20160918
K7GW 20160918
Kaspersky 20160918
Kingsoft 20160918
Malwarebytes 20160918
McAfee 20160918
McAfee-GW-Edition 20160918
Microsoft 20160918
eScan 20160918
NANO-Antivirus 20160918
nProtect 20160918
Panda 20160918
Qihoo-360 20160918
Rising 20160918
Sophos AV 20160918
SUPERAntiSpyware 20160918
Symantec 20160918
Tencent 20160918
TheHacker 20160918
TrendMicro 20160918
TrendMicro-HouseCall 20160918
VBA32 20160917
VIPRE 20160918
ViRobot 20160918
Yandex 20160918
Zillya 20160915
Zoner 20160918
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 2013 - Present RealDimensions Software, LLC

Product ShimGen generated shim
Original name cver.exe
Internal name cver.exe
File version 0.5.1.0
Description ShimGen generated shim
Comments This is a shim that points to a particular file. It was generated by ShimGen (Shim Generator). The use of shimgen must comply with its proprietary license.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-03-07 00:11:38
Entry Point 0x0000638E
Number of sections 3
.NET details
Module Version ID f7445994-80bf-478e-b066-604aca787c3c
TypeLib ID 6104579d-2ee7-414d-b467-aa4a1e2d440a
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 2
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 5
PE resources
ExifTool file metadata
FileDescription
ShimGen generated shim

Comments
This is a shim that points to a particular file. It was generated by ShimGen (Shim Generator). The use of shimgen must comply with its proprietary license.

LinkerVersion
11.0

ImageVersion
0.0

ProductName
ShimGen generated shim

FileVersionNumber
0.5.1.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
7168

FileTypeExtension
exe

OriginalFileName
cver.exe

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
0.5.1.0

TimeStamp
2015:03:07 01:11:38+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
cver.exe

SubsystemVersion
4.0

ProductVersion
0.5.1.4d3409c9

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2013 - Present RealDimensions Software, LLC

MachineType
Intel 386 or later, and compatibles

CompanyName
RealDimensions Software, LLC

CodeSize
17408

FileSubtype
0

ProductVersionNumber
0.5.1.4

EntryPoint
0x638e

ObjectFileType
Executable application

AssemblyVersion
0.5.1.0

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Compressed bundles
File identification
MD5 a4859d16e178ce253aefb73c2ee55a64
SHA1 bf638672dcf21f5c260d457cc12d04473e0abfdb
SHA256 71150d734cff89d993f13abb084a50af08fe98867e4c35856ccff36dca0ba217
ssdeep
384:d+nqkSI0jpUUAVcWgr99UNip80XXxhtjzGiGxbbbbGbZY4he9LL:Anp0jpUUAurx9RGiGxbbbbGbO4h6L

authentihash 0c25e6bb0f94118ffaa7b5949e41fa982d0c788eb5c3454eab846a15c9581849
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 24.5 KB ( 25088 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2015-03-09 17:21:22 UTC ( 3 years, 9 months ago )
Last submission 2015-03-09 17:21:22 UTC ( 3 years, 9 months ago )
File names dss_5538138737496547226.ecstmw
cver.exe
cver.exe
navad51.tmp
dss_4896194525284474356.wgzaef
dss_5666664170089785163.ssshdp
dss_4697242890210920346.vzimw6
cver.exe
dss_5652247378931651470.lo8d9f
cver.exe
dss_5606732590901321501.rny8nl
dss_5446402187581384078.5fvp9f
cver.exe
cver.exe
dss_5271463290509430256.isvttr
dss_4755240842280571175.fztg01
cver.exe
cver.exe
cver.exe
cver.exe
cver.exe.9740_1.36372.partial
cver.exe
dss_5584258140077044492.g1nkvv
dss_5443683118897431201.mkcqra
dss_5142472212269698436.plfu1s
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!