× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7160f3a9751c1a2e02dca6ede2b18686d5350e099063cf968b27516e5a538d87
File name: .
Detection ratio: 16 / 71
Analysis date: 2019-02-04 18:56:19 UTC ( 1 month, 2 weeks ago )
Antivirus Result Update
Acronis suspicious 20190130
AhnLab-V3 Malware/Win32.Generic.C2992313 20190204
Avast Win32:Malware-gen 20190204
AVG Win32:Malware-gen 20190204
CrowdStrike Falcon (ML) malicious_confidence_80% (D) 20181023
Cybereason malicious.6f4837 20190109
DrWeb Trojan.Inject3.12563 20190204
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GPDA 20190204
Malwarebytes Trojan.Crypt 20190204
McAfee GenericRXGX-NC!2A9A832B859D 20190204
NANO-Antivirus Trojan.Win32.Inject3.fmppyl 20190204
Panda Generic Malware 20190204
Rising Trojan.Kryptik!8.8 (TFE:dGZlOgXRX4UswaOwaA) 20190204
SentinelOne (Static ML) static engine - malicious 20190203
Trapmine malicious.high.ml.score 20190123
Ad-Aware 20190204
AegisLab 20190204
Alibaba 20180921
ALYac 20190204
Antiy-AVL 20190204
Arcabit 20190204
Avast-Mobile 20190204
Avira (no cloud) 20190204
Babable 20180918
Baidu 20190202
BitDefender 20190204
Bkav 20190201
CAT-QuickHeal 20190204
ClamAV 20190204
CMC 20190204
Comodo 20190204
Cylance 20190204
Cyren 20190204
eGambit 20190204
Emsisoft 20190204
F-Prot 20190204
F-Secure 20190204
Fortinet 20190201
GData 20190204
Ikarus 20190204
Sophos ML 20181128
Jiangmin 20190204
K7AntiVirus 20190204
K7GW 20190204
Kaspersky 20190204
Kingsoft 20190204
MAX 20190204
McAfee-GW-Edition 20190204
Microsoft 20190204
eScan 20190204
Palo Alto Networks (Known Signatures) 20190204
Qihoo-360 20190204
Sophos AV 20190204
SUPERAntiSpyware 20190130
Symantec 20190204
TACHYON 20190204
Tencent 20190204
TheHacker 20190203
TotalDefense 20190204
TrendMicro 20190204
TrendMicro-HouseCall 20190204
Trustlook 20190204
VBA32 20190204
VIPRE 20190204
ViRobot 20190203
Webroot 20190204
Yandex 20190204
Zillya 20190201
ZoneAlarm by Check Point 20190204
Zoner 20190204
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2005-2011, SignUp4 know nothingsegment basicedge

Product Sizewire
Original name Necessarymen.exe
Internal name Sizewire
File version 12.0.86.31
Description Sizewire
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-01-28 12:13:02
Entry Point 0x00003ADD
Number of sections 4
PE sections
PE imports
RegDeleteKeyA
LookupPrivilegeValueA
RegCloseKey
OpenServiceA
RegQueryValueExA
RegCreateKeyExA
DeleteService
RegOpenKeyA
OpenProcessToken
QueryServiceStatus
RegOpenKeyExA
GetTokenInformation
OpenThreadToken
RegEnumKeyA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
FreeSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegSetValueExA
SetEntriesInAclA
OpenSCManagerA
Ord(17)
_TrackMouseEvent
ImageList_Add
ImageList_DragShowNolock
GetOpenFileNameA
GetSaveFileNameA
CertEnumCertificatesInStore
CertOpenStore
CertAddEncodedCertificateToStore
CertFreeCertificateContext
CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CryptImportPublicKeyInfo
CryptEncodeObject
CertGetCertificateChain
CertCreateCertificateContext
CryptHashCertificate
CreatePatternBrush
CreateBitmap
GetClipBox
GetBkColor
SetTextColor
StretchDIBits
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
lstrcmpiA
VirtualProtect
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
GetFileSize
RtlUnwind
RemoveDirectoryA
IsProcessorFeaturePresent
HeapAlloc
GetCurrentProcess
CreateThread
GetStringTypeW
GetCurrentProcessId
CreateDirectoryA
DeleteFileA
GetCPInfo
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetStartupInfoW
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
DeleteCriticalSection
EncodePointer
HeapSize
RaiseException
WideCharToMultiByte
GetModuleFileNameW
TlsFree
SetFilePointer
lstrcmpA
HeapSetInformation
SetUnhandledExceptionFilter
WriteFile
CloseHandle
GetSystemTimeAsFileTime
LoadLibraryW
GetACP
HeapReAlloc
DecodePointer
GetModuleHandleW
SetFileAttributesA
LocalFree
TerminateProcess
CreateProcessA
ResetEvent
IsValidCodePage
HeapCreate
InterlockedDecrement
Sleep
GetFileType
TlsSetValue
CreateFileA
ExitProcess
GetCurrentThreadId
InterlockedIncrement
VirtualAlloc
LocalAlloc
SetLastError
LeaveCriticalSection
SHRegWriteUSValueA
StrToIntA
SHRegCreateUSKeyA
SHRegCloseUSKey
DrawEdge
CheckRadioButton
DrawFrameControl
GetClipboardData
SendDlgItemMessageA
ShowScrollBar
AppendMenuA
PostMessageA
GetDlgItemInt
InsertMenuItemA
GetKeyNameTextA
SetClipboardData
SendMessageA
TrackPopupMenu
SetWindowsHookExA
FillRect
IsDlgButtonChecked
SetDlgItemInt
GetActiveWindow
SetForegroundWindow
DestroyWindow
IsDialogMessageA
SetCursor
InternetOpenUrlA
InternetQueryDataAvailable
InternetWriteFile
InternetReadFile
InternetCanonicalizeUrlA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
HttpQueryInfoA
InternetSetFilePointer
InternetCrackUrlA
timeEndPeriod
waveOutPrepareHeader
timeBeginPeriod
waveOutOpen
waveOutClose
EnumPrintersA
OpenPrinterA
DocumentPropertiesA
ClosePrinter
AddPrinterConnectionA
socket
ntohl
inet_addr
send
ioctlsocket
WSAStartup
inet_ntoa
WSACleanup
recv
select
listen
CoUninitialize
CoTaskMemFree
CoInitialize
CoTaskMemAlloc
CoRevokeClassObject
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
Sizewire surpriseson does

SubsystemVersion
5.1

InitializedDataSize
118784

ImageVersion
0.0

ProductName
Sizewire

FileVersionNumber
12.0.86.31

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
10.0

FileTypeExtension
exe

OriginalFileName
Necessarymen.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
12.0.86.31

TimeStamp
2011:01:28 13:13:02+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Sizewire

ProductVersion
12.0.86.31

FileDescription
Sizewire

OSVersion
5.1

FileOS
Win32

LegalCopyright
Copyright (c) 2005-2011, SignUp4 know nothingsegment basicedge

MachineType
Intel 386 or later, and compatibles

CompanyName
SignUp4

CodeSize
67072

FileSubtype
0

ProductVersionNumber
12.0.86.31

EntryPoint
0x3add

ObjectFileType
Executable application

File identification
MD5 2a9a832b859da1b270ab3e480fd5554e
SHA1 5e484576f4837c211e48f4e884c6b590d26c1c37
SHA256 7160f3a9751c1a2e02dca6ede2b18686d5350e099063cf968b27516e5a538d87
ssdeep
1536:z/3SrwRPQSzwqX6ZikiLKezoQVzC/LFGuMKYcEoIW2OvjGhx3yTEX0egQcGCK:z/ESPIAmsoQwMKj2OvjMxiTEXTgQ9CK

authentihash f3d82cdfb6f142bdb58553adeac94a04a5815fc588e9a562f33a62ab55b018b8
imphash 13f41f56cd88ed6b30f472b784259762
File size 103.5 KB ( 105984 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2019-02-04 18:56:19 UTC ( 1 month, 2 weeks ago )
Last submission 2019-02-04 18:56:19 UTC ( 1 month, 2 weeks ago )
File names Necessarymen.exe
Sizewire
.
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.