× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7244a0287a98408d90010601ea172e28cab204a20899adf4cd570a5b41bb88fa
File name: -2050136029-1856816428.exe
Detection ratio: 1 / 55
Analysis date: 2016-01-31 18:55:36 UTC ( 3 years, 2 months ago ) View latest
Antivirus Result Update
Qihoo-360 HEUR/QVM10.1.Malware.Gen 20160131
Ad-Aware 20160130
AegisLab 20160130
Yandex 20160129
AhnLab-V3 20160129
Alibaba 20160129
ALYac 20160130
Antiy-AVL 20160130
Arcabit 20160130
Avast 20160130
AVG 20160130
Avira (no cloud) 20160130
Baidu-International 20160129
BitDefender 20160130
Bkav 20160129
ByteHero 20160131
CAT-QuickHeal 20160129
ClamAV 20160130
CMC 20160130
Comodo 20160130
Cyren 20160129
DrWeb 20160130
Emsisoft 20160130
ESET-NOD32 20160130
F-Prot 20160129
F-Secure 20160129
Fortinet 20160130
GData 20160130
Ikarus 20160129
Jiangmin 20160129
K7AntiVirus 20160129
K7GW 20160129
Kaspersky 20160129
Malwarebytes 20160130
McAfee 20160130
McAfee-GW-Edition 20160130
Microsoft 20160130
eScan 20160130
NANO-Antivirus 20160130
nProtect 20160129
Panda 20160129
Rising 20160129
Sophos AV 20160130
SUPERAntiSpyware 20160130
Symantec 20160129
Tencent 20160131
TheHacker 20160130
TotalDefense 20160129
TrendMicro 20160130
TrendMicro-HouseCall 20160130
VBA32 20160128
VIPRE 20160130
ViRobot 20160129
Zillya 20160130
Zoner 20160130
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright ©.Comments All rights reserved.

Product HarmonicLed
Original name HarmonicLed.exe
Internal name HarmonicLed
File version 6.5.8.3
Description National Bank Errors Failures
Comments National Bank Errors Failures
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-01-31 17:19:04
Entry Point 0x00009D6E
Number of sections 5
PE sections
PE imports
CloseServiceHandle
AVIFileGetStream
AVIStreamLength
AVIFileOpenA
AVIStreamStart
AVIStreamGetFrameOpen
AVIStreamInfoA
InitCommonControlsEx
GetOpenFileNameA
CommDlgExtendedError
CertFreeCertificateContext
CertCloseStore
CryptGetObjectUrl
CryptUIDlgSelectCertificateFromStore
GetObjectA
Ellipse
FillRgn
TextOutW
DeleteDC
SelectClipPath
CreateFontA
CreatePen
GetStockObject
CreateCompatibleBitmap
SelectPalette
RealizePalette
SelectObject
Rectangle
BitBlt
CreateCompatibleDC
DeleteObject
StretchBlt
SetTextColor
CreateSolidBrush
LoadResource
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
GetCommandLineW
RtlUnwind
LoadLibraryA
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
GetUserDefaultLangID
GetConsoleMode
GetLocaleInfoA
GetCurrentProcessId
GetConsoleOutputCP
lstrcatA
LockResource
DeleteFileA
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
TlsFree
GetProcessHeap
SetStdHandle
GetModuleHandleA
RaiseException
TerminateProcess
WideCharToMultiByte
GetStringTypeA
SetFilePointer
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
CloseHandle
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
HeapAlloc
FindResourceA
FindResourceExW
SizeofResource
LCMapStringA
WriteConsoleA
IsValidCodePage
HeapCreate
SetLastError
GlobalAlloc
VirtualFree
TlsGetValue
Sleep
GetFileType
TlsSetValue
CreateFileA
ExitProcess
GetCurrentThreadId
InterlockedIncrement
VirtualAlloc
WriteConsoleW
LeaveCriticalSection
acmStreamClose
acmStreamOpen
GetProcessMemoryInfo
CommandLineToArgvW
UpdateWindow
BeginPaint
EnumWindows
DefWindowProcA
GetIconInfo
SetWindowPos
GetSystemMetrics
GetWindowRect
EndPaint
GetCursorInfo
DrawIcon
CreatePopupMenu
MessageBoxA
AdjustWindowRectEx
InvalidateRect
SetClipboardData
GetDC
GetCursorPos
DrawTextA
SetWindowTextA
DestroyIcon
RegisterClassW
SendMessageA
GetClientRect
IsIconic
SetRect
TrackPopupMenuEx
GetWindowLongA
CreateWindowExA
LoadCursorA
LoadIconA
ShowCursor
GetDesktopWindow
LoadImageA
ReleaseDC
CloseClipboard
OpenClipboard
DestroyWindow
GetFileVersionInfoSizeA
GetFileVersionInfoA
GdiplusShutdown
GdipFree
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipDisposeImage
GdipCloneImage
GdiplusStartup
CoInitializeEx
Number of PE resources by type
RT_BITMAP 13
RT_STRING 6
RT_RCDATA 3
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 24
PE resources
ExifTool file metadata
LegalTrademarks
Copyright .Comments All rights reserved.

SubsystemVersion
5.0

Comments
National Bank Errors Failures

Languages
English

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.5.8.3

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
National Bank Errors Failures

CharacterSet
Unicode

InitializedDataSize
197632

PrivateBuild
6.5.8.3

EntryPoint
0x9d6e

OriginalFileName
HarmonicLed.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright .Comments All rights reserved.

FileVersion
6.5.8.3

TimeStamp
2016:01:31 18:19:04+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
HarmonicLed

ProductVersion
6.5.8.3

UninitializedDataSize
0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Comments

CodeSize
95744

ProductName
HarmonicLed

ProductVersionNumber
6.5.8.3

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 42db8444febcc7eb54534de00696657f
SHA1 80bc3a3b85b1b80552c4285efdcef8a7cd12f3fd
SHA256 7244a0287a98408d90010601ea172e28cab204a20899adf4cd570a5b41bb88fa
ssdeep
6144:0Qk7JZE/coPQM2sedIWPNkhP4UBDifHEzj/seYd:0QyJZE/ceQMc3POmCPYd

authentihash cddf27a28dc54e9ac1fd4d18fec4246ae0b4461e9ffd71196e2b8a257561075b
imphash a230137f23e54e8daef8b98222e3de93
File size 287.5 KB ( 294400 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2016-01-31 18:55:36 UTC ( 3 years, 2 months ago )
Last submission 2016-01-31 18:55:36 UTC ( 3 years, 2 months ago )
File names HarmonicLed
HarmonicLed.exe
-2050136029-1856816428.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs
DNS requests
TCP connections
UDP communications