× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 733dbcc33cd08ac2ff6355df4e2886729a30bbfb9d857beb3c190183d833948b
File name: Invoice_1.exex
Detection ratio: 1 / 55
Analysis date: 2015-03-30 11:23:01 UTC ( 2 years, 2 months ago ) View latest
Antivirus Result Update
Tencent Trojan.Win32.YY.Gen.26 20150330
Ad-Aware 20150330
AegisLab 20150330
Yandex 20150329
AhnLab-V3 20150330
Alibaba 20150330
ALYac 20150330
Antiy-AVL 20150330
Avast 20150330
AVG 20150330
Avira (no cloud) 20150330
AVware 20150330
Baidu-International 20150330
BitDefender 20150330
Bkav 20150328
ByteHero 20150330
CAT-QuickHeal 20150330
ClamAV 20150330
CMC 20150330
Comodo 20150330
Cyren 20150330
DrWeb 20150330
Emsisoft 20150330
ESET-NOD32 20150330
F-Prot 20150330
F-Secure 20150329
Fortinet 20150330
GData 20150330
Ikarus 20150330
Jiangmin 20150329
K7AntiVirus 20150330
K7GW 20150330
Kaspersky 20150330
Kingsoft 20150330
Malwarebytes 20150330
McAfee 20150330
McAfee-GW-Edition 20150329
Microsoft 20150330
eScan 20150330
NANO-Antivirus 20150330
Norman 20150330
nProtect 20150327
Panda 20150327
Qihoo-360 20150330
Rising 20150330
Sophos 20150330
SUPERAntiSpyware 20150329
Symantec 20150330
TheHacker 20150330
TotalDefense 20150330
TrendMicro 20150330
TrendMicro-HouseCall 20150330
VBA32 20150327
VIPRE 20150330
ViRobot 20150330
Zillya 20150330
Zoner 20150327
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-07-25 13:16:41
Entry Point 0x00006000
Number of sections 8
PE sections
PE imports
GetCommandLineA
GetModuleHandleA
ExitProcess
IsDebuggerPresent
SetFocus
GetMessageA
CreateWindowExA
LoadIconA
DispatchMessageA
TranslateMessage
MoveWindow
GetClientRect
PostQuitMessage
DefWindowProcA
RegisterClassExA
DeleteObject
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2004:07:25 14:16:41+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12800

LinkerVersion
5.12

EntryPoint
0x6000

InitializedDataSize
20992

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 1d517566f0b702231310edce11267f09
SHA1 52dd105de2ba4a61817ddc8e26a43d90d32002f5
SHA256 733dbcc33cd08ac2ff6355df4e2886729a30bbfb9d857beb3c190183d833948b
ssdeep
384:tovJcNg9FYjeuqLMMAdhNRAqzQM7sxgcxagLyWmpKM1IamMEO:tohcSfF9A7NyqzEfcV2g

authentihash bc76e4113322d0e9c431555b314fa5fff19bfdb4aafb73ad582bce8efa588525
imphash 7887748b33e43857eaa84deb43f415c5
File size 27.0 KB ( 27648 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.7%)
Generic Win/DOS Executable (23.4%)
DOS Executable Generic (23.4%)
VXD Driver (0.3%)
Tags
peexe

VirusTotal metadata
First submission 2015-03-30 11:23:01 UTC ( 2 years, 2 months ago )
Last submission 2015-04-02 05:43:37 UTC ( 2 years, 2 months ago )
File names 1.exe
acadedit.exe
Invoice_1.exe
Invoice_1.exex
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!