× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 73cf53d54c612ee8971c3f5e57930b2e8da66e840bee8d4e1fe95b6d04bffe6a
File name: MCP_1-0-1-0.exe
Detection ratio: 2 / 45
Analysis date: 2013-01-01 14:21:57 UTC ( 6 years ago ) View latest
Antivirus Result Update
DrWeb Trojan.Botnetlog.9 20130101
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Suspicious-BAY.K 20130101
Yandex 20130101
AntiVir 20130101
Antiy-AVL 20130101
Avast 20130101
AVG 20130101
BitDefender 20130101
ByteHero 20121226
CAT-QuickHeal 20130101
ClamAV 20130101
Commtouch 20121231
Comodo 20130101
Emsisoft 20130101
eSafe 20121230
ESET-NOD32 20130101
F-Prot 20121231
F-Secure 20130101
Fortinet 20130101
GData 20130101
Ikarus 20130101
Jiangmin 20121221
K7AntiVirus 20121231
Kaspersky 20130101
Kingsoft 20121225
Malwarebytes 20130101
McAfee 20130101
Microsoft 20130101
eScan 20130101
NANO-Antivirus 20130101
Norman 20130101
nProtect 20130101
Panda 20130101
PCTools 20130101
Rising 20121228
Sophos AV 20130101
SUPERAntiSpyware 20121231
Symantec 20130101
TheHacker 20130101
TotalDefense 20130101
TrendMicro 20130101
TrendMicro-HouseCall 20130101
VBA32 20121231
VIPRE 20130101
ViRobot 20130101
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-03-25 13:17:51
Entry Point 0x0012E1E7
Number of sections 3
PE sections
PE imports
InitCommonControls
BitBlt
GetProcAddress
GetModuleHandleA
CoInitialize
ShellExecuteExA
PathQuoteSpacesA
IsChild
Number of PE resources by type
RT_ICON 15
RT_RCDATA 6
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 24
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
2.5

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.1.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
1187840

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 2012 PantherMan594

FileVersion
1,0,1,0

TimeStamp
2011:03:25 13:17:51+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
MCP_1-0-1-0.exe

ProductVersion
1,0,1,0

FileDescription
MCPortable v. 1.0.1.0

OSVersion
4.0

FileOS
Windows 16-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
David Shen

CodeSize
33792

ProductName
MCPortable

ProductVersionNumber
1.0.1.0

EntryPoint
0x12e1e7

ObjectFileType
Executable application

File identification
MD5 20cac478c39db680178e8436600600b6
SHA1 110d348ff0f1bba052f3ee69ed9ebb9799aa6f34
SHA256 73cf53d54c612ee8971c3f5e57930b2e8da66e840bee8d4e1fe95b6d04bffe6a
ssdeep
12288:sEihsGo+jtoeTAY/EN53scTyPc6GCJEJffvXEHB:sEiaSHm53p6GO2fs

File size 829.0 KB ( 848896 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
Tags
peexe

VirusTotal metadata
First submission 2013-01-01 14:21:57 UTC ( 6 years ago )
Last submission 2013-01-01 14:39:34 UTC ( 6 years ago )
File names file-4965010_exe
MCP_1-0-1-0.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!