× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 74171db039d702276b8a7600d3e07ead558fcab9d57159f998ed034cb5375053
File name: 8848.exe
Detection ratio: 0 / 69
Analysis date: 2019-02-09 19:09:13 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Acronis 20190208
Ad-Aware 20190209
AegisLab 20190209
AhnLab-V3 20190209
Alibaba 20180921
Antiy-AVL 20190209
Arcabit 20190208
Avast 20190209
Avast-Mobile 20190209
AVG 20190209
Avira (no cloud) 20190209
Babable 20180918
Baidu 20190202
BitDefender 20190209
Bkav 20190201
CAT-QuickHeal 20190209
ClamAV 20190209
CMC 20190209
Comodo 20190209
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190209
Cyren 20190209
DrWeb 20190209
eGambit 20190209
Emsisoft 20190209
Endgame 20181108
ESET-NOD32 20190209
F-Prot 20190209
F-Secure 20190209
Fortinet 20190209
GData 20190209
Ikarus 20190209
Sophos ML 20181128
Jiangmin 20190209
K7AntiVirus 20190209
K7GW 20190209
Kaspersky 20190209
Kingsoft 20190209
Malwarebytes 20190209
MAX 20190209
McAfee 20190209
McAfee-GW-Edition 20190209
Microsoft 20190209
eScan 20190209
NANO-Antivirus 20190209
Palo Alto Networks (Known Signatures) 20190209
Panda 20190209
Qihoo-360 20190209
Rising 20190209
SentinelOne (Static ML) 20190203
Sophos AV 20190209
SUPERAntiSpyware 20190206
Symantec 20190209
Symantec Mobile Insight 20190207
TACHYON 20190209
Tencent 20190209
TheHacker 20190203
TotalDefense 20190206
Trapmine 20190123
TrendMicro 20190209
TrendMicro-HouseCall 20190209
Trustlook 20190209
VBA32 20190208
ViRobot 20190209
Webroot 20190209
Yandex 20190208
Zillya 20190208
ZoneAlarm by Check Point 20190209
Zoner 20190209
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem that targets 64bit architectures.
FileVersionInfo properties
Copyright
Copyright Node.js contributors. MIT license.

Product Node.js
Original name node.exe
Internal name node
File version 8.11.3
Description Node.js: Server-side JavaScript
PE header basic information
Target machine x64
Compilation timestamp 2018-06-18 16:38:30
Entry Point 0x00B3D544
Number of sections 6
PE sections
Overlays
MD5 52d7a1342933067e6cfb4215ae185b25
File type data
Offset 22616576
Size 7691585
Entropy 6.09
PE imports
SetSecurityDescriptorDacl
CryptReleaseContext
RegCloseKey
CryptAcquireContextA
OpenProcessToken
GetUserNameW
DeregisterEventSource
FreeSid
RegQueryValueExA
CryptGenRandom
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegQueryValueExW
RegisterEventSourceA
SetEntriesInAclA
RegOpenKeyExW
RegOpenKeyExA
GetSecurityInfo
RegEnumKeyExA
SetSecurityInfo
ReportEventA
GetDeviceCaps
GetObjectA
GetDIBits
CreateCompatibleBitmap
DeleteObject
ConvertInterfaceIndexToLuid
GetAdaptersAddresses
ConvertInterfaceLuidToNameW
GetStdHandle
GetDriveTypeW
VerifyVersionInfoA
FileTimeToSystemTime
WaitForSingleObject
SetEndOfFile
CreateJobObjectW
DebugBreak
SetFileTime
IsValidLocale
SetConsoleCursorPosition
GetFileAttributesW
SetInformationJobObject
VerifyVersionInfoW
DeleteCriticalSection
GetCurrentProcess
OpenFileMappingW
GetConsoleMode
EnumSystemLocalesW
GetConsoleCursorInfo
RtlUnwindEx
SetErrorMode
FreeEnvironmentStringsW
InitializeSListHead
GetThreadContext
GetLocaleInfoW
SetStdHandle
GetTempPathA
ResolveLocaleName
GetCPInfo
WriteFile
GetSystemTimeAsFileTime
GetCommandLineA
GetThreadTimes
GlobalMemoryStatusEx
HeapReAlloc
GetStringTypeW
ConnectNamedPipe
GetExitCodeProcess
LocalFree
ResumeThread
FreeLibraryAndExitThread
InitializeCriticalSection
OutputDebugStringW
GetModuleHandleW
FindClose
TlsGetValue
FormatMessageA
GetFullPathNameW
QueueUserWorkItem
EncodePointer
OutputDebugStringA
GetEnvironmentVariableW
SetLastError
PeekNamedPipe
DeviceIoControl
GetEnvironmentVariableA
CopyFileW
RemoveDirectoryW
TryEnterCriticalSection
GetNumberOfConsoleInputEvents
HeapAlloc
ReadConsoleInputW
GetVersionExA
LoadLibraryA
QueryThreadCycleTime
FreeLibrary
WakeConditionVariable
FindNextFileW
SetThreadPriority
GetUserDefaultLCID
InitializeConditionVariable
RtlVirtualUnwind
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
SystemTimeToTzSpecificLocalTime
SetFilePointerEx
RegisterWaitForSingleObject
SetFileAttributesW
CreateSemaphoreA
CreateThread
SetEnvironmentVariableW
MoveFileExW
RtlCaptureStackBackTrace
SetNamedPipeHandleState
CreateSemaphoreW
GetNumberFormatEx
IsProcessorFeaturePresent
ExitThread
GetUserDefaultLocaleName
SetHandleInformation
GlobalMemoryStatus
SetUnhandledExceptionFilter
GetModuleHandleExW
SetCurrentDirectoryW
CreateEventW
ReadConsoleW
GetCurrentThreadId
GetProcAddress
WriteConsoleW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
GetSystemTime
OpenProcess
LoadLibraryW
OpenThread
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
SetConsoleTextAttribute
TlsAlloc
WakeAllConditionVariable
FlushFileBuffers
FillConsoleOutputCharacterW
WriteConsoleInputW
Process32Next
CreateRemoteThread
GetProcessIoCounters
SystemTimeToFileTime
RtlPcToFileHeader
DecodePointer
AcquireSRWLockExclusive
Process32First
GetNamedPipeHandleStateA
DeleteFileA
GetWindowsDirectoryA
GetStartupInfoW
CreateDirectoryW
WaitForMultipleObjects
GetConsoleScreenBufferInfo
FillConsoleOutputAttribute
GetProcessHeap
AssignProcessToJobObject
WaitNamedPipeW
GetModuleFileNameW
GetFileInformationByHandle
FindFirstFileA
RtlLookupFunctionEntry
ResetEvent
GetTempFileNameA
CreateFileMappingA
FindNextFileA
ReleaseSRWLockExclusive
DuplicateHandle
FindFirstFileExW
ExpandEnvironmentStringsA
GetLocaleInfoEx
GetTimeZoneInformation
ReadDirectoryChangesW
CreateFileW
CreateEventA
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
ExitProcess
GetDateFormatEx
LeaveCriticalSection
GetLastError
IsValidCodePage
InterlockedPushEntrySList
FlushConsoleInputBuffer
LCMapStringW
GetShortPathNameW
UnmapViewOfFile
GetSystemInfo
GetConsoleCP
GetThreadPriority
UnregisterWaitEx
CompareStringW
GetProcessTimes
GetEnvironmentStringsW
GetUserGeoID
CreateNamedPipeA
LCIDToLocaleName
CreateProcessW
GetQueuedCompletionStatus
WaitForSingleObjectEx
SwitchToThread
UnregisterWait
GetCurrentProcessId
CreateIoCompletionPort
GetConsoleTitleW
GetCommandLineW
WideCharToMultiByte
SleepConditionVariableSRW
HeapSize
RaiseException
SetConsoleCursorInfo
VerSetConditionMask
CancelIo
GetCurrentThread
LocaleNameToLCID
SuspendThread
SetConsoleTitleW
QueryPerformanceFrequency
ReleaseSemaphore
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CreateNamedPipeW
RtlCaptureContext
CloseHandle
GetACP
GetCurrencyFormatEx
GetGeoInfoW
GetFileAttributesExW
GetLongPathNameW
GetCurrentDirectoryW
SetConsoleMode
GetTempPathW
PostQueuedCompletionStatus
VirtualFree
Sleep
TerminateProcess
SetConsoleCtrlHandler
VirtualAlloc
GetTimeFormatEx
GetOEMCP
CreateHardLinkW
GetProcessMemoryInfo
GetMessageA
GetUserObjectInformationW
ReleaseDC
DispatchMessageA
MessageBoxA
MapVirtualKeyW
TranslateMessage
GetProcessWindowStation
GetDC
GetUserProfileDirectoryW
timeGetTime
htonl
getsockname
WSARecvFrom
WSARecv
accept
ioctlsocket
WSAStartup
connect
shutdown
WSADuplicateSocketW
htons
getpeername
select
gethostname
getsockopt
FreeAddrInfoW
closesocket
ntohl
inet_addr
send
WSASend
ntohs
WSAGetLastError
listen
GetNameInfoW
WSACleanup
gethostbyname
WSASetLastError
recv
WSAIoctl
GetAddrInfoW
setsockopt
socket
bind
WSASendTo
recvfrom
sendto
getservbyname
WSASocketW
UnDecorateSymbolName
SymInitialize
SymCleanup
SymFromAddr
PE exports
Number of PE resources by type
RT_ICON 5
RT_STRING 3
RT_MESSAGETABLE 1
RT_MANIFEST 1
WEVT_TEMPLATE 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 13
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
14.14

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
8.11.3.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Node.js: Server-side JavaScript

ImageFileCharacteristics
Executable, Large address aware

CharacterSet
Unicode

InitializedDataSize
10658816

EntryPoint
0xb3d544

OriginalFileName
node.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright Node.js contributors. MIT license.

FileVersion
8.11.3

TimeStamp
2018:06:18 17:38:30+01:00

FileType
Win64 EXE

PEType
PE32+

InternalName
node

ProductVersion
8.11.3

SubsystemVersion
5.2

OSVersion
5.2

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
AMD AMD64

CompanyName
Node.js

CodeSize
12040704

ProductName
Node.js

ProductVersionNumber
8.11.3.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 d10966c3a1d0b5694ee9ce0bb73401e2
SHA1 052b3fef9e2eed847357bdaaaad020ee918fbc7d
SHA256 74171db039d702276b8a7600d3e07ead558fcab9d57159f998ed034cb5375053
ssdeep
393216:haVNFdzGmLgrEMs0aSEiTjzZXt4KbAIt2T2:GzENzZXbAIt2T2

authentihash 7dfec915445e5d2e18dda45165bc67ed8ab323ca62036e7ea7606df1ad3c13d1
imphash a5869c1ec59a454244b690ca84badf80
File size 28.9 MB ( 30308161 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (console) Mono/.Net assembly

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
64bits peexe assembly overlay

VirusTotal metadata
First submission 2019-02-05 09:59:46 UTC ( 1 month, 2 weeks ago )
Last submission 2019-02-09 22:52:11 UTC ( 1 month, 1 week ago )
File names node
9657.exe
8849.exe
dones
9075.exe
4783.exe
8848.exe
node.exe
8967.exe
3443.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!