× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7538ce2591b8c6d09ab5d7e6382fc0d89a95044340d1e100be723603c2d43d6a
File name: Madscan.exe
Detection ratio: 0 / 47
Analysis date: 2013-12-19 09:32:36 UTC ( 5 years, 5 months ago ) View latest
Antivirus Result Update
Ad-Aware 20131211
Yandex 20131217
AhnLab-V3 20131218124338
androguard 20130218000000
AntiVir 20131219
Antiy-AVL 20131218
Avast 20131219
AVG 20131218
Baidu-International 20131213
BitDefender 20131211
Bkav 20131218
ByteHero 20130613
CAT-QuickHeal 20131218
ClamAV 20131219
CMC 20131217
Commtouch 20131219
Comodo 20131219
DrWeb 20131219102922
Emsisoft 20131219
ESET-NOD32 20131219
F-Prot 20131219
F-Secure 20131219
Fortinet 20131219
GData 20131219
Ikarus 20131219
Jiangmin 20131219
K7AntiVirus 20131218
K7GW 20131218
Kaspersky 20131219
Kingsoft 20130829
Malwarebytes 20131219
McAfee 20131219
McAfee-GW-Edition 20131219
Microsoft 20131219
eScan 20131219
NANO-Antivirus 20131219
Norman 20131219
nProtect 20131218
Panda 20131218
Rising 20131218
Sophos AV 20131219
SUPERAntiSpyware 20131219
Symantec 20131219
TheHacker 20131218
TotalDefense 20131218
TrendMicro 20131219
TrendMicro-HouseCall 20131219
VBA32 20131219
VIPRE 20131219
ViRobot 20131219
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2013

Publisher https://fb.com/Th3skywalk3r
Product Made By Skywalk3r
Original name Madscan.exe
Internal name Madscan.exe
File version 2.0.0.0
Description Madscan
Comments Joomla & Wordpress Exploit Scanner
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-12-19 14:39:40
Entry Point 0x006F3644
Number of sections 3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
PE resources
ExifTool file metadata
FileDescription
Madscan

Comments
Joomla & Wordpress Exploit Scanner

LinkerVersion
8.0

ImageVersion
0.0

ProductName
Made By Skywalk3r

FileVersionNumber
2.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
9216

OriginalFilename
Madscan.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
2.0.0.0

TimeStamp
2013:12:19 15:39:40+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Madscan.exe

SubsystemVersion
4.0

FileAccessDate
2013:12:20 09:09:50+01:00

ProductVersion
2.0.0.0

UninitializedDataSize
0

OSVersion
4.0

FileCreateDate
2013:12:20 09:09:50+01:00

FileOS
Win32

LegalCopyright
Copyright 2013

MachineType
Intel 386 or later, and compatibles

CompanyName
https://fb.com/Th3skywalk3r

CodeSize
7280640

FileSubtype
0

ProductVersionNumber
2.0.0.0

EntryPoint
0x6f3644

ObjectFileType
Executable application

AssemblyVersion
2.0.0.0

File identification
MD5 f6c98f6c461182975ddb0c472338efbd
SHA1 b44f0c882f804b3046f84c1c6ba18a1dc0050fbb
SHA256 7538ce2591b8c6d09ab5d7e6382fc0d89a95044340d1e100be723603c2d43d6a
ssdeep
98304:dleIJeXDFe2dD9DDLGlU0mvBMTLPfKOH0XIIpeUW4C8NF:dleIJeXDFe2dD9DD5BMXIXIINWiP

File size 7.0 MB ( 7290368 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (56.7%)
Win64 Executable (generic) (21.4%)
Windows Screen Saver (10.1%)
Win32 Dynamic Link Library (generic) (5.0%)
Win32 Executable (generic) (3.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2013-12-19 09:32:36 UTC ( 5 years, 5 months ago )
Last submission 2013-12-20 08:09:19 UTC ( 5 years, 5 months ago )
File names Madscan.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!