× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 76a86e0c7488ebde9328d6783485f58b712d048e230159e13eaffe7aeb1660a4
File name: 44c028c51183ea2365c7ff2dd4f4af038825def5
Detection ratio: 12 / 57
Analysis date: 2015-10-11 04:14:11 UTC ( 3 years, 4 months ago ) View latest
Antivirus Result Update
Avast Win32:Malware-gen 20151011
AVG Zbot.AHZD 20151011
Avira (no cloud) TR/Crypt.ZPACK.186683 20151010
AVware Trojan.Win32.Generic!BT 20151011
Bkav HW32.Packed.C9B3 20151010
ESET-NOD32 Win32/Sopinar.C 20151011
Fortinet W32/Inject.C!tr 20151010
GData Win32.Trojan.Agent.YLJZ4W 20151011
Kaspersky Trojan.Win32.Inject.vjgt 20151011
Panda Generic Suspicious 20151010
Sophos AV Mal/Generic-S 20151011
VIPRE Trojan.Win32.Generic!BT 20151011
Ad-Aware 20151011
AegisLab 20151010
Yandex 20151009
AhnLab-V3 20151010
Alibaba 20151010
ALYac 20151010
Antiy-AVL 20151011
Arcabit 20151011
Baidu-International 20151010
BitDefender 20151011
ByteHero 20151011
CAT-QuickHeal 20151010
ClamAV 20151009
CMC 20151009
Comodo 20151011
Cyren 20151011
DrWeb 20151011
Emsisoft 20151011
F-Prot 20151011
F-Secure 20151010
Ikarus 20151010
Jiangmin 20151010
K7AntiVirus 20151011
K7GW 20151010
Kingsoft 20151011
Malwarebytes 20151011
McAfee 20151011
McAfee-GW-Edition 20151011
Microsoft 20151011
eScan 20151011
NANO-Antivirus 20151011
nProtect 20151008
Qihoo-360 20151011
Rising 20151010
SUPERAntiSpyware 20151011
Symantec 20151011
Tencent 20151011
TheHacker 20151010
TotalDefense 20151011
TrendMicro 20151011
TrendMicro-HouseCall 20151011
VBA32 20151009
ViRobot 20151010
Zillya 20151011
Zoner 20151011
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-01-24 04:29:45
Entry Point 0x0000E6B0
Number of sections 4
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
QueryServiceConfigA
RegQueryValueExA
RegEnumValueW
RegSetValueA
OpenServiceW
LsaNtStatusToWinError
UnlockServiceDatabase
RegQueryValueExW
CloseServiceHandle
RegOpenKeyA
RegisterEventSourceW
DeregisterEventSource
RegQueryValueA
RegConnectRegistryW
RegOpenKeyExW
RegisterEventSourceA
RegOpenKeyW
RegEnumKeyA
LsaEnumerateAccountRights
RegConnectRegistryA
RegQueryValueW
LsaLookupNames
RegEnumKeyExW
StartServiceCtrlDispatcherW
GetUserNameA
RegLoadKeyW
RegRestoreKeyW
RegEnumKeyExA
RegDeleteValueW
LogonUserW
EnumDependentServicesW
OpenSCManagerW
ReportEventW
CreateServiceA
LsaClose
StartServiceA
EqualSid
RegUnLoadKeyW
RegOpenKeyExA
ChangeServiceConfigW
LsaDeleteTrustedDomain
GetVersion
GetModuleHandleA
LoadLibraryExA
FreeEnvironmentStringsW
_except_handler3
__p__fmode
_acmdln
_exit
__p__commode
__setusermatherr
exit
_XcptFilter
__getmainargs
_initterm
_controlfp
_adjust_fdiv
__set_app_type
DdeInitializeA
GetKeyboardLayout
SetClipboardData
LoadMenuA
DdeCreateDataHandle
GetUserObjectInformationA
GetClassInfoExA
ReuseDDElParam
PackDDElParam
SetKeyboardState
waveInGetID
waveInOpen
midiInGetErrorTextA
joyGetNumDevs
auxGetVolume
midiOutGetErrorTextW
mmioWrite
mciGetErrorStringA
mixerGetDevCapsW
mmioDescend
midiStreamPosition
waveOutGetDevCapsW
midiInGetErrorTextW
midiOutUnprepareHeader
waveOutSetPlaybackRate
midiInStart
sndPlaySoundW
mciSendStringA
mciGetErrorStringW
mixerGetLineInfoA
midiOutShortMsg
mixerGetNumDevs
waveInGetPosition
mixerOpen
waveOutPrepareHeader
waveInGetDevCapsA
mmioSeek
mmioOpenA
midiOutGetVolume
midiStreamOpen
midiInReset
mmioClose
midiStreamOut
midiOutReset
joyGetDevCapsA
waveInAddBuffer
waveInGetDevCapsW
midiOutGetDevCapsW
GetDriverModuleHandle
waveOutUnprepareHeader
midiInGetDevCapsW
waveOutClose
midiInClose
mmioCreateChunk
auxGetNumDevs
midiOutGetDevCapsA
timeGetTime
midiOutOpen
mciSendStringW
waveInClose
midiOutCacheDrumPatches
mixerMessage
midiInGetNumDevs
timeGetDevCaps
OpenDriver
mmioSetInfo
mmioAdvance
mmioSetBuffer
waveOutPause
midiOutGetNumDevs
midiStreamRestart
midiOutCachePatches
waveInPrepareHeader
mixerSetControlDetails
midiInStop
joySetCapture
waveInUnprepareHeader
timeSetEvent
midiStreamPause
waveOutGetVolume
midiInMessage
midiOutPrepareHeader
mciSendCommandA
mmioRead
midiStreamStop
Number of PE resources by type
RT_GROUP_ICON 5
RT_ACCELERATOR 2
RT_ICON 2
RT_VERSION 1
Number of PE resources by language
SERBIAN ARABIC ALGERIA 7
ENGLISH NZ 3
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.143.38.136

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
98304

EntryPoint
0xe6b0

OriginalFileName
Stadia.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2019

FileVersion
174, 150, 250, 236

TimeStamp
2009:01:24 05:29:45+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Snipes

ProductVersion
230, 216, 219, 200

FileDescription
Silicon

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Aiptek

CodeSize
57344

ProductName
Reveille Towered

ProductVersionNumber
0.229.168.22

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 4c2262ee7c5a61bfa9466c0610dbccca
SHA1 44c028c51183ea2365c7ff2dd4f4af038825def5
SHA256 76a86e0c7488ebde9328d6783485f58b712d048e230159e13eaffe7aeb1660a4
ssdeep
1536:++iRzd9KxGUmtvkQ9Mmsd+8sEkhHcQyk5iF178dUAYgoJOSsVp3y:NGCGbvkQ9MLFkhHcX0sSKuSsj

authentihash 3803f6010a919bfca375629e023c5afc5a9842b4e2ee7fe751091dd973b2b02a
imphash f29a8d4cf2fe871720861643070531c2
File size 92.0 KB ( 94208 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.4%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2015-10-11 04:14:11 UTC ( 3 years, 4 months ago )
Last submission 2015-10-11 04:14:11 UTC ( 3 years, 4 months ago )
File names LanguageComponentsInstallerComHandler.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened service managers
Runtime DLLs