× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 781191b8f9c3c771b45a355a82be076127341a857188af3daaf038f54fe02c86
File name: DUNE2000.exe
Detection ratio: 0 / 55
Analysis date: 2016-04-23 15:22:52 UTC ( 3 years, 1 month ago ) View latest
Antivirus Result Update
Ad-Aware 20160423
AegisLab 20160423
AhnLab-V3 20160423
Alibaba 20160422
ALYac 20160423
Antiy-AVL 20160423
Arcabit 20160423
Avast 20160423
AVG 20160423
Avira (no cloud) 20160423
AVware 20160423
Baidu 20160422
Baidu-International 20160423
BitDefender 20160423
Bkav 20160423
CAT-QuickHeal 20160423
ClamAV 20160422
CMC 20160421
Comodo 20160423
Cyren 20160423
DrWeb 20160423
Emsisoft 20160423
ESET-NOD32 20160423
F-Prot 20160423
F-Secure 20160423
Fortinet 20160423
GData 20160423
Ikarus 20160423
K7AntiVirus 20160423
K7GW 20160423
Kaspersky 20160423
Kingsoft 20160423
Malwarebytes 20160423
McAfee 20160423
McAfee-GW-Edition 20160423
Microsoft 20160423
eScan 20160423
NANO-Antivirus 20160423
nProtect 20160422
Panda 20160423
Qihoo-360 20160423
Rising 20160423
Sophos AV 20160423
SUPERAntiSpyware 20160423
Symantec 20160423
Tencent 20160423
TheHacker 20160422
TrendMicro 20160423
TrendMicro-HouseCall 20160423
VBA32 20160423
VIPRE 20160423
ViRobot 20160423
Yandex 20160422
Zillya 20160423
Zoner 20160423
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1998

Product Intelligent Games Dune2000
Original name Dune2000.exe
Internal name Dune2000
File version 1, 0, 0, 1
Description Dune2000
Packers identified
PEiD InstallShield 2000
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-09-06 16:08:01
Entry Point 0x000B2810
Number of sections 11
PE sections
Overlays
MD5 c1805e8e6ebc21d6c78ce451ef9f0a8e
File type data
Offset 1193984
Size 20351
Entropy 4.63
PE imports
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
DirectDrawCreate
Ord(4)
Ord(1)
DirectSoundCreate
GetDeviceCaps
CreatePolygonRgn
GetStockObject
TextOutA
PtInRegion
DeleteObject
GetStdHandle
FileTimeToSystemTime
GetDriveTypeA
HeapDestroy
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetDiskFreeSpaceA
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
GetStringTypeA
WriteFile
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetExitCodeProcess
MoveFileA
GetLogicalDriveStringsA
InitializeCriticalSection
GlobalHandle
FindClose
InterlockedDecrement
OutputDebugStringA
ExitProcess
FlushFileBuffers
GetModuleFileNameA
GetVolumeInformationA
UnhandledExceptionFilter
MultiByteToWideChar
GetModuleHandleA
SetUnhandledExceptionFilter
GetCurrentProcess
SetEnvironmentVariableA
GlobalMemoryStatus
GlobalAlloc
SetEndOfFile
GetVersion
InterlockedIncrement
HeapFree
EnterCriticalSection
SetHandleCount
SetEvent
GetTickCount
IsBadWritePtr
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
CreateDirectoryA
DeleteFileA
WaitForMultipleObjects
GetProcessHeap
CompareStringW
FindFirstFileA
CompareStringA
FindNextFileA
TerminateProcess
GetProcAddress
GetTimeZoneInformation
CreateEventA
GetFileType
SetVolumeLabelA
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
lstrlenA
GlobalFree
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentDirectoryA
GetCommandLineA
SetFilePointer
ReadFile
CloseHandle
GetACP
GlobalLock
CreateProcessA
WideCharToMultiByte
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
VirtualAlloc
GetOEMCP
ResetEvent
FindExecutableA
SetFocus
CreateWindowExA
UpdateWindow
IntersectRect
EndDialog
BeginPaint
EnumWindows
KillTimer
FindWindowA
DefWindowProcA
ShowWindow
SendDlgItemMessageA
GetWindowRect
DispatchMessageA
EndPaint
PostMessageA
MessageBoxA
PeekMessageA
GetWindowDC
TranslateMessage
DialogBoxParamA
ReleaseDC
LoadStringA
SendMessageA
SetForegroundWindow
CloseWindow
GetDlgItem
RegisterClassA
SetRect
InvalidateRect
wsprintfA
SetTimer
LoadIconA
FillRect
ShowCursor
WaitForInputIdle
GetDesktopWindow
GetClassNameA
GetTopWindow
GetUpdateRect
SetCursorPos
PtInRect
timeKillEvent
timeEndPeriod
timeGetTime
waveOutGetNumDevs
timeSetEvent
timeBeginPeriod
setsockopt
htons
htonl
getsockopt
bind
ntohl
WSAStartup
WSACleanup
recvfrom
gethostbyname
socket
sendto
gethostname
WSAAsyncSelect
closesocket
ntohs
WSACancelAsyncRequest
_AIL_sample_buffer_ready@4
_AIL_allocate_sample_handle@4
_AIL_set_sample_pan@8
_AIL_set_sample_loop_count@8
_AIL_sample_volume@4
_AIL_start_sample@4
_AIL_set_sample_playback_rate@8
_AIL_set_preference@8
_AIL_last_error@0
_AIL_sample_status@4
_AIL_waveOutOpen@16
_AIL_set_sample_file@12
_AIL_set_sample_volume@8
_AIL_stop_sample@4
_AIL_init_sample@4
_AIL_set_sample_position@8
_AIL_end_sample@4
_AIL_load_sample_buffer@16
_AIL_shutdown@0
_AIL_startup@0
_AIL_minimum_sample_buffer_size@12
_AIL_set_sample_type@12
OleUninitialize
CoCreateInstance
OleInitialize
Number of PE resources by type
RT_ICON 13
RT_DIALOG 4
RT_STRING 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH UK 21
PE resources
ExifTool file metadata
UninitializedDataSize
4054016

LinkerVersion
2.23

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.1

LanguageCode
English (British)

FileFlagsMask
0x003f

FileDescription
Dune2000

ImageFileCharacteristics
No relocs, Executable, No line numbers, 32-bit, No debug

CharacterSet
Unicode

InitializedDataSize
397312

EntryPoint
0xb2810

OriginalFileName
Dune2000.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 1998

FileVersion
1, 0, 0, 1

TimeStamp
2014:09:06 17:08:01+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Dune2000

ProductVersion
1, 0, 0, 2

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Intelligent Games

CodeSize
795648

ProductName
Intelligent Games Dune2000

ProductVersionNumber
1.0.0.1

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 e1c45f5ee57f05425882deaae31c9fe7
SHA1 c6cdc97456cb28643de6e5f58fba2d574fcc90db
SHA256 781191b8f9c3c771b45a355a82be076127341a857188af3daaf038f54fe02c86
ssdeep
24576:AI8Dri66xIUiiMu7aboo0OSpyRbZYaHDZKWOf:AhpS9ZGlM

authentihash c6722eefd2a64e8215b945b22be62c6c26abdcd788f6afe451d001851691b9c3
imphash 6f55423fadd84f15c42e648e2a280d29
File size 1.2 MB ( 1214335 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (36.1%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win64 Executable (generic) (23.2%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.7%)
Tags
peexe installshield overlay

VirusTotal metadata
First submission 2014-11-10 11:11:48 UTC ( 4 years, 6 months ago )
Last submission 2019-01-20 22:18:42 UTC ( 4 months ago )
File names download.php
DUNE2000BQ.exe
DUNE2000.exe
DUNE2000BQ.exe
DUNE2000-building-queue.exe
DUNE2000.EXE
DUNE2000BQ.exe
DUNE2000.EXE
DUNE2000BQ.exe
DUNE2000.exe
DUNE2000.exe
DUNE2000.EXE
Dune2000
Dune2000.exe
DUNE2000BQ.exe
DUNE2000BQ.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!