× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7bd0875a897fcfb5a3ada8b6355a69aa08d3fb4f137198d00681af9f1650a529
File name: Legend Online Hack.exe
Detection ratio: 0 / 53
Analysis date: 2016-01-20 18:04:06 UTC ( 1 year, 10 months ago )
Antivirus Result Update
Ad-Aware 20160120
AegisLab 20160126
Yandex 20160119
AhnLab-V3 20160120
Alibaba 20160120
ALYac 20160126
Antiy-AVL 20160120
Arcabit 20160120
Avast 20160120
AVG 20160126
Baidu-International 20160120
BitDefender 20160120
Bkav 20160120
ByteHero 20160120
CAT-QuickHeal 20160119
ClamAV 20160120
CMC 20160111
Comodo 20160126
Cyren 20160120
DrWeb 20160126
Emsisoft 20160120
ESET-NOD32 20160120
F-Prot 20160120
F-Secure 20160120
Fortinet 20160120
GData 20160120
Ikarus 20160120
Jiangmin 20160120
K7AntiVirus 20160120
K7GW 20160120
Kaspersky 20160120
Malwarebytes 20160120
McAfee 20160120
McAfee-GW-Edition 20160120
Microsoft 20160120
eScan 20160120
NANO-Antivirus 20160120
nProtect 20160120
Panda 20160120
Qihoo-360 20160120
Rising 20160120
Sophos AV 20160120
SUPERAntiSpyware 20160120
Symantec 20160120
Tencent 20160120
TheHacker 20160119
TrendMicro 20160126
TrendMicro-HouseCall 20160126
VBA32 20160120
VIPRE 20160126
ViRobot 20160120
Zillya 20160126
Zoner 20160120
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 1997

Product Client Application
Original name Client.EXE
Internal name Client
File version 1, 1, 23, 8
Description Client MFC Application
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-09-23 05:09:48
Entry Point 0x000FBFD3
Number of sections 6
PE sections
PE imports
DllGetClassObject
ExitProcess
lstrcpy
PE exports
Number of PE resources by type
RT_CURSOR 16
RT_DIALOG 15
RT_GROUP_CURSOR 15
RT_STRING 13
RT_ICON 2
RT_BITMAP 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 54
KOREAN 12
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.1.23.8

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
663552

EntryPoint
0xfbfd3

OriginalFileName
Client.EXE

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 1997

FileVersion
1, 1, 23, 8

TimeStamp
2013:09:23 06:09:48+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Client

ProductVersion
1, 1, 23, 8

FileDescription
Client MFC Application

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
2596864

ProductName
Client Application

ProductVersionNumber
1.1.23.8

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 2319c9c2d73e07bf10dee5518ba7730e
SHA1 0a1d93e6146b70cf253ce0c1ce4513982c4439ba
SHA256 7bd0875a897fcfb5a3ada8b6355a69aa08d3fb4f137198d00681af9f1650a529
ssdeep
49152:bmNktGgxFaHDDvMLQK8wADaOH4wy7EVS6w3RHS/nK:bmOtGgxFanvO8zTH9yuS6qR6

authentihash 86fd3e5f6d8f2f6b702f827a974c4c846c076f075faee1dc97dc3c96f6f9fcd6
imphash 27c70d9664257c3f87ffcb37c3dd0784
File size 1.8 MB ( 1875968 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe

VirusTotal metadata
First submission 2013-10-07 06:05:53 UTC ( 4 years, 1 month ago )
Last submission 2016-01-20 18:04:06 UTC ( 1 year, 10 months ago )
File names Client.EXE
crossfire.exe
Client
crossfire.exe
Legend Online Hack.exe
Behaviour characterization
Zemana
keylogger

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!