× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7d4f6a1bf23efa800dbc61f1d04e2c5b819d05cdfde1321106131232143e11c4
File name: Outlast_TR_Yama_v1.00.exe
Detection ratio: 1 / 67
Analysis date: 2018-07-06 09:29:31 UTC ( 6 months, 2 weeks ago )
Antivirus Result Update
Bkav W32.eHeur.Malware14 20180705
Ad-Aware 20180706
AegisLab 20180706
AhnLab-V3 20180706
Alibaba 20180705
ALYac 20180706
Antiy-AVL 20180706
Arcabit 20180706
Avast 20180706
Avast-Mobile 20180706
AVG 20180706
Avira (no cloud) 20180706
AVware 20180706
Babable 20180406
Baidu 20180706
BitDefender 20180706
CAT-QuickHeal 20180706
ClamAV 20180706
CMC 20180706
Comodo 20180706
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180706
Cyren 20180706
DrWeb 20180706
eGambit 20180706
Emsisoft 20180706
Endgame 20180612
ESET-NOD32 20180706
F-Prot 20180706
F-Secure 20180706
Fortinet 20180706
GData 20180706
Ikarus 20180706
Sophos ML 20180601
Jiangmin 20180706
K7AntiVirus 20180706
K7GW 20180706
Kaspersky 20180706
Kingsoft 20180706
Malwarebytes 20180706
MAX 20180706
McAfee 20180706
McAfee-GW-Edition 20180706
Microsoft 20180706
eScan 20180706
NANO-Antivirus 20180706
Palo Alto Networks (Known Signatures) 20180706
Panda 20180705
Qihoo-360 20180706
Rising 20180706
SentinelOne (Static ML) 20180701
Sophos AV 20180706
SUPERAntiSpyware 20180705
Symantec 20180706
TACHYON 20180706
Tencent 20180706
TheHacker 20180628
TrendMicro 20180706
TrendMicro-HouseCall 20180706
Trustlook 20180706
VBA32 20180705
VIPRE 20180706
ViRobot 20180706
Webroot 20180706
Yandex 20180705
Zillya 20180705
ZoneAlarm by Check Point 20180706
Zoner 20180705
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2013 - OyunCeviri.com

Product Outlast Türkçe Yama
File version 1.00
Description Outlast TR v1.00
Comments Oyunlar artýk Türkçe :)
Packers identified
F-PROT NSIS, docwrite, UPX, Unicode, appended
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-12-05 22:50:46
Entry Point 0x0003B400
Number of sections 3
PE sections
Overlays
MD5 494e86adf3e20e5361a3e04feffd0742
File type data
Offset 26112
Size 27245577
Entropy 8.00
PE imports
RegEnumKeyA
SetBkMode
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
ShellExecuteA
VerQueryValueA
CoTaskMemFree
Number of PE resources by type
RT_DIALOG 4
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 7
NEUTRAL 1
PE resources
ExifTool file metadata
LegalTrademarks
Outlast Red Barrels

SubsystemVersion
4.0

Comments
Oyunlar art k T rk e :)

LinkerVersion
6.0

ImageVersion
6.0

CompanyWebsite
http://www.oyunceviri.com

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x0000

FileDescription
Outlast TR v1.00

CharacterSet
Windows, Latin1

InitializedDataSize
8192

EntryPoint
0x3b400

MIMEType
application/octet-stream

LegalCopyright
2013 - OyunCeviri.com

FileVersion
1.0

TimeStamp
2009:12:05 23:50:46+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0

UninitializedDataSize
221184

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
OyunCeviri.com

CodeSize
20480

ProductName
Outlast T rk e Yama

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 e488c441f4cb089a352d57e45ed2f2e6
SHA1 fcc6e2a343a74b0c588a038b015620df990e9574
SHA256 7d4f6a1bf23efa800dbc61f1d04e2c5b819d05cdfde1321106131232143e11c4
ssdeep
786432:VLqcwcRjwmBjd4qllxfCZDNvzoKI0MCOVXtp21DCAJhnQT:8cRlB5lhGzoKL6twDCAJo

authentihash 27a07d8dc2735a18a3bbc1f5745d7124b4876d8b6ed1e905990afb4931a568df
imphash 2134f794bcda54794e74b7208adb2204
File size 26.0 MB ( 27271689 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (38.2%)
Win32 EXE Yoda's Crypter (37.5%)
Win32 Dynamic Link Library (generic) (9.2%)
Win32 Executable (generic) (6.3%)
OS/2 Executable (generic) (2.8%)
Tags
nsis peexe upx overlay

VirusTotal metadata
First submission 2013-09-19 11:36:47 UTC ( 5 years, 4 months ago )
Last submission 2018-07-06 09:29:31 UTC ( 6 months, 2 weeks ago )
File names Outlast Türkçe Yama v1.00.exe
Outlast Türkçe Yama v1.00.exe
O_TR_Yama_v1.00.exe
outlast_tr_yama_v1.00.exe
outlast türkçe yama v1.00.exe
Outlast_TR_Yama_v1.00.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
keylogger

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!