× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7e3823251f255c08168a014ed9c88a7cace54eeb4df9d017c96d749ca17f051d
File name: ClassicFramework.exe
Detection ratio: 2 / 55
Analysis date: 2015-07-17 23:35:57 UTC ( 1 year, 6 months ago ) View latest
Antivirus Result Update
Ikarus Trojan.Confuser 20150717
Sophos Mal/MSIL-LL 20150717
ALYac 20150717
AVG 20150717
AVware 20150717
Ad-Aware 20150718
AegisLab 20150717
Yandex 20150717
AhnLab-V3 20150717
Alibaba 20150717
Antiy-AVL 20150717
Arcabit 20150717
Avast 20150717
Avira (no cloud) 20150717
Baidu-International 20150717
BitDefender 20150718
Bkav 20150717
ByteHero 20150718
CAT-QuickHeal 20150717
ClamAV 20150717
Comodo 20150717
Cyren 20150718
DrWeb 20150718
ESET-NOD32 20150717
Emsisoft 20150718
F-Prot 20150717
F-Secure 20150718
Fortinet 20150717
GData 20150718
Jiangmin 20150716
K7AntiVirus 20150717
K7GW 20150717
Kaspersky 20150717
Kingsoft 20150718
Malwarebytes 20150717
McAfee 20150717
McAfee-GW-Edition 20150717
eScan 20150717
Microsoft 20150717
NANO-Antivirus 20150717
Panda 20150717
Qihoo-360 20150718
Rising 20150713
SUPERAntiSpyware 20150718
Symantec 20150717
Tencent 20150718
TheHacker 20150717
TrendMicro 20150717
TrendMicro-HouseCall 20150718
VBA32 20150717
VIPRE 20150717
ViRobot 20150717
Zillya 20150717
Zoner 20150717
nProtect 20150717
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2013

Product ClassicFramework
Original name ClassicFramework.exe
Internal name ClassicFramework.exe
File version 1.0.0.0
Description ClassicFramework
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-07-17 21:44:13
Entry Point 0x0004A00A
Number of sections 5
.NET details
Module Version ID f51fcab9-57f9-4e04-b81e-bc1675cf620f
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
71680

EntryPoint
0x4a00a

OriginalFileName
ClassicFramework.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2013

FileVersion
1.0.0.0

TimeStamp
2015:07:17 22:44:13+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
ClassicFramework.exe

ProductVersion
1.0.0.0

FileDescription
ClassicFramework

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
199168

ProductName
ClassicFramework

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 d652caec6a4983ea9e835045812c1409
SHA1 6d42db15aa69e7783668142849549f91699d522e
SHA256 7e3823251f255c08168a014ed9c88a7cace54eeb4df9d017c96d749ca17f051d
ssdeep
6144:K0jQkSy5zsIrIdmAWQ4FQArCEOAJ2mYFThoBiB30nrU3ortbV6Nj:5QkSesj4FQArZOAJ2mYFThoBiB30nrUt

authentihash b547c686597653af08452d789de240b0c9ee543d0b927a631c9e86eb91392971
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 265.5 KB ( 271872 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Executable MS Visual C++ (generic) (64.5%)
Win32 Dynamic Link Library (generic) (13.5%)
Win32 Executable (generic) (9.3%)
Win16/32 Executable Delphi generic (4.2%)
Generic Win/DOS Executable (4.1%)
Tags
peexe assembly

VirusTotal metadata
First submission 2015-07-17 23:35:57 UTC ( 1 year, 6 months ago )
Last submission 2015-07-17 23:35:57 UTC ( 1 year, 6 months ago )
File names ClassicFramework.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!