× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7fd0a2f13cb61d778acd08a9c632c8bd9b471256e8658b1807a142318f271d3b
File name: 095bbf1c8d9c881f4772825cc89aa720_SOFTPEDIA__Bgcall2620_32.exe
Detection ratio: 1 / 54
Analysis date: 2014-11-04 11:16:00 UTC ( 8 months ago )
Antivirus Result Update
CMC RiskTool.Win32.CloseApp!O 20141104
AVG 20141104
AVware 20141104
Ad-Aware 20141104
AegisLab 20141104
Agnitum 20141103
AhnLab-V3 20141104
Antiy-AVL 20141104
Avast 20141104
Avira 20141104
Baidu-International 20141103
BitDefender 20141104
Bkav 20141104
ByteHero 20141104
CAT-QuickHeal 20141104
ClamAV 20141104
Comodo 20141104
Cyren 20141104
DrWeb 20141104
ESET-NOD32 20141104
Emsisoft 20141104
F-Prot 20141104
F-Secure 20141104
Fortinet 20141104
GData 20141104
Ikarus 20141104
Jiangmin 20141103
K7AntiVirus 20141103
K7GW 20141104
Kaspersky 20141104
Kingsoft 20141104
Malwarebytes 20141104
McAfee 20141104
McAfee-GW-Edition 20141104
MicroWorld-eScan 20141104
Microsoft 20141104
NANO-Antivirus 20141104
Norman 20141104
Qihoo-360 20141104
Rising 20141103
SUPERAntiSpyware 20141104
Sophos 20141104
Symantec 20141104
Tencent 20141104
TheHacker 20141104
TotalDefense 20141104
TrendMicro 20141104
TrendMicro-HouseCall 20141104
VBA32 20141104
VIPRE 20141104
ViRobot 20141104
Zillya 20141103
Zoner 20141104
nProtect 20141103
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Developer metadata
Copyright
Copyright© 2003-2013 INAGAKI

Publisher Hiroshi Inagaki
Product Bgcall
File version
Description Bgcall Setup
Comments This installation was built with Inno Setup.
Packers identified
F-PROT INNO, appended
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-01-30 14:21:56
Link date 3:21 PM 1/30/2013
Entry Point 0x000113BC
Number of sections 8
PE sections
PE imports
RegCloseKey
OpenProcessToken
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControls
GetLastError
GetStdHandle
GetUserDefaultLangID
GetSystemInfo
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetThreadLocale
VirtualProtect
GetFileAttributesW
RtlUnwind
lstrlenW
GetExitCodeProcess
CreateProcessW
GetStartupInfoA
SizeofResource
GetWindowsDirectoryW
LocalAlloc
LockResource
GetDiskFreeSpaceW
GetCommandLineW
SetErrorMode
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetCPInfo
DeleteFileW
GetProcAddress
InterlockedCompareExchange
GetLocaleInfoW
lstrcpynW
RaiseException
WideCharToMultiByte
RemoveDirectoryW
SetFilePointer
GetFullPathNameW
ReadFile
GetEnvironmentVariableW
InterlockedExchange
CreateDirectoryW
WriteFile
GetCurrentProcess
CloseHandle
FindFirstFileW
GetACP
GetModuleHandleW
SignalObjectAndWait
SetEvent
FormatMessageW
LoadLibraryW
CreateEventW
GetVersion
LoadResource
FindResourceW
CreateFileW
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
VirtualAlloc
GetFileSize
SetLastError
ResetEvent
SysReAllocStringLen
SysFreeString
SysAllocStringLen
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
LoadStringW
MessageBoxA
CreateWindowExW
MsgWaitForMultipleObjects
TranslateMessage
CharUpperBuffW
CallWindowProcW
CharNextW
GetKeyboardType
ExitWindowsEx
DispatchMessageW
DestroyWindow
Number of PE resources by type
RT_STRING 6
RT_ICON 4
RT_RCDATA 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 9
ENGLISH US 4
DUTCH 4
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
52736

MIMEType
application/octet-stream

LegalCopyright
Copyright 2003-2013 INAGAKI

TimeStamp
2013:01:30 15:21:56+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

FileAccessDate
2014:11:04 12:17:18+01:00

ProductVersion
2.6.2.0

FileDescription
Bgcall Setup

OSVersion
5.0

FileCreateDate
2014:11:04 12:17:18+01:00

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Hiroshi Inagaki

CodeSize
65024

ProductName
Bgcall

ProductVersionNumber
0.0.0.0

EntryPoint
0x113bc

ObjectFileType
Executable application

File identification
MD5 095bbf1c8d9c881f4772825cc89aa720
SHA1 59c950eaad549cb264e36355562c6107c3446df8
SHA256 7fd0a2f13cb61d778acd08a9c632c8bd9b471256e8658b1807a142318f271d3b
ssdeep
12288:iSxG0h888888888888W88888888888uyIoe6rFP1f+L+rWrJrdyGbcRDm4RqOP/B:JxGpyIoe6rXfar8GbqR1HA/0tMfm9aI

authentihash e6dff8a321c717217d26644db0f27d77910ffdcbe4eeaaf75a4fb0c0ce7eebe5
imphash 48aa5c8931746a9655524f67b25a47ef
File size 733.8 KB ( 751452 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2013-07-08 05:58:42 UTC ( 1 year, 12 months ago )
Last submission 2014-09-03 02:58:13 UTC ( 10 months ago )
File names 095bbf1c8d9c881f4772825cc89aa720_SOFTPEDIA__Bgcall2620_32.exe
Bgcall2620_32.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
UDP communications