× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7fd0a2f13cb61d778acd08a9c632c8bd9b471256e8658b1807a142318f271d3b
File name: Bgcall2620_32.exe
Detection ratio: 0 / 45
Analysis date: 2013-11-19 00:59:39 UTC ( 5 months ago )
Antivirus Result Update
AVG 20131118
Agnitum 20131118
AhnLab-V3 20131118
AntiVir 20131119
Antiy-AVL 20131118
Avast 20131119
Baidu-International 20131118
BitDefender 20131119
Bkav 20131118
ByteHero 20131118
CAT-QuickHeal 20131119
ClamAV 20131119
Commtouch 20131119
Comodo 20131119
DrWeb 20131119
ESET-NOD32 20131119
Emsisoft 20131119
F-Prot 20131119
F-Secure 20131119
Fortinet 20131118
GData 20131118
Ikarus 20131119
Jiangmin 20131118
K7AntiVirus 20131118
K7GW 20131118
Kaspersky 20131119
Kingsoft 20130829
Malwarebytes 20131119
McAfee 20131119
McAfee-GW-Edition 20131118
MicroWorld-eScan 20131119
Microsoft 20131118
NANO-Antivirus 20131119
Norman None
Panda 20131118
Rising 20131118
SUPERAntiSpyware 20131118
Sophos 20131119
Symantec 20131119
TheHacker 20131118
TotalDefense 20131118
TrendMicro 20131119
TrendMicro-HouseCall 20131119
VBA32 20131118
VIPRE 20131119
ViRobot 20131119
nProtect 20131118
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
Authenticode signature block
Copyright
Copyright© 2003-2013 INAGAKI

Publisher Hiroshi Inagaki
Product Bgcall
Description Bgcall Setup
Comments This installation was built with Inno Setup.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-01-30 14:21:56
Link date 3:21 PM 1/30/2013
Entry Point 0x000113BC
Number of sections 8
PE sections
PE imports
RegCloseKey
OpenProcessToken
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControls
GetLastError
GetStdHandle
GetUserDefaultLangID
GetSystemInfo
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetThreadLocale
VirtualProtect
GetFileAttributesW
RtlUnwind
lstrlenW
GetExitCodeProcess
CreateProcessW
GetStartupInfoA
SizeofResource
GetWindowsDirectoryW
LocalAlloc
LockResource
GetDiskFreeSpaceW
GetCommandLineW
SetErrorMode
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetCPInfo
DeleteFileW
GetProcAddress
InterlockedCompareExchange
GetLocaleInfoW
lstrcpynW
RaiseException
WideCharToMultiByte
RemoveDirectoryW
SetFilePointer
GetFullPathNameW
ReadFile
GetEnvironmentVariableW
InterlockedExchange
CreateDirectoryW
WriteFile
GetCurrentProcess
CloseHandle
FindFirstFileW
GetACP
GetModuleHandleW
SignalObjectAndWait
SetEvent
FormatMessageW
LoadLibraryW
CreateEventW
GetVersion
LoadResource
FindResourceW
CreateFileW
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
VirtualAlloc
GetFileSize
SetLastError
ResetEvent
SysReAllocStringLen
SysFreeString
SysAllocStringLen
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
LoadStringW
MessageBoxA
CreateWindowExW
MsgWaitForMultipleObjects
TranslateMessage
CharUpperBuffW
CallWindowProcW
CharNextW
GetKeyboardType
ExitWindowsEx
DispatchMessageW
DestroyWindow
Number of PE resources by type
RT_STRING 6
RT_ICON 4
RT_RCDATA 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 9
ENGLISH US 4
DUTCH 4
File identification
MD5 095bbf1c8d9c881f4772825cc89aa720
SHA1 59c950eaad549cb264e36355562c6107c3446df8
SHA256 7fd0a2f13cb61d778acd08a9c632c8bd9b471256e8658b1807a142318f271d3b
ssdeep
12288:iSxG0h888888888888W88888888888uyIoe6rFP1f+L+rWrJrdyGbcRDm4RqOP/B:JxGpyIoe6rXfar8GbqR1HA/0tMfm9aI

File size 733.8 KB ( 751452 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2013-07-08 05:58:42 UTC ( 9 months, 2 weeks ago )
Last submission 2013-07-26 18:57:21 UTC ( 9 months ago )
File names Bgcall2620_32.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!