× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8054e61031d13760310a217b88f548387f188fd1c0e10dd221114b9b5fed018f
File name: clist.exe
Detection ratio: 0 / 57
Analysis date: 2016-09-20 04:17:15 UTC ( 2 years, 2 months ago )
Antivirus Result Update
Ad-Aware 20160920
AegisLab 20160920
AhnLab-V3 20160919
Alibaba 20160920
ALYac 20160920
Antiy-AVL 20160920
Arcabit 20160919
Avast 20160920
AVG 20160920
Avira (no cloud) 20160920
AVware 20160920
Baidu 20160914
BitDefender 20160920
Bkav 20160919
CAT-QuickHeal 20160919
ClamAV 20160920
CMC 20160916
Comodo 20160919
CrowdStrike Falcon (ML) 20160725
Cyren 20160920
DrWeb 20160920
Emsisoft 20160920
ESET-NOD32 20160919
F-Prot 20160920
F-Secure 20160920
Fortinet 20160920
GData 20160920
Ikarus 20160919
Sophos ML 20160917
Jiangmin 20160920
K7AntiVirus 20160919
K7GW 20160919
Kaspersky 20160920
Kingsoft 20160920
Malwarebytes 20160919
McAfee 20160920
McAfee-GW-Edition 20160920
Microsoft 20160920
eScan 20160919
NANO-Antivirus 20160920
nProtect 20160920
Panda 20160919
Qihoo-360 20160920
Rising 20160920
Sophos AV 20160920
SUPERAntiSpyware 20160919
Symantec 20160920
Tencent 20160920
TheHacker 20160918
TrendMicro 20160920
TrendMicro-HouseCall 20160920
VBA32 20160919
VIPRE 20160920
ViRobot 20160920
Yandex 20160919
Zillya 20160919
Zoner 20160920
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 2013 - Present RealDimensions Software, LLC

Product ShimGen generated shim
Original name clist.exe
Internal name clist.exe
File version 0.5.1.0
Description ShimGen generated shim
Comments This is a shim that points to a particular file. It was generated by ShimGen (Shim Generator). The use of shimgen must comply with its proprietary license.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-03-07 00:11:37
Entry Point 0x0000638E
Number of sections 3
.NET details
Module Version ID 833fa04f-9e3c-4d58-b7c0-e525f43ea498
TypeLib ID 6104579d-2ee7-414d-b467-aa4a1e2d440a
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 2
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 5
PE resources
ExifTool file metadata
FileDescription
ShimGen generated shim

Comments
This is a shim that points to a particular file. It was generated by ShimGen (Shim Generator). The use of shimgen must comply with its proprietary license.

LinkerVersion
11.0

ImageVersion
0.0

ProductName
ShimGen generated shim

FileVersionNumber
0.5.1.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
7168

FileTypeExtension
exe

OriginalFileName
clist.exe

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
0.5.1.0

TimeStamp
2015:03:07 01:11:37+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
clist.exe

SubsystemVersion
4.0

ProductVersion
0.5.1.4d3409c9

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2013 - Present RealDimensions Software, LLC

MachineType
Intel 386 or later, and compatibles

CompanyName
RealDimensions Software, LLC

CodeSize
17408

FileSubtype
0

ProductVersionNumber
0.5.1.4

EntryPoint
0x638e

ObjectFileType
Executable application

AssemblyVersion
0.5.1.0

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Compressed bundles
File identification
MD5 e06e3f081e37533c7915d94c85e117ff
SHA1 c3ad89ee21e9d039ba795817b38a7dac9e7fe830
SHA256 8054e61031d13760310a217b88f548387f188fd1c0e10dd221114b9b5fed018f
ssdeep
384:vgidMELsnmPh2AcWgrm9UNixe0XXxhtRwBGb7xbbbbGbZY4he9LL:vxdenmPArS90Gb7xbbbbGbO4h6L

authentihash a44347860aec021b6153fed144a18653b55d133d84f2539e582037ede277d483
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 24.5 KB ( 25088 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2015-03-09 17:21:07 UTC ( 3 years, 9 months ago )
Last submission 2016-07-03 12:50:32 UTC ( 2 years, 5 months ago )
File names dss_5578101140581712237.oq2zxy
dss_5496260911422397336.xkt5tb
clist.exe
dss_5194260656767435306.fxd58w
dss_5526415172042481839.p2qqe6
clist.exe
clist.exe
clist.exe
dss_4630264096900200582.uordlg
clist.exe
dss_5392963126235791109.cyzocd
dss_5697383877572336078.7plfhd
dss_5440509773435853246.urbqzu
clist.exe
dss_4851145876911580696.zvkwr5
dss_5012646802296147253.2uyl5u
clist.exe
dss_4909933739028763971.2arnqc
dss_5150251118686983339.kytjzo
dss_4733118623736790156.vibjfl
clist.exe.9740_1.36362.partial
dss_5544937022742956240.nunl7v
dss_5288454334289651782.h4thbs
clist.exe.old
dss_5169230960737798932.6eg0xx
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!