× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 807937fb27f91688da4877aa40f4cd6e7f3a40aea2c20120ea88c4e6bf090cb6
File name: 807937fb27f91688da4877aa40f4cd6e7f3a40aea2c20120ea88c4e6bf090cb6
Detection ratio: 1 / 67
Analysis date: 2018-07-09 09:50:10 UTC ( 10 months, 2 weeks ago )
Antivirus Result Update
Bkav W32.eHeur.Malware14 20180706
Ad-Aware 20180709
AegisLab 20180709
AhnLab-V3 20180709
Alibaba 20180709
ALYac 20180709
Antiy-AVL 20180709
Arcabit 20180709
Avast 20180709
Avast-Mobile 20180709
AVG 20180709
Avira (no cloud) 20180709
AVware 20180709
Babable 20180406
Baidu 20180709
BitDefender 20180709
CAT-QuickHeal 20180709
ClamAV 20180709
CMC 20180709
Comodo 20180709
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180709
Cyren 20180709
DrWeb 20180709
eGambit 20180709
Emsisoft 20180709
Endgame 20180612
ESET-NOD32 20180709
F-Prot 20180709
F-Secure 20180709
Fortinet 20180709
GData 20180709
Ikarus 20180709
Sophos ML 20180601
Jiangmin 20180709
K7AntiVirus 20180709
K7GW 20180709
Kaspersky 20180709
Kingsoft 20180709
Malwarebytes 20180709
MAX 20180709
McAfee 20180709
McAfee-GW-Edition 20180709
Microsoft 20180709
eScan 20180709
NANO-Antivirus 20180709
Palo Alto Networks (Known Signatures) 20180709
Panda 20180708
Qihoo-360 20180709
Rising 20180709
SentinelOne (Static ML) 20180701
Sophos AV 20180709
SUPERAntiSpyware 20180708
Symantec 20180709
TACHYON 20180709
Tencent 20180709
TheHacker 20180709
TrendMicro 20180709
TrendMicro-HouseCall 20180709
Trustlook 20180709
VBA32 20180707
VIPRE 20180709
ViRobot 20180709
Webroot 20180709
Yandex 20180706
Zillya 20180706
ZoneAlarm by Check Point 20180709
Zoner 20180708
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2011

Product Plants vs Zombies Türkçe Yama
File version 1.00
Description Plants vs Zombies TR v1.00
Comments Türkçe Yama
Packers identified
F-PROT NSIS, appended, UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-12-05 22:50:46
Entry Point 0x0003C400
Number of sections 3
PE sections
Overlays
MD5 22492aa6a8ad2019904cb4dbd321ab39
File type data
Offset 26112
Size 32817295
Entropy 8.00
PE imports
RegEnumKeyA
SetBkMode
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
ShellExecuteA
VerQueryValueA
CoTaskMemFree
Number of PE resources by type
RT_DIALOG 4
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 7
NEUTRAL 1
PE resources
ExifTool file metadata
CodeSize
20480

SubsystemVersion
4.0

Comments
T rk e Yama

InitializedDataSize
8192

ImageVersion
6.0

CompanyWebsite
http://www.oyunceviri.com

ProductName
Plants vs Zombies T rk e Yama

FileVersionNumber
1.0.0.0

UninitializedDataSize
225280

LanguageCode
Neutral

FileFlagsMask
0x0000

CharacterSet
Windows, Latin1

LinkerVersion
6.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0

TimeStamp
2009:12:05 23:50:46+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0

FileDescription
Plants vs Zombies TR v1.00

OSVersion
4.0

FileOS
Win32

LegalCopyright
2011

MachineType
Intel 386 or later, and compatibles

CompanyName
T rk e Yama

LegalTrademarks
Plants vs Zombies PopCap Games

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x3c400

ObjectFileType
Executable application

File identification
MD5 6b24d4e26d09a31b7ce2d37aa13bc7de
SHA1 d5161240e4154ad886f88f9d520579d39f7665e7
SHA256 807937fb27f91688da4877aa40f4cd6e7f3a40aea2c20120ea88c4e6bf090cb6
ssdeep
786432:XzrctnJYIjTcPCo02pEqfyXZD5qpgzEAugyhegMJZYE:DraJY2iCZ25fsDKIC7oDJmE

authentihash 5cf5abca3f6852ffac5b79c1eeaedd0edbfcc3272c297dae5a946cb07226e0cd
imphash 2134f794bcda54794e74b7208adb2204
File size 31.3 MB ( 32843407 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (38.2%)
Win32 EXE Yoda's Crypter (37.5%)
Win32 Dynamic Link Library (generic) (9.2%)
Win32 Executable (generic) (6.3%)
OS/2 Executable (generic) (2.8%)
Tags
nsis peexe upx overlay

VirusTotal metadata
First submission 2014-01-22 14:05:36 UTC ( 5 years, 4 months ago )
Last submission 2017-03-18 07:46:03 UTC ( 2 years, 2 months ago )
File names Plants_vs_Zombies_Turkce_Yama_v1.00.exe
plants_vs_zombies_turkce_yama_v1.00.exe
Behaviour characterization
Zemana
keylogger

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!