× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8092a0200a1fbc9e1917aa58483af308120f22fe750e83ba944e0adfe7d51bc5
File name: jodie_okonofficia-quo.exe
Detection ratio: 2 / 56
Analysis date: 2015-09-01 12:36:44 UTC ( 3 years, 8 months ago ) View latest
Antivirus Result Update
Kaspersky UDS:DangerousObject.Multi.Generic 20150901
Qihoo-360 HEUR/QVM20.1.Malware.Gen 20150901
Ad-Aware 20150901
AegisLab 20150901
Yandex 20150831
AhnLab-V3 20150831
Alibaba 20150901
ALYac 20150901
Antiy-AVL 20150901
Arcabit 20150901
Avast 20150901
AVG 20150901
Avira (no cloud) 20150901
AVware 20150901
Baidu-International 20150901
BitDefender 20150901
Bkav 20150901
ByteHero 20150901
CAT-QuickHeal 20150901
ClamAV 20150901
CMC 20150831
Comodo 20150901
Cyren 20150901
DrWeb 20150901
Emsisoft 20150901
ESET-NOD32 20150901
F-Prot 20150901
F-Secure 20150901
Fortinet 20150901
GData 20150901
Ikarus 20150901
Jiangmin 20150831
K7AntiVirus 20150901
K7GW 20150901
Kingsoft 20150901
Malwarebytes 20150901
McAfee 20150901
McAfee-GW-Edition 20150901
Microsoft 20150901
eScan 20150901
NANO-Antivirus 20150901
nProtect 20150901
Panda 20150901
Rising 20150901
Sophos AV 20150901
SUPERAntiSpyware 20150829
Symantec 20150831
Tencent 20150901
TheHacker 20150831
TrendMicro 20150901
TrendMicro-HouseCall 20150901
VBA32 20150901
VIPRE 20150901
ViRobot 20150901
Zillya 20150901
Zoner 20150901
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Simple Document Viewer©. All rights reserved.

Product Simple Document Viewer
File version 1.6
Description Simple Document Viewer
Comments Simple Document Viewer for home PC
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-06-18 10:05:43
Entry Point 0x00002180
Number of sections 4
PE sections
PE imports
GetSystemTime
GetLastError
InitializeCriticalSection
EnterCriticalSection
lstrlenA
WaitForSingleObject
FreeLibrary
QueryPerformanceCounter
ExitProcess
DisableThreadLibraryCalls
lstrlenW
DeleteCriticalSection
SystemTimeToFileTime
CompareFileTime
LocalAlloc
UnhandledExceptionFilter
TlsGetValue
QueryPerformanceFrequency
WideCharToMultiByte
SetUnhandledExceptionFilter
lstrcpyA
CloseHandle
GetSystemTimeAsFileTime
lstrcpynA
IsValidLocale
SetEvent
LocalFree
TerminateProcess
IsValidCodePage
VirtualQuery
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemAlloc
SetErrorInfo
LoadRegTypeLib
SysAllocStringLen
RegisterTypeLib
VariantClear
SysAllocString
LoadTypeLib
SysFreeString
IsWindow
RegisterShellHookWindow
CreateUrlCacheEntryW
HttpOpenRequestA
CommitUrlCacheEntryW
InternetOpenUrlW
SetUrlCacheEntryInfoW
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_DIALOG 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
Simple Document Viewer . 2014

SubsystemVersion
4.0

Comments
Simple Document Viewer for home PC

LinkerVersion
2.56

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.6.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Simple Document Viewer

CharacterSet
Windows, Latin1

InitializedDataSize
10752

EntryPoint
0x2180

MIMEType
application/octet-stream

LegalCopyright
Simple Document Viewer . All rights reserved.

FileVersion
1.6

TimeStamp
2015:06:18 11:05:43+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.6.0.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Legendary Soft

CodeSize
61440

ProductName
Simple Document Viewer

ProductVersionNumber
1.6.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 7c94abe2e3b60f8a72b7358d50d04ee0
SHA1 ab7ca20c03aa37171a6eec9d9879cb4ce77c25fe
SHA256 8092a0200a1fbc9e1917aa58483af308120f22fe750e83ba944e0adfe7d51bc5
ssdeep
768:JEINqEOPs7yLIZeViY5MUz1nC3rjN7uuGeDKLefMYyhDFrR3Pw8S4Q6M/DLCRi3G:6INqt7pViY5MMynN/FKC0ZDFtfSFLjG

authentihash 2e8ba06da21936a395e4ea5a0551a0b16efed182bebf205bf926e9be8d053060
imphash 3ec6d7a201f6b9683dd1283f9a378e7a
File size 71.5 KB ( 73216 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (61.6%)
Win32 Dynamic Link Library (generic) (14.6%)
Win32 Executable (generic) (10.0%)
Win16/32 Executable Delphi generic (4.6%)
Generic Win/DOS Executable (4.4%)
Tags
peexe

VirusTotal metadata
First submission 2015-09-01 11:35:39 UTC ( 3 years, 8 months ago )
Last submission 2015-11-09 17:39:06 UTC ( 3 years, 6 months ago )
File names NrpbeAw.dwg
melvinaquod.enim.exe
jodie_okonofficia-quo.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Created processes
Opened mutexes
Runtime DLLs