× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 83b616bd71cbf0043c2844f6d139ce89a41f5af7d5aa58bf01eaab1ffffe5f7e
File name: reboot.exe
Detection ratio: 4 / 41
Analysis date: 2009-07-14 19:09:16 UTC ( 4 years, 9 months ago ) View latest
Antivirus Result Update
CAT-QuickHeal (Suspicious) - DNAScan 20090714
Sophos Sus/ComPack-C 20090714
TheHacker W32/Behav-Heuristic-066 20090714
eSafe Suspicious File 20090714
AVG 20090714
AhnLab-V3 20090714
AntiVir 20090714
Antiy-AVL 20090714
Authentium 20090714
Avast 20090713
BitDefender 20090714
ClamAV 20090714
Comodo 20090714
DrWeb 20090714
F-Prot 20090713
F-Secure 20090714
Fortinet 20090714
GData 20090714
Ikarus 20090714
Jiangmin 20090714
K7AntiVirus 20090714
Kaspersky 20090714
McAfee 20090714
McAfee+Artemis 20090714
McAfee-GW-Edition 20090714
Microsoft 20090714
NOD32 20090714
Norman 20090714
PCTools 20090714
Panda 20090714
Prevx 20090714
Rising 20090714
Sunbelt 20090714
Symantec 20090714
TrendMicro 20090714
VBA32 20090714
ViRobot 20090714
VirusBuster 20090714
a-squared 20090714
eTrust-Vet 20090714
nProtect 20090714
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright (c) 2005-2006 Antonis Kaladis

Publisher Antonis Kaladis
Original name reboot.exe
File version 1, 0, 0, 0
Packers identified
F-PROT TeLock
PEiD tElock v0.98
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-12-10 15:44:13
Entry Point 0x0002FBD6
Number of sections 6
PE sections
PE imports
GetModuleHandleA
MessageBoxA
Number of PE resources by type
RT_MENU 2
RT_DIALOG 1
RT_VERSION 1
Number of PE resources by language
DUTCH BELGIAN 2
ENGLISH US 2
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
45056

ImageVersion
0.0

FileVersionNumber
1.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

OriginalFilename
reboot.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1, 0, 0, 0

TimeStamp
2005:12:10 16:44:13+01:00

FileType
Win32 EXE

PEType
PE32

FileAccessDate
2013:12:24 00:23:19+01:00

ProductVersion
1, 0, 0, 0

SubsystemVersion
4.0

OSVersion
4.0

FileCreateDate
2013:12:24 00:23:19+01:00

FileOS
Windows NT 32-bit

LegalCopyright
Copyright (c) 2005-2006 Antonis Kaladis

MachineType
Intel 386 or later, and compatibles

CompanyName
Antonis Kaladis

CodeSize
0

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x2fbd6

ObjectFileType
Executable application

File identification
MD5 994f3e97c11a47588cf51113c2b0055a
SHA1 967cb1b5c680edda4e132d5bd49b2b0890a742a8
SHA256 83b616bd71cbf0043c2844f6d139ce89a41f5af7d5aa58bf01eaab1ffffe5f7e
ssdeep
768:kS77Dk/OZaBichhYRvfaQPpdr2LynNTCn5+Qsk9f4Pr5:HfA2kfhhxQPzKLeC5+Qsdj

File size 48.0 KB ( 49152 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID tElock compressed/encrypted Win32 executable (71.0%)
Win32 Dynamic Link Library (generic) (12.6%)
Win32 Executable (generic) (8.6%)
Generic Win/DOS Executable (3.8%)
DOS Executable Generic (3.8%)
Tags
telock peexe

VirusTotal metadata
First submission 2008-08-05 23:44:19 UTC ( 5 years, 8 months ago )
Last submission 2013-12-23 23:23:12 UTC ( 4 months ago )
File names 0.vir
smona131157070898469509044
file-2314967_exe
REBOOT.EXE
file-6121589_EXE
rebootEEE.exe
994f3e97c11a47588cf51113c2b0055a
reboot.exe
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/index.php?s=pua&lang=en .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!