× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8531dcd08141ed06b273ef02287a0bdee9018e2fc26a74b1d9011ef48230c52c
File name: aaaa
Detection ratio: 3 / 49
Analysis date: 2016-08-18 11:25:11 UTC ( 2 years, 8 months ago ) View latest
Antivirus Result Update
Avira (no cloud) TR/Crypt.Xpack.rlsn 20160818
Microsoft TrojanDownloader:Win32/Talalpek.A 20160818
Qihoo-360 HEUR/QVM09.0.0000.Malware.Gen 20160818
Ad-Aware 20160818
AegisLab 20160818
AhnLab-V3 20160817
Alibaba 20160818
ALYac 20160818
Antiy-AVL 20160818
Arcabit 20160818
Avast 20160818
AVG 20160818
AVware 20160818
Baidu 20160818
BitDefender 20160818
Bkav 20160816
CAT-QuickHeal 20160818
ClamAV 20160818
CMC 20160818
Comodo 20160818
Cyren 20160818
DrWeb 20160818
Emsisoft 20160818
ESET-NOD32 20160818
F-Prot 20160818
F-Secure 20160818
Fortinet 20160818
GData 20160818
Ikarus 20160818
Jiangmin 20160818
K7AntiVirus 20160818
K7GW 20160818
Kaspersky 20160818
Kingsoft 20160818
Malwarebytes 20160818
McAfee 20160818
McAfee-GW-Edition 20160818
eScan 20160818
NANO-Antivirus 20160818
nProtect 20160817
Panda 20160817
Rising 20160818
Sophos AV 20160818
SUPERAntiSpyware 20160818
Symantec 20160818
Tencent 20160818
TheHacker 20160817
TrendMicro 20160818
TrendMicro-HouseCall 20160818
VBA32 20160817
VIPRE 20160818
ViRobot 20160818
Zillya 20160817
Zoner 20160818
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).

Product Qt Assistant
Original name assistant.exe
Internal name assistant.exe
File version 1.0.0.0
Description Qt Assistant
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-08-16 18:35:20
Entry Point 0x00003C76
Number of sections 4
PE sections
PE imports
GetStdHandle
GetConsoleOutputCP
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
GetThreadContext
SetStdHandle
CheckRemoteDebuggerPresent
GetCPInfo
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
FormatMessageW
InitializeCriticalSection
LoadResource
InterlockedDecrement
OutputDebugStringA
SetLastError
TlsGetValue
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetVersionExA
GetModuleFileNameA
lstrcmpiW
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
GetModuleHandleA
CreateThread
RtlCaptureStackBackTrace
GetExitCodeThread
SetUnhandledExceptionFilter
TerminateProcess
WriteConsoleA
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
GetTickCount
DisableThreadLibraryCalls
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetNamedPipeHandleStateA
DeleteFileW
GetProcAddress
GetProcessHeap
GetComputerNameW
ExpandEnvironmentStringsW
CreateFileW
SetFileApisToOEM
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
lstrlenW
GetEnvironmentStrings
GetCurrentProcessId
WideCharToMultiByte
HeapSize
GetCommandLineA
RaiseException
TlsFree
SetFilePointer
CloseHandle
GetACP
GetModuleHandleW
SizeofResource
HeapCreate
FindResourceW
VirtualFree
Sleep
VirtualAlloc
GetParent
GetPropW
ShowWindow
SetPropW
PeekMessageW
InSendMessageEx
EnableWindow
TranslateMessage
GetDlgItemTextW
PostMessageW
SendMessageW
SetDlgItemTextW
DispatchMessageW
GetIconInfo
DestroyIcon
UnregisterClassA
LoadStringW
GetDlgItem
RemovePropW
LoadImageW
IsDlgButtonChecked
MapVirtualKeyExW
MsgWaitForMultipleObjects
CharNextW
CoUninitialize
CoInitializeEx
CoCreateInstance
Number of PE resources by type
RT_ICON 6
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
GERMAN NEUTRAL 9
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
224768

EntryPoint
0x3c76

OriginalFileName
assistant.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).

FileVersion
1.0.0.0

TimeStamp
2016:08:16 19:35:20+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
assistant.exe

ProductVersion
1.0.0.0

FileDescription
Qt Assistant

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Nokia Corporation and/or its subsidiary(-ies)

CodeSize
40448

ProductName
Qt Assistant

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 d3d2a951a276cf21e3f7f8e41d767e1d
SHA1 c26a41c15e2c25238a18b6430cafc126acf950f2
SHA256 8531dcd08141ed06b273ef02287a0bdee9018e2fc26a74b1d9011ef48230c52c
ssdeep
3072:+QoB2fburiM7UPknTdYf7MpxXHJLzMJnQTrf0jVnsK7fLq9dUSz+00QEb/:/oB2TgdCknTdYf7Mp/gJ08JnbfLzQE

authentihash 4855692fa94d183ff647a319134566b8e114d50c859798af3450f8d03a276a5e
imphash 2e61a6e2cfd7c2dd9ba8926ac4cc6952
File size 188.5 KB ( 193024 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-08-18 11:25:11 UTC ( 2 years, 8 months ago )
Last submission 2016-09-17 09:46:44 UTC ( 2 years, 7 months ago )
File names aaaa
assistant.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications