× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 85c61369543e99373a48c002ec1e300405482333d73a37f8efd1d91e320b6fe9
File name: cuninst.exe
Detection ratio: 0 / 57
Analysis date: 2015-03-03 20:10:26 UTC ( 3 years, 4 months ago )
Antivirus Result Update
Ad-Aware 20150303
AegisLab 20150303
Yandex 20150228
AhnLab-V3 20150303
Alibaba 20150303
ALYac 20150303
Antiy-AVL 20150303
Avast 20150303
AVG 20150303
Avira (no cloud) 20150303
AVware 20150303
Baidu-International 20150303
BitDefender 20150303
Bkav 20150303
ByteHero 20150303
CAT-QuickHeal 20150303
ClamAV 20150303
CMC 20150301
Comodo 20150303
Cyren 20150303
DrWeb 20150303
Emsisoft 20150303
ESET-NOD32 20150303
F-Prot 20150303
F-Secure 20150303
Fortinet 20150303
GData 20150303
Ikarus 20150303
Jiangmin 20150303
K7AntiVirus 20150303
K7GW 20150303
Kaspersky 20150303
Kingsoft 20150303
Malwarebytes 20150303
McAfee 20150303
McAfee-GW-Edition 20150303
Microsoft 20150303
eScan 20150303
NANO-Antivirus 20150303
Norman 20150303
nProtect 20150303
Panda 20150303
Qihoo-360 20150303
Rising 20150303
Sophos AV 20150303
SUPERAntiSpyware 20150303
Symantec 20150303
Tencent 20150303
TheHacker 20150303
TotalDefense 20150303
TrendMicro 20150303
TrendMicro-HouseCall 20150303
VBA32 20150303
VIPRE 20150303
ViRobot 20150303
Zillya 20150303
Zoner 20150303
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 2013 - Present RealDimensions Software, LLC

Publisher RealDimensions Software, LLC
Product ShimGen generated shim
Original name cuninst.exe
Internal name cuninst.exe
File version 0.5.0.0
Description ShimGen generated shim
Comments This is a shim that points to a particular file. It was generated by ShimGen (Shim Generator). The use of shimgen must comply with its proprietary license.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-02-22 18:54:16
Entry Point 0x0000635E
Number of sections 3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 2
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 5
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
This is a shim that points to a particular file. It was generated by ShimGen (Shim Generator). The use of shimgen must comply with its proprietary license.

InitializedDataSize
7168

ImageVersion
0.0

ProductName
ShimGen generated shim

FileVersionNumber
0.5.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
11.0

OriginalFilename
cuninst.exe

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
0.5.0.0

TimeStamp
2015:02:22 19:54:16+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
cuninst.exe

ProductVersion
0.5.0.825e7d6b

FileDescription
ShimGen generated shim

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2013 - Present RealDimensions Software, LLC

MachineType
Intel 386 or later, and compatibles

CompanyName
RealDimensions Software, LLC

CodeSize
17408

FileSubtype
0

ProductVersionNumber
0.5.0.825

EntryPoint
0x635e

ObjectFileType
Executable application

AssemblyVersion
0.5.0.0

File identification
MD5 c67d1187e7b03f0ecc82adc0c38c93dc
SHA1 63cc5f0cada02286aff0d99439e44e0acacdd84d
SHA256 85c61369543e99373a48c002ec1e300405482333d73a37f8efd1d91e320b6fe9
ssdeep
384:IccKXA5mJuQWCFAi7cWgrV9fNiLA0XXxhtPDutkzxbbbbGbZY4he9LL:fFwxni4rR9CutkzxbbbbGbO4h6L

authentihash 62404a79fd31bd244bb53450606412929d4abdd7d591c1f7caa70a27e1d862a9
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 24.5 KB ( 25088 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2015-03-03 20:10:26 UTC ( 3 years, 4 months ago )
Last submission 2015-03-03 20:10:26 UTC ( 3 years, 4 months ago )
File names cuninst.exe
cuninst.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!