× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 868f384b9f04b04ed4a59b4a44250de09b6e61e7235435aefb6e4a23e7e58cb4
File name: PlayCap
Detection ratio: 2 / 64
Analysis date: 2017-10-18 12:01:34 UTC ( 1 year, 6 months ago )
Antivirus Result Update
eGambit malicious_confidence_100% 20171018
WhiteArmor Malware.HighConfidence 20171016
Ad-Aware 20171018
AegisLab 20171018
AhnLab-V3 20171018
Alibaba 20170911
ALYac 20171018
Antiy-AVL 20171018
Arcabit 20171017
Avast 20171018
Avast-Mobile 20171018
AVG 20171018
Avira (no cloud) 20171018
AVware 20171018
Baidu 20171018
BitDefender 20171018
Bkav 20171018
CAT-QuickHeal 20171018
ClamAV 20171018
CMC 20171018
Comodo 20171017
CrowdStrike Falcon (ML) 20170804
Cylance 20171018
Cyren 20171018
Emsisoft 20171018
Endgame 20171016
ESET-NOD32 20171018
F-Prot 20171018
F-Secure 20171018
Fortinet 20171018
GData 20171018
Ikarus 20171018
Sophos ML 20170914
Jiangmin 20171018
K7AntiVirus 20171017
K7GW 20171016
Kaspersky 20171018
Kingsoft 20171018
Malwarebytes 20171018
MAX 20171018
McAfee 20171018
McAfee-GW-Edition 20171018
Microsoft 20171018
eScan 20171018
NANO-Antivirus 20171018
nProtect 20171018
Palo Alto Networks (Known Signatures) 20171018
Panda 20171017
Qihoo-360 20171018
Rising 20171018
SentinelOne (Static ML) 20171001
Sophos AV 20171018
SUPERAntiSpyware 20171018
Symantec 20171018
Symantec Mobile Insight 20171011
Tencent 20171018
TheHacker 20171017
TotalDefense 20171018
Trustlook 20171018
VBA32 20171018
VIPRE 20171018
ViRobot 20171018
Webroot 20171018
Yandex 20171017
Zillya 20171018
ZoneAlarm by Check Point 20171018
Zoner 20171018
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2000-2002 Microsoft Corporation

Product DirectX 9 SDK
Original name PlayCap.EXE
Internal name PlayCap
File version 9.00
Description PlayCap Application
Comments DirectShow Sample
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-03-08 10:03:00
Entry Point 0x0000838F
Number of sections 4
PE sections
PE imports
SetStretchBltMode
GetStockObject
StretchDIBits
GetLastError
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetOEMCP
LCMapStringA
HeapDestroy
ExitProcess
IsBadWritePtr
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
LoadLibraryA
GetShortPathNameA
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
WritePrivateProfileStringA
GetFileSize
CreateFileA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
IsBadReadPtr
OpenMutexA
SetStdHandle
CreateMutexA
GetModuleHandleA
GetCPInfo
GetStringTypeA
SetFilePointer
ReadFile
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
CloseHandle
GetACP
HeapReAlloc
GetStringTypeW
GetCurrentThreadId
TerminateProcess
WideCharToMultiByte
InitializeCriticalSection
HeapCreate
VirtualFree
InterlockedDecrement
Sleep
GetFileType
TlsSetValue
IsBadCodePtr
HeapAlloc
GetVersion
InterlockedIncrement
VirtualAlloc
GetCurrentProcessId
SetLastError
LeaveCriticalSection
OleCreatePropertyFrame
Shell_NotifyIconA
GetMessageA
UpdateWindow
EndDialog
BeginPaint
KillTimer
DestroyMenu
PostQuitMessage
DefWindowProcA
ShowWindow
SendDlgItemMessageA
GetWindowRect
DispatchMessageA
EndPaint
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
TranslateMessage
GetDC
GetCursorPos
ReleaseDC
LoadMenuA
CheckMenuItem
SetTimer
CreateDialogParamA
RegisterClassA
GetSubMenu
CreateWindowExA
LoadCursorA
LoadIconA
TrackPopupMenu
AdjustWindowRect
GetMenuState
wsprintfW
SetForegroundWindow
GetOpenFileNameA
GetSaveFileNameA
CoInitializeEx
CoUninitialize
CreateItemMoniker
GetRunningObjectTable
CoCreateInstance
CoTaskMemFree
Number of PE resources by type
RT_MENU 3
RT_ICON 2
RT_DIALOG 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
CHINESE SIMPLIFIED 8
PE resources
ExifTool file metadata
FileDescription
PlayCap Application

Comments
DirectShow Sample

InitializedDataSize
33640448

ImageVersion
0.0

ProductName
DirectX 9 SDK

FileVersionNumber
1.0.1.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
PlayCap.EXE

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
9.0

TimeStamp
2010:03:08 11:03:00+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
PlayCap

SubsystemVersion
4.0

ProductVersion
9.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright (c) 2000-2002 Microsoft Corporation

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft

CodeSize
53248

FileSubtype
0

ProductVersionNumber
1.0.1.0

EntryPoint
0x838f

ObjectFileType
Executable application

File identification
MD5 50781064a4881f8669a59e67bacea378
SHA1 8030d00cc8a53d4a2c440d656cb03a38ffc6e065
SHA256 868f384b9f04b04ed4a59b4a44250de09b6e61e7235435aefb6e4a23e7e58cb4
ssdeep
1536:nJBAbr57KlVWeOT4yjlocJM+oQnLl8c25hp:nJB8r57KlQlPJdoQnqc25hp

authentihash 817674b95a279f9969c1976f83078553a22190971cb88e7314eb4ab4b09100d4
imphash eee80af48b2e8350c42af76a89ce777e
File size 80.0 KB ( 81920 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe armadillo

VirusTotal metadata
First submission 2010-07-04 03:16:01 UTC ( 8 years, 9 months ago )
Last submission 2013-04-03 14:30:19 UTC ( 6 years ago )
File names 3288.exe
PlayCap
FE8F0C5F00B2867D40C401FC2EEE8E008F09D12A.exe
3288.exe
3288.exe
3288.exe
3288.exe
3288.EXE._8030D00CC8A53D4A2C440D656CB03A38FFC6E065
USB 2.0 PC CAMERA.exe
3288.exe
PlayCap.EXE
file-3980512_exe
3288.exe
50781064a4881f8669a59e67bacea378
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!