× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 86ea7172704a0e02f6eb25afde4bb6c46f07bac6ec22f1f63cdac00898a6214e
File name: mrboom
Detection ratio: 0 / 69
Analysis date: 2018-09-25 02:02:01 UTC ( 5 months ago )
Antivirus Result Update
Ad-Aware 20180925
AegisLab 20180925
AhnLab-V3 20180924
Alibaba 20180921
ALYac 20180925
Antiy-AVL 20180925
Arcabit 20180925
Avast 20180925
Avast-Mobile 20180924
AVG 20180925
Avira (no cloud) 20180924
AVware 20180925
Babable 20180918
Baidu 20180914
BitDefender 20180925
Bkav 20180924
CAT-QuickHeal 20180923
ClamAV 20180924
CMC 20180924
Comodo 20180925
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180925
Cyren 20180924
DrWeb 20180924
eGambit 20180925
Emsisoft 20180925
Endgame 20180730
ESET-NOD32 20180925
F-Prot 20180924
F-Secure 20180924
Fortinet 20180924
GData 20180924
Ikarus 20180924
Sophos ML 20180717
Jiangmin 20180924
K7AntiVirus 20180924
K7GW 20180924
Kaspersky 20180925
Kingsoft 20180925
Malwarebytes 20180925
MAX 20180925
McAfee 20180925
McAfee-GW-Edition 20180925
Microsoft 20180925
eScan 20180925
NANO-Antivirus 20180925
Palo Alto Networks (Known Signatures) 20180925
Panda 20180924
Qihoo-360 20180925
Rising 20180925
SentinelOne (Static ML) 20180830
Sophos AV 20180925
SUPERAntiSpyware 20180907
Symantec 20180925
Symantec Mobile Insight 20180924
TACHYON 20180925
Tencent 20180925
TheHacker 20180924
TotalDefense 20180924
TrendMicro 20180925
TrendMicro-HouseCall 20180925
Trustlook 20180925
VBA32 20180924
VIPRE 20180925
ViRobot 20180924
Webroot 20180925
Yandex 20180924
Zillya 20180924
ZoneAlarm by Check Point 20180925
Zoner 20180924
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
FileVersionInfo properties
Copyright
Remdy Software

Product MrBoom
Original name MrBoom.exe
Internal name mrboom
File version 4.5
Description MrBoom
PE header basic information
Target machine x64
Compilation timestamp 2018-05-04 16:09:39
Entry Point 0x000014D0
Number of sections 20
PE sections
Overlays
MD5 eeb21c2f307d8cdfb7db646daf117af7
File type data
Offset 9888256
Size 1810916
Entropy 5.10
PE imports
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
GetTextMetricsW
CreateFontIndirectW
CreatePen
SetDeviceGammaRamp
CombineRgn
Rectangle
GetDeviceGammaRamp
GetDeviceCaps
DeleteDC
SetBkMode
GetPixelFormat
ChoosePixelFormat
CreateDCW
CreateDIBSection
SetTextColor
ExtTextOutW
DescribePixelFormat
CreateBitmap
BitBlt
GetDIBits
SetPixelFormat
CreateCompatibleDC
CreateFontW
SwapBuffers
CreateRectRgn
DeleteObject
CreateSolidBrush
SelectObject
GetTextExtentPoint32W
CreateCompatibleBitmap
ImmSetCompositionStringW
ImmSetCompositionWindow
ImmNotifyIME
ImmGetCandidateListW
ImmGetIMEFileNameA
ImmGetContext
ImmReleaseContext
ImmGetCompositionStringW
ImmAssociateContext
WaitForSingleObject
GetHandleInformation
GetFileAttributesW
VerifyVersionInfoW
DeleteCriticalSection
GetCurrentProcess
SetErrorMode
lstrcatW
GetThreadContext
IsDBCSLeadByteEx
WideCharToMultiByte
WriteFile
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
ResumeThread
SetEvent
FormatMessageW
GetThreadPriority
InitializeCriticalSection
OutputDebugStringW
GlobalHandle
TlsGetValue
OutputDebugStringA
SetLastError
GetEnvironmentVariableA
GetModuleFileNameW
TryEnterCriticalSection
AddVectoredExceptionHandler
IsDebuggerPresent
ExitProcess
RtlAddFunctionTable
QueryPerformanceFrequency
SetThreadPriority
RtlVirtualUnwind
UnhandledExceptionFilter
MultiByteToWideChar
SetFilePointerEx
SetProcessAffinityMask
GetSystemPowerStatus
GetModuleHandleA
CreateSemaphoreA
CreateSemaphoreW
MulDiv
SetEnvironmentVariableA
SetThreadContext
TerminateProcess
SetUnhandledExceptionFilter
GlobalAlloc
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
GetStartupInfoA
CreateDirectoryW
GetProcAddress
GetFileSizeEx
RtlLookupFunctionEntry
CompareStringA
DuplicateHandle
WaitForMultipleObjects
RtlUnwindEx
GetProcessAffinityMask
CreateFileW
CreateEventA
TlsSetValue
RemoveVectoredExceptionHandler
LeaveCriticalSection
GetLastError
GetSystemInfo
GlobalFree
GlobalUnlock
VirtualQuery
lstrlenW
WaitForSingleObjectEx
GetCurrentProcessId
GetCommandLineW
VerSetConditionMask
GetCurrentThread
SuspendThread
RaiseException
ReleaseSemaphore
SetFilePointer
ReadFile
RtlCaptureContext
CloseHandle
lstrcpynA
GlobalLock
GetModuleHandleW
lstrcpyA
Sleep
ResetEvent
SysFreeString
DragAcceptFiles
DragQueryFileW
DragFinish
ExtractIconExW
SHGetFolderPathW
SetWindowRgn
SetWindowLongPtrW
SetWindowPos
ClientToScreen
WindowFromPoint
GetClipboardSequenceNumber
DispatchMessageW
GetCursorPos
ReleaseDC
GetMenu
UnregisterClassW
GetClientRect
DrawTextW
IsClipboardFormatAvailable
GetWindowTextW
ChangeDisplaySettingsExW
GetWindowTextLengthW
TrackMouseEvent
GetClassInfoExW
GetPropW
GetRawInputDeviceList
GetMessageW
ShowWindow
SetPropW
EnumDisplayMonitors
PeekMessageW
TranslateMessage
GetAsyncKeyState
RegisterClassW
SetClipboardData
RegisterRawInputDevices
IsIconic
EnumDisplayDevicesW
GetKeyboardLayout
MonitorFromPoint
CreateWindowExW
GetWindowLongW
GetUpdateRect
DestroyWindow
GetMonitorInfoW
DefWindowProcW
MapVirtualKeyW
ClipCursor
GetClipboardData
SetWindowLongW
GetWindowRect
GetMessageExtraInfo
RegisterDeviceNotificationW
GetRawInputData
SetWindowTextW
GetRawInputDeviceInfoA
RemovePropW
ScreenToClient
GetKeyboardState
DialogBoxIndirectParamW
ValidateRect
CreateIconFromResource
LoadCursorW
EnumDisplaySettingsW
GetDC
SetForegroundWindow
OpenClipboard
EmptyClipboard
SetLayeredWindowAttributes
EndDialog
CreateIconIndirect
MessageBoxW
SendMessageW
RegisterClassExW
AdjustWindowRectEx
GetKeyState
SystemParametersInfoA
GetDoubleClickTime
DestroyIcon
GetWindowLongPtrW
GetDesktopWindow
SetCursorPos
SystemParametersInfoW
InvalidateRect
wsprintfA
CallWindowProcW
UnregisterDeviceNotification
IsRectEmpty
ToUnicode
GetFocus
CloseClipboard
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
waveOutGetErrorTextW
waveOutReset
waveInOpen
waveOutOpen
waveInPrepareHeader
waveOutPrepareHeader
waveOutUnprepareHeader
waveInAddBuffer
waveOutClose
waveInGetNumDevs
timeGetTime
waveOutGetNumDevs
timeEndPeriod
waveInClose
waveInUnprepareHeader
timeBeginPeriod
waveOutWrite
waveOutGetDevCapsW
waveInReset
waveInGetDevCapsW
waveInStart
setsockopt
getaddrinfo
recv
socket
ioctlsocket
bind
inet_addr
send
WSACleanup
WSAStartup
select
freeaddrinfo
connect
sendto
getnameinfo
htons
closesocket
WSAGetLastError
__lconv_init
wcsftime
___lc_codepage_func
_ui64toa
fclose
_time64
_snwprintf
strtoul
fflush
isxdigit
_fmode
strtol
fputc
strtok
fwrite
_wrename
fputs
_strlwr
_setjmp
_close
iswctype
wcscoll
_exit
_strupr
__dllonexit
strrchr
strstr
_write
strcoll
memcpy
perror
memmove
_ltoa
signal
memchr
strncmp
_ultoa
fgetc
memset
strcat
_stricmp
_setmode
fgets
wcscpy
__pioinfo
strchr
asin
fopen
clock
fgetpos
fsetpos
ftell
exit
sprintf
_unlink
_acmdln
ferror
free
ungetc
__getmainargs
raise
_lseeki64
_vsnprintf
putchar
_read
_wopen
fseek
strcmp
strcpy
__mb_cur_max
islower
acos
isupper
strftime
rand
_putenv
setlocale
realloc
strxfrm
__doserrno
calloc
_lseek
toupper
printf
_rmdir
strncpy
_cexit
_itoa
__C_specific_handler
isalnum
qsort
_onexit
wcslen
isalpha
_snprintf
memcmp
__setusermatherr
srand
_fdopen
getenv
atoi
vfprintf
atof
_wstat64
localeconv
strerror
isspace
_beginthreadex
_localtime64
_strnicmp
vsprintf
malloc
fread
abort
fprintf
_i64toa
tan
wcsxfrm
feof
_endthreadex
_amsg_exit
_wremove
_errno
strlen
_lock
__initenv
_strdup
towlower
_fileno
_strrev
longjmp
tolower
atan
_unlock
fwprintf
_initterm
towupper
__argv
_wmkdir
__iob_func
_filelengthi64
getc
setvbuf
__set_app_type
CoUninitialize
CoInitializeEx
CoCreateInstance
PE exports
Number of PE resources by type
RT_ICON 5
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 7
NEUTRAL 1
PE resources
ExifTool file metadata
UninitializedDataSize
2652160

LinkerVersion
2.27

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.5.0.0

LanguageCode
English (British)

FileFlagsMask
0x0000

FileDescription
MrBoom

ImageFileCharacteristics
Executable, No line numbers, Large address aware

CharacterSet
Windows, Latin1

InitializedDataSize
8829440

EntryPoint
0x14d0

OriginalFileName
MrBoom.exe

MIMEType
application/octet-stream

LegalCopyright
Remdy Software

FileVersion
4.5

TimeStamp
2018:05:04 17:09:39+01:00

FileType
Win64 EXE

PEType
PE32+

InternalName
mrboom

ProductVersion
4.5

SubsystemVersion
5.2

OSVersion
4.0

FileOS
Unknown (0)

Subsystem
Windows GUI

MachineType
AMD AMD64

CompanyName
Remdy Software

CodeSize
2270208

ProductName
MrBoom

ProductVersionNumber
4.5.0.0

FileTypeExtension
exe

ObjectFileType
Unknown

File identification
MD5 676c29817590d23ee767c0c02f2cda7d
SHA1 a481761ebbb0f53ae6525e0ebb1e449ef35f80b2
SHA256 86ea7172704a0e02f6eb25afde4bb6c46f07bac6ec22f1f63cdac00898a6214e
ssdeep
98304:dNwrITIFJzoaelkUoyQqFHG+oFtU00BuhglOrMl+qDUknk8h5OlRD+XV3OSu0zUl:rwGILzoayQqFHh1Bujke

authentihash f1943df3439eda3f7433b1f026c03b6e73d76e378b15f2c0e33ebf6fe08a8ddf
imphash cc649dd1ff691606c935a749eebca389
File size 11.2 MB ( 11699172 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI) Mono/.Net assembly

TrID Win64 Executable (generic) (82.0%)
OS/2 Executable (generic) (6.0%)
Generic Win/DOS Executable (5.9%)
DOS Executable Generic (5.9%)
VXD Driver (0.0%)
Tags
64bits peexe assembly overlay

VirusTotal metadata
First submission 2018-05-08 08:43:12 UTC ( 9 months, 3 weeks ago )
Last submission 2018-05-08 08:43:12 UTC ( 9 months, 3 weeks ago )
File names MrBoom.exe
mrboom
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!