× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 878d90ff5735341123c2bf8814ef7eaa47a5ce84f86617fc78160754473ec5f9
File name: SNB.exe
Detection ratio: 2 / 53
Analysis date: 2016-02-05 13:45:50 UTC ( 3 years, 2 months ago ) View latest
Antivirus Result Update
Qihoo-360 HEUR/QVM10.1.Malware.Gen 20160205
Rising PE:Malware.Generic(Thunder)!1.A1C4 [F] 20160205
Ad-Aware 20160205
AegisLab 20160205
Yandex 20160204
AhnLab-V3 20160205
Alibaba 20160204
ALYac 20160205
Antiy-AVL 20160205
Arcabit 20160205
Avast 20160205
AVG 20160205
Baidu-International 20160205
BitDefender 20160205
Bkav 20160204
ByteHero 20160205
CAT-QuickHeal 20160205
ClamAV 20160204
CMC 20160205
Comodo 20160205
Cyren 20160205
DrWeb 20160205
Emsisoft 20160205
ESET-NOD32 20160205
F-Prot 20160129
F-Secure 20160205
Fortinet 20160205
GData 20160205
Ikarus 20160205
Jiangmin 20160205
K7AntiVirus 20160205
K7GW 20160205
Kaspersky 20160205
Malwarebytes 20160205
McAfee 20160205
McAfee-GW-Edition 20160205
Microsoft 20160205
eScan 20160205
NANO-Antivirus 20160205
nProtect 20160205
Panda 20160205
Sophos AV 20160205
SUPERAntiSpyware 20160205
Symantec 20160204
Tencent 20160205
TheHacker 20160203
TrendMicro 20160205
TrendMicro-HouseCall 20160205
VBA32 20160204
VIPRE 20160205
ViRobot 20160205
Zillya 20160204
Zoner 20160205
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2014

Product Skype: No Border
Original name SNB.exe
Internal name SNB.exe
File version 1.1.1.0
Description Skype: No Border
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-02-05 13:39:38
Entry Point 0x0000521C
Number of sections 6
PE sections
PE imports
SystemFunction036
GetStockObject
GetStdHandle
InterlockedPopEntrySList
SetEvent
EncodePointer
CreateTimerQueue
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
FreeEnvironmentStringsW
InitializeSListHead
SetStdHandle
WideCharToMultiByte
WriteFile
GetSystemTimeAsFileTime
GetCommandLineA
GetThreadTimes
HeapReAlloc
GetStringTypeW
FreeLibrary
GetThreadPriority
FreeLibraryAndExitThread
FindClose
TlsGetValue
SignalObjectAndWait
InterlockedPushEntrySList
SetLastError
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
HeapAlloc
SetThreadPriority
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
DeleteTimerQueueTimer
RegisterWaitForSingleObject
CreateThread
InterlockedFlushSList
GetExitCodeThread
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
ExitThread
DecodePointer
TerminateProcess
GetModuleHandleExW
ChangeTimerQueueTimer
GetCurrentThreadId
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
RtlUnwind
GetStartupInfoW
GetProcAddress
GetProcessHeap
QueryDepthSList
FindNextFileW
CreateTimerQueueTimer
DuplicateHandle
FindFirstFileExW
GetProcessAffinityMask
CreateEventW
CreateFileW
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GetConsoleCP
UnregisterWaitEx
GetEnvironmentStringsW
WaitForSingleObjectEx
SwitchToThread
UnregisterWait
GetCurrentProcessId
GetCommandLineW
GetCPInfo
HeapSize
SetThreadAffinityMask
GetCurrentThread
RaiseException
ReleaseSemaphore
TlsFree
GetModuleHandleA
CloseHandle
GetACP
GetModuleHandleW
GetLogicalProcessorInformation
GetNumaHighestNodeNumber
IsValidCodePage
VirtualFree
Sleep
VirtualAlloc
Shell_NotifyIconW
PostQuitMessage
DefWindowProcW
FindWindowW
GetMessageW
ShowWindow
GetSystemMetrics
MessageBoxW
RegisterClassExW
AppendMenuW
TranslateMessage
PostMessageW
DispatchMessageW
GetCursorPos
CreatePopupMenu
SendMessageW
LoadImageW
TrackPopupMenu
LoadCursorW
LoadIconW
CreateWindowExW
GetWindowLongW
SetForegroundWindow
DestroyWindow
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
Number of PE resources by type
RT_ICON 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 7
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.0

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.1.1.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
118272

EntryPoint
0x521c

OriginalFileName
SNB.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2014

FileVersion
1.1.1.0

TimeStamp
2016:02:05 14:39:38+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
SNB.exe

ProductVersion
1.1.1.0

FileDescription
Skype: No Border

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Recelate

CodeSize
184832

ProductName
Skype: No Border

ProductVersionNumber
1.1.1.0

FileTypeExtension
exe

ObjectFileType
Unknown

File identification
MD5 8e9118a429dc78881fb30c600f91942d
SHA1 7a70e7a21255fb10c37f89aad5e9a9e88f85fcdc
SHA256 878d90ff5735341123c2bf8814ef7eaa47a5ce84f86617fc78160754473ec5f9
ssdeep
6144:HbXYACNvrDJjVv0KTg4PsE5tu0OP9l+NXT/45bx4WYbzAX4nSkm9ZuTVe:7XYA8vr/ZTqE5t+v+5E5d4fAIg

authentihash 874ed623cf4d61fd35f1b8b881690a020f8bae3e5fb79f0933cdb249306fb9f3
imphash 76e87477d590b1b60886ab792b231cf5
File size 293.0 KB ( 300032 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.4%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-02-05 13:40:53 UTC ( 3 years, 2 months ago )
Last submission 2016-02-05 13:45:50 UTC ( 3 years, 2 months ago )
File names SNB.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!