× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 89352716523e474514553e2092a1ae9349c5c7ff9e79c7861dd65fe19be88b61
File name: DiabloIIDemo.exe
Detection ratio: 0 / 58
Analysis date: 2017-02-23 12:48:45 UTC ( 9 months ago )
Antivirus Result Update
Ad-Aware 20170223
AegisLab 20170223
AhnLab-V3 20170222
Alibaba 20170223
ALYac 20170223
Antiy-AVL 20170223
Arcabit 20170223
Avast 20170223
AVG 20170223
Avira (no cloud) 20170223
AVware 20170223
Baidu 20170223
BitDefender 20170223
CAT-QuickHeal 20170223
ClamAV 20170223
CMC 20170223
Comodo 20170223
CrowdStrike Falcon (ML) 20170130
Cyren 20170223
DrWeb 20170223
Emsisoft 20170223
Endgame 20170222
ESET-NOD32 20170223
F-Prot 20170223
F-Secure 20170223
Fortinet 20170223
GData 20170223
Ikarus 20170223
Sophos ML 20170203
Jiangmin 20170223
K7AntiVirus 20170223
K7GW 20170223
Kaspersky 20170223
Kingsoft 20170223
Malwarebytes 20170223
McAfee 20170223
McAfee-GW-Edition 20170223
Microsoft 20170223
eScan 20170223
NANO-Antivirus 20170223
nProtect 20170223
Panda 20170222
Qihoo-360 20170223
Rising 20170223
Sophos AV 20170223
SUPERAntiSpyware 20170223
Symantec 20170222
Tencent 20170223
TheHacker 20170221
TotalDefense 20170223
TrendMicro 20170223
TrendMicro-HouseCall 20170223
Trustlook 20170223
VBA32 20170223
VIPRE 20170223
ViRobot 20170223
Webroot 20170223
WhiteArmor 20170222
Yandex 20170222
Zillya 20170222
Zoner 20170223
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1999

Product Diablo II Installer
Original name Install.exe
Internal name Install
File version 1, 0, 0, 5
Description Diablo II Installer
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2000-12-06 03:47:49
Entry Point 0x000319D1
Number of sections 4
PE sections
Overlays
MD5 4c721083d8fae9f40de5fe518d8f6a39
File type data
Offset 323584
Size 137986101
Entropy 7.95
PE imports
RegDeleteKeyA
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
GetUserNameA
RegQueryValueExA
RegSetValueExA
AdjustTokenPrivileges
RegEnumKeyA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegQueryInfoKeyA
GetDeviceCaps
DeleteDC
GetSystemPaletteEntries
SelectObject
CreatePalette
GetStockObject
SetDIBColorTable
SelectPalette
SetPaletteEntries
BitBlt
CreateDIBSection
CreateCompatibleDC
DeleteObject
RealizePalette
GetStdHandle
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
lstrcatA
SetErrorMode
VirtualLock
SetStdHandle
GetCPInfo
GetStringTypeA
WriteFile
GetDiskFreeSpaceA
GetStringTypeW
GetFullPathNameA
GetOEMCP
MoveFileA
ResumeThread
GetExitCodeProcess
InitializeCriticalSection
FindClose
TlsGetValue
FormatMessageA
OutputDebugStringA
SetLastError
GetEnvironmentVariableA
ExitProcess
GetVersionExA
GetModuleFileNameA
GetVolumeInformationA
SetThreadPriority
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
SetFilePointer
CreateThread
SetUnhandledExceptionFilter
GetSystemDirectoryA
MoveFileExA
TerminateProcess
VirtualQuery
SetEndOfFile
GetVersion
GetProcAddress
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
FreeLibrary
GetTickCount
IsBadWritePtr
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
ExitThread
GetStartupInfoA
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
ReadProcessMemory
SetEvent
GetUserDefaultLCID
GetProcessHeap
FreeEnvironmentStringsW
lstrcmpA
FindFirstFileA
lstrcpyA
InterlockedIncrement
GetTempFileNameA
CreateFileMappingA
FindNextFileA
ExpandEnvironmentStringsA
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
UnmapViewOfFile
GetSystemInfo
lstrlenA
LCMapStringA
HeapReAlloc
GetEnvironmentStringsW
RemoveDirectoryA
GetShortPathNameA
GetEnvironmentStrings
WritePrivateProfileStringA
WideCharToMultiByte
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
MapViewOfFile
TlsFree
GetModuleHandleA
VirtualUnlock
ReadFile
CloseHandle
lstrcpynA
GetACP
GetCurrentThreadId
CreateProcessA
HeapCreate
VirtualFree
IsBadReadPtr
IsBadCodePtr
OpenEventA
VirtualAlloc
SHGetFileInfoA
FindExecutableA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA
SetFocus
ShowCursor
GetForegroundWindow
GetParent
PostMessageA
EndDialog
PostQuitMessage
ReleaseCapture
KillTimer
LoadImageA
BeginPaint
RegisterWindowMessageA
DefWindowProcA
ShowWindow
SetClassLongA
MessageBeep
SetWindowPos
FindWindowA
GetSystemMetrics
IsWindow
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
SetCapture
MoveWindow
GetDlgItemTextA
MessageBoxA
PeekMessageA
SetWindowLongA
wvsprintfA
TranslateMessage
DialogBoxParamA
DestroyCursor
SetActiveWindow
GetDC
RegisterClassExA
GetAsyncKeyState
ReleaseDC
WaitMessage
SetWindowTextA
LoadStringA
IsWindowVisible
SendMessageA
GetWindowTextA
CreateWindowExA
GetDlgItem
GetWindowLongA
BringWindowToTop
IsIconic
RegisterClassA
InvalidateRect
wsprintfA
SetTimer
LoadCursorA
LoadIconA
GetActiveWindow
AdjustWindowRect
WaitForInputIdle
GetDesktopWindow
CallWindowProcA
CreateCursor
EndPaint
SetForegroundWindow
DestroyWindow
ExitWindowsEx
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
PlaySoundA
GetSaveFileNameA
CoCreateInstance
CoInitialize
Number of PE resources by type
RT_DIALOG 25
RT_STRING 15
RT_GROUP_CURSOR 1
RT_ICON 1
RT_CURSOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 43
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
16977920

ImageVersion
0.0

ProductName
Diablo II Installer

FileVersionNumber
1.0.0.5

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
Install.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1, 0, 0, 5

TimeStamp
2000:12:06 04:47:49+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Install

ProductVersion
Version 1.00

FileDescription
Diablo II Installer

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 1999

MachineType
Intel 386 or later, and compatibles

CompanyName
Blizzard Entertainment

CodeSize
245760

FileSubtype
0

ProductVersionNumber
1.0.0.5

EntryPoint
0x319d1

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 9ae5033551a078937cd5d1f388cd8438
SHA1 f7aa7f76b9f4c7584d4980cb32a7de97394a3f05
SHA256 89352716523e474514553e2092a1ae9349c5c7ff9e79c7861dd65fe19be88b61
ssdeep
3145728:xEEozwHNAbKZmyXojgvRuCFiBKtJUAg9050tsRhaZvWXQObXbf1k1VcO:x6zwHNAbKZ3XAgvs8iBKtJUH940tsRh0

authentihash 1f97da1134e2a6da0b6e6488ff296b7c358b6466a384d5a912feadb5fd1ee765
imphash d2a02ec4b49ba804949c1c0ab3f76bb2
File size 131.9 MB ( 138309685 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.4%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe nsrl armadillo overlay software-collection

VirusTotal metadata
First submission 2015-09-05 10:14:12 UTC ( 2 years, 2 months ago )
Last submission 2016-12-18 03:18:12 UTC ( 11 months, 1 week ago )
File names diablo-ii-178-jetelecharge.exe
Install.exe
89352716523E474514553E2092A1AE9349C5C7FF9E79C7861DD65FE19BE88B61
diablo-ii-178-jetelecharge.exe
diablo2_demo.exe
diablo-ii.exe
Install
DiabloIIDemo.exe
DiabloIIDemo.exe
National Software Reference Library (NIST)
The National Software Reference Library (NSRL) is designed to collect software from various sources and incorporate file profiles computed from this software into a reference data set of information. This file was found in the NSRL dataset, in the following products and with the following file names.
Products Diablo II (Blizzard Entertainment Inc.)
File names DiabloIIDemo.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!