× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8b1dc60ec5b118b068488844d1dbd397f4221fa3593c7862d3fc13a7ee912048
File name: le-sphinx-373-jetelecharge.exe
Detection ratio: 0 / 69
Analysis date: 2018-09-26 02:40:46 UTC ( 6 months ago )
Antivirus Result Update
Ad-Aware 20180926
AegisLab 20180926
AhnLab-V3 20180925
Alibaba 20180921
ALYac 20180926
Antiy-AVL 20180926
Arcabit 20180926
Avast 20180926
Avast-Mobile 20180925
AVG 20180926
Avira (no cloud) 20180925
AVware 20180925
Babable 20180918
Baidu 20180925
BitDefender 20180926
Bkav 20180925
CAT-QuickHeal 20180923
ClamAV 20180924
CMC 20180925
Comodo 20180926
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180926
Cyren 20180926
DrWeb 20180926
eGambit 20180926
Emsisoft 20180925
Endgame 20180730
ESET-NOD32 20180926
F-Prot 20180926
F-Secure 20180926
Fortinet 20180926
GData 20180926
Ikarus 20180925
Sophos ML 20180717
Jiangmin 20180926
K7AntiVirus 20180925
K7GW 20180926
Kaspersky 20180926
Kingsoft 20180926
Malwarebytes 20180926
MAX 20180926
McAfee 20180926
McAfee-GW-Edition 20180926
Microsoft 20180926
eScan 20180926
NANO-Antivirus 20180926
Palo Alto Networks (Known Signatures) 20180926
Panda 20180925
Qihoo-360 20180926
Rising 20180926
SentinelOne (Static ML) 20180925
Sophos AV 20180925
SUPERAntiSpyware 20180907
Symantec 20180925
Symantec Mobile Insight 20180924
TACHYON 20180926
Tencent 20180926
TheHacker 20180924
TotalDefense 20180925
TrendMicro 20180926
TrendMicro-HouseCall 20180925
Trustlook 20180926
VBA32 20180925
VIPRE 20180925
ViRobot 20180925
Webroot 20180926
Yandex 20180925
Zillya 20180925
ZoneAlarm by Check Point 20180925
Zoner 20180925
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1998-04-23 14:44:26
Entry Point 0x000021C5
Number of sections 4
PE sections
Overlays
MD5 cfe83bc833a3d21e8bb0ae92044e5b44
File type binary Computer Graphics Metafile
Offset 12288
Size 7855075
Entropy 8.00
PE imports
GetDeviceCaps
PatBlt
CreatePalette
GetStockObject
SelectPalette
CreateSolidBrush
SelectObject
DeleteObject
RealizePalette
lstrlenA
GlobalFree
FreeLibrary
ExitProcess
GetVersionExA
GlobalUnlock
GetModuleFileNameA
GlobalAlloc
LoadLibraryA
WinExec
OpenFile
_lwrite
GetWindowsDirectoryA
SetErrorMode
_llseek
GetCommandLineA
GetProcAddress
_lread
GetModuleHandleA
_lclose
_lcreat
lstrcpyA
_lopen
GlobalLock
GlobalHandle
wsprintfA
CreateWindowExA
LoadCursorA
LoadIconA
ReleaseDC
EndPaint
RegisterClassA
BeginPaint
MessageBoxA
SendMessageA
GetClientRect
SetWindowPos
PostQuitMessage
DefWindowProcA
ShowWindow
UpdateWindow
ExitWindowsEx
GetDC
InvalidateRect
PE exports
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

SubsystemVersion
4.0

MachineType
Intel 386 or later, and compatibles

TimeStamp
1998:04:23 15:44:26+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
7680

LinkerVersion
5.1

FileTypeExtension
exe

InitializedDataSize
3584

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

EntryPoint
0x21c5

OSVersion
4.0

ImageVersion
4.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 e8ce7b7063e92a113cb8199c5dbc8a2c
SHA1 38a0c33e6ad8ef00e859dbe346459fb0bb23233b
SHA256 8b1dc60ec5b118b068488844d1dbd397f4221fa3593c7862d3fc13a7ee912048
ssdeep
196608:eM9bCVWkf/ihs5hCEjT4EYwxIerjqbe/+FB:79bC0knihahNgETxIer266

authentihash e6cc549fbfa4a50048d18be780194cf2931df240eda6a80fb837b8c7ba846ede
imphash fc1300250f0ecc0cf4491b54efe75246
File size 7.5 MB ( 7867363 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Wise Installer executable (91.3%)
Win64 Executable (generic) (5.3%)
Win32 Dynamic Link Library (generic) (1.2%)
Win32 Executable (generic) (0.8%)
OS/2 Executable (generic) (0.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2012-12-13 06:51:05 UTC ( 6 years, 3 months ago )
Last submission 2018-09-26 02:40:46 UTC ( 6 months ago )
File names le-sphinx-373-jetelecharge.exe
le-sphinx-373-jetelecharge.exe
DemoSph45FR.exe
le-sphinx-373-jetelecharge.exe
8b1dc60ec5b118b068488844d1dbd397f4221fa3593c7862d3fc13a7ee912048
_cygnPyQ7A.hta
le-sphinx-373-jetelecharge.exe
le-sphinx-373-jetelecharge.exe
le-sphinx-373-jetelecharge.exe
le-sphinx-373-jetelecharge.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Deleted files
Runtime DLLs