× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8b65185eb74600a573b83c863c13604b9b94afb6f0f310f9fc8e3fb0c51d6c60
File name: aurora-dusk-8291-jetelecharge.exe
Detection ratio: 1 / 67
Analysis date: 2018-09-13 02:13:21 UTC ( 7 months, 1 week ago )
Antivirus Result Update
Webroot W32.Adware.Installcore 20180913
Ad-Aware 20180912
AegisLab 20180912
AhnLab-V3 20180912
Alibaba 20180713
ALYac 20180913
Antiy-AVL 20180913
Arcabit 20180913
Avast 20180913
Avast-Mobile 20180912
AVG 20180913
Avira (no cloud) 20180912
AVware 20180913
Babable 20180907
Baidu 20180912
BitDefender 20180913
Bkav 20180912
CAT-QuickHeal 20180912
ClamAV 20180912
CMC 20180912
Comodo 20180912
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180913
Cyren 20180913
DrWeb 20180913
eGambit 20180913
Emsisoft 20180913
Endgame 20180730
ESET-NOD32 20180913
F-Prot 20180913
F-Secure 20180912
Fortinet 20180913
GData 20180913
Ikarus 20180912
Sophos ML 20180717
Jiangmin 20180912
K7AntiVirus 20180912
K7GW 20180912
Kaspersky 20180912
Kingsoft 20180913
Malwarebytes 20180912
MAX 20180913
McAfee 20180912
McAfee-GW-Edition 20180912
Microsoft 20180912
eScan 20180913
NANO-Antivirus 20180912
Palo Alto Networks (Known Signatures) 20180913
Panda 20180912
Qihoo-360 20180913
Rising 20180913
SentinelOne (Static ML) 20180830
Sophos AV 20180912
SUPERAntiSpyware 20180907
Symantec 20180912
Symantec Mobile Insight 20180911
TACHYON 20180912
Tencent 20180913
TheHacker 20180907
TotalDefense 20180912
TrendMicro 20180913
TrendMicro-HouseCall 20180913
Trustlook 20180913
VBA32 20180912
VIPRE 20180913
ViRobot 20180912
Yandex 20180912
Zillya 20180912
ZoneAlarm by Check Point 20180913
Zoner 20180912
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Product Aurora Dusk
File version
Description Aurora Dusk Setup
Comments This installation was built with Inno Setup.
Packers identified
F-PROT INNO, UTF-8
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x0000AA98
Number of sections 8
PE sections
Overlays
MD5 073e61ebe43320708083b2340286036a
File type data
Offset 54272
Size 53125134
Entropy 8.00
PE imports
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegQueryValueExA
AdjustTokenPrivileges
RegOpenKeyExA
InitCommonControls
GetSystemTime
GetLastError
GetEnvironmentVariableA
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
GetSystemInfo
GetFileAttributesA
GetExitCodeProcess
ExitProcess
CreateDirectoryA
VirtualProtect
GetVersionExA
RemoveDirectoryA
RtlUnwind
LoadLibraryA
GetACP
DeleteCriticalSection
GetCurrentProcess
SizeofResource
GetLocaleInfoA
LocalAlloc
LockResource
IsDBCSLeadByte
DeleteFileA
GetWindowsDirectoryA
GetSystemDefaultLCID
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GetProcAddress
FormatMessageA
SetFilePointer
RaiseException
WideCharToMultiByte
GetModuleHandleA
ReadFile
InterlockedExchange
WriteFile
CloseHandle
GetSystemDirectoryA
GetFullPathNameA
LocalFree
CreateProcessA
GetModuleFileNameA
InitializeCriticalSection
LoadResource
VirtualQuery
VirtualFree
TlsGetValue
Sleep
GetFileType
SetEndOfFile
TlsSetValue
CreateFileA
GetVersion
FindResourceA
VirtualAlloc
GetFileSize
SetLastError
LeaveCriticalSection
SysStringLen
SysAllocStringLen
VariantCopyInd
VariantClear
VariantChangeTypeEx
CharPrevA
CreateWindowExA
LoadStringA
DispatchMessageA
CallWindowProcA
MessageBoxA
PeekMessageA
SetWindowLongA
MsgWaitForMultipleObjects
TranslateMessage
ExitWindowsEx
DestroyWindow
Number of PE resources by type
RT_STRING 6
RT_ICON 1
RT_MANIFEST 1
RT_RCDATA 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
ENGLISH US 4
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
This installation was built with Inno Setup.

InitializedDataSize
11776

ImageVersion
6.0

ProductName
Aurora Dusk

FileVersionNumber
0.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Unicode

LinkerVersion
2.25

FileTypeExtension
exe

MIMEType
application/octet-stream

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.2.0

FileDescription
Aurora Dusk Setup

OSVersion
1.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Sylvain Harlaut

CodeSize
41472

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0xaa98

ObjectFileType
Executable application

File identification
MD5 89c8cbcf170bbdc47c83ef7b5ea8f92c
SHA1 ffe4d0ca1f648e3315d6ffbf96f4b25e4142652b
SHA256 8b65185eb74600a573b83c863c13604b9b94afb6f0f310f9fc8e3fb0c51d6c60
ssdeep
786432:aqVikrH14cl/XvOjPve5MWTlYEiBGbAHaAJaVIGhwygBMZR2BeiEZhaG4nH:aqsKvOreiWTlfi8bEzabhwhBMZRDPha5

authentihash 63a6bbb03845df175e4549c535efa54167dafd2208157e5a444743e3017607e6
imphash 2fb819a19fe4dee5c03e8c6a79342f79
File size 50.7 MB ( 53179406 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Inno Setup installer (59.4%)
Win32 EXE PECompact compressed (generic) (22.5%)
Win32 Executable Delphi generic (7.6%)
Win32 Dynamic Link Library (generic) (3.5%)
Win32 Executable (generic) (2.4%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-04-17 09:15:10 UTC ( 3 years ago )
Last submission 2018-09-13 02:13:21 UTC ( 7 months, 1 week ago )
File names AuroraDusk_1.2.0.exe
aurora-dusk-8291-jetelecharge.exe
AuroraDusk.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!