× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 947fe0e20d3a2fc490a1a818aeb38c6e16d52d816f87021f3fb51fed2461db58
File name: chocolatey.exe
Detection ratio: 0 / 57
Analysis date: 2016-04-28 12:47:48 UTC ( 2 years, 12 months ago )
Antivirus Result Update
Ad-Aware 20160428
AegisLab 20160428
AhnLab-V3 20160428
Alibaba 20160428
ALYac 20160428
Antiy-AVL 20160428
Arcabit 20160428
Avast 20160428
AVG 20160428
Avira (no cloud) 20160428
AVware 20160428
Baidu 20160428
Baidu-International 20160428
BitDefender 20160428
Bkav 20160428
CAT-QuickHeal 20160428
ClamAV 20160427
CMC 20160428
Comodo 20160428
Cyren 20160428
DrWeb 20160428
Emsisoft 20160428
ESET-NOD32 20160428
F-Prot 20160428
F-Secure 20160428
Fortinet 20160428
GData 20160428
Ikarus 20160428
Jiangmin 20160428
K7AntiVirus 20160428
K7GW 20160428
Kaspersky 20160428
Kingsoft 20160428
Malwarebytes 20160428
McAfee 20160428
McAfee-GW-Edition 20160428
Microsoft 20160428
eScan 20160428
NANO-Antivirus 20160428
nProtect 20160428
Panda 20160427
Qihoo-360 20160428
Rising 20160428
Sophos AV 20160428
SUPERAntiSpyware 20160428
Symantec 20160428
Tencent 20160428
TheHacker 20160426
TotalDefense 20160426
TrendMicro 20160428
TrendMicro-HouseCall 20160428
VBA32 20160427
VIPRE 20160428
ViRobot 20160428
Yandex 20160427
Zillya 20160428
Zoner 20160428
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 2013-Present RealDimensions Software, LLC

Product ShimGen generated shim
Original name chocolatey.exe
Internal name chocolatey.exe
File version 0.2.2.0
Description ShimGen generated shim
Comments This is a shim that points to a particular file. It was generated by ShimGen (Shim Generator). The use of shimgen must comply with its proprietary license.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-01-27 13:11:49
Entry Point 0x00004D3E
Number of sections 3
.NET details
Module Version ID ac25c4ce-e405-4405-be93-cb157de9be66
TypeLib ID 6104579d-2ee7-414d-b467-aa4a1e2d440a
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
This is a shim that points to a particular file. It was generated by ShimGen (Shim Generator). The use of shimgen must comply with its proprietary license.

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.2.2.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
ShimGen generated shim

CharacterSet
Unicode

InitializedDataSize
7168

EntryPoint
0x4d3e

OriginalFileName
chocolatey.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2013-Present RealDimensions Software, LLC

FileVersion
0.2.2.0

TimeStamp
2015:01:27 14:11:49+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
chocolatey.exe

ProductVersion
0.2.2.a14dccccc6b8230daed660c1523e4f0815535324

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
RealDimensions Sofware, LLC

CodeSize
11776

ProductName
ShimGen generated shim

ProductVersionNumber
0.2.2.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.2.2.0

File identification
MD5 d89f2a3e2d3a439d07cef887607d0897
SHA1 ac535832c60528dafd2b0a5095b838b5e8df4a4f
SHA256 947fe0e20d3a2fc490a1a818aeb38c6e16d52d816f87021f3fb51fed2461db58
ssdeep
384:ITPnHpWZKWR9dsaWK0X+tEVcCLW1xbbbbGbZY4he9LL:GP/q9WaCLwxbbbbGbO4h6L

authentihash 65480ae9f26d569dc1c10bd35a29dfaa1c9f9f81e7262b64598ba0a008a614e1
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 19.0 KB ( 19456 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-04-28 12:47:48 UTC ( 2 years, 12 months ago )
Last submission 2016-04-28 12:47:48 UTC ( 2 years, 12 months ago )
File names chocolatey.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!