× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 98c746a4707a875f8077d79550f7129b459ae784de05b05f349f89ddecf56d30
File name: Photoshop.exe.vir
Detection ratio: 0 / 56
Analysis date: 2015-02-04 13:42:56 UTC ( 2 years, 8 months ago ) View latest
Antivirus Result Update
Ad-Aware 20150204
AegisLab 20150204
Yandex 20150202
AhnLab-V3 20150204
Alibaba 20150203
ALYac 20150208
Antiy-AVL 20150204
Avast 20150204
AVG 20150208
Avira (no cloud) 20150204
AVware 20150207
Baidu-International 20150204
BitDefender 20150204
Bkav 20150203
ByteHero 20150204
CAT-QuickHeal 20150204
ClamAV 20150204
CMC 20150202
Comodo 20150204
Cyren 20150204
DrWeb 20150204
Emsisoft 20150204
ESET-NOD32 20150204
F-Prot 20150204
F-Secure 20150208
Fortinet 20150204
GData 20150204
Ikarus 20150204
K7AntiVirus 20150204
K7GW 20150204
Kaspersky 20150204
Kingsoft 20150208
Malwarebytes 20150204
McAfee 20150204
McAfee-GW-Edition 20150204
Microsoft 20150204
eScan 20150204
NANO-Antivirus 20150204
Norman 20150204
nProtect 20150204
Panda 20150204
Qihoo-360 20150204
Rising 20150203
Sophos AV 20150204
SUPERAntiSpyware 20150204
Symantec 20150208
Tencent 20150204
TheHacker 20150203
TotalDefense 20150204
TrendMicro 20150208
TrendMicro-HouseCall 20150208
VBA32 20150204
VIPRE 20150208
ViRobot 20150204
Zillya 20150208
Zoner 20150202
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 2005 Adobe Systems Inc.

Product Adobe Photoshop CS2
Original name Photoshop.exe
Internal name Photoshop
File version 9.0 (9.0x196)
Description Adobe Photoshop CS2
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-03-22 12:29:32
Entry Point 0x00B303EC
Number of sections 4
PE sections
PE imports
GetVolumePathNameW
GetStdHandle
GetDriveTypeW
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
FindFirstFileW
HeapDestroy
DebugBreak
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
CompareFileTime
GetLocaleInfoA
LocalAlloc
lstrcatA
SetErrorMode
GetLogicalDrives
lstrcpyA
GetLocaleInfoW
GetFileTime
IsDBCSLeadByteEx
GetTempPathA
GetCPInfo
LoadLibraryW
GetDiskFreeSpaceW
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
HeapReAlloc
GetFullPathNameA
FreeLibrary
GetProfileIntW
ResumeThread
GetLogicalDriveStringsA
InitializeCriticalSection
LoadResource
GetLogicalDriveStringsW
FindClose
TlsGetValue
FormatMessageA
OutputDebugStringA
SetLastError
GetSystemTime
CopyFileW
GetUserDefaultLangID
RemoveDirectoryW
ExitProcess
GetVersionExA
GetModuleFileNameA
LoadLibraryA
RaiseException
LoadLibraryExA
GetVolumeInformationW
MultiByteToWideChar
SetFilePointerEx
MoveFileW
CreateMutexA
GetModuleHandleA
_lclose
GlobalAddAtomW
CreateThread
GetExitCodeThread
CreateMutexW
MulDiv
ExitThread
GetDiskFreeSpaceExA
GetVersion
SetCurrentDirectoryW
GlobalAlloc
GetDiskFreeSpaceExW
SetEndOfFile
GetCurrentThreadId
SleepEx
CloseHandle
HeapFree
EnterCriticalSection
lstrcmpiA
GetLastError
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
lstrcmpiW
GlobalSize
GetStartupInfoA
GetDateFormatA
GetWindowsDirectoryW
GetFileSize
GetWindowsDirectoryA
CreateDirectoryW
DeleteFileW
GlobalLock
GetProcessHeap
GetTempFileNameW
CompareStringW
lstrcpyW
GetFileSizeEx
GlobalReAlloc
GetModuleFileNameW
lstrcmpA
FindNextFileW
GetDiskFreeSpaceA
EnumResourceNamesA
ResetEvent
GetTempFileNameA
GetComputerNameA
FindNextFileA
GlobalMemoryStatus
lstrcmpW
FindFirstFileExW
GetProcAddress
CreateEventW
CreateFileW
CreateFileA
HeapAlloc
LeaveCriticalSection
GlobalGetAtomNameW
GlobalDeleteAtom
GetShortPathNameW
GetSystemInfo
lstrlenA
GlobalFree
FindResourceW
GlobalUnlock
lstrlenW
VirtualFree
OpenFile
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCommandLineW
GetCurrentDirectoryA
HeapSize
CopyFileExW
GetCurrentThread
SuspendThread
GetSystemDefaultLangID
QueryPerformanceFrequency
SetFilePointer
ReadFile
FindFirstFileA
GetACP
GetModuleHandleW
FreeResource
GetFileAttributesExW
CreateProcessA
WideCharToMultiByte
IsValidCodePage
HeapCreate
OpenEventW
SetCurrentDirectoryA
CreateProcessW
Sleep
GetFileAttributesExA
GetProfileStringA
FindResourceA
VirtualAlloc
GetTimeFormatA
?begin@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AViterator@12@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?compare@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEHABV12@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?rfind@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?replace@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IIPBG@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
?reserve@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXI@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@IAEX_NI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?end@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AViterator@12@XZ
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIABV12@I@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?compare@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEHIIPBG@Z
?compare@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEHPBG@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
?find_first_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?rfind@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
??0?$_String_val@GV?$allocator@G@std@@@std@@IAE@V?$allocator@G@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
?clear@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?copy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPAGII@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
__p__fmode
fseek
_CIcos
??1type_info@@UAE@XZ
fclose
_snwprintf
strtoul
_fstat
fread
_except_handler3
strtok
strtod
fwrite
frexp
wcscmp
_XcptFilter
isspace
_close
__CxxFrameHandler
_CxxThrowException
_ismbblead
??3@YAXPAX@Z
__security_error_handler
ceil
wcsncmp
ctime
??_V@YAXPAX@Z
strstr
?set_terminate@@YAP6AXXZP6AXXZ@Z
memmove
_ltoa
wcsrchr
_isnan
modf
_fpreset
strncmp
tmpfile
_access
??0exception@@QAE@ABV0@@Z
_hypot
??_U@YAPAXI@Z
wcschr
_stricmp
__RTDynamicCast
_setmode
fflush
strchr
??2@YAPAXI@Z
isxdigit
ftell
exit
sprintf
strrchr
_acmdln
?what@exception@@UBEPBDXZ
free
_CIsqrt
__getmainargs
_stat
_wopen
_CIpow
__RTtypeid
_heapmin
_CIacos
islower
_initterm
isupper
rand
realloc
__dllonexit
ldexp
_setjmp3
toupper
?set_unexpected@@YAP6AXXZP6AXXZ@Z
fopen
_vsnwprintf
strncpy
_cexit
isalnum
_HUGE
qsort
_onexit
wcslen
isalpha
_snprintf
_itow
__setusermatherr
_spawnl
wcsncpy
?name@type_info@@QBEPBDXZ
getenv
wcscat
atoi
atol
_purecall
atof
??9type_info@@QBEHABV0@@Z
strerror
swscanf
wcscpy
__CxxLongjmpUnwind
abort
strspn
_strnicmp
_controlfp
localtime
malloc
sscanf
srand
swprintf
isdigit
towupper
strncat
?terminate@@YAXXZ
_c_exit
strtol
_chdrive
_errno
??0exception@@QAE@ABQBD@Z
__p__commode
_amsg_exit
longjmp
tolower
??1exception@@UAE@XZ
_adjust_fdiv
??8type_info@@QBEHABV0@@Z
_CIsin
_splitpath
strpbrk
calloc
memchr
_exit
floor
_wtof
??0exception@@QAE@XZ
time
wcsstr
__set_app_type
_wtoi
PE exports
Number of PE resources by type
RT_ICON 648
RT_GROUP_ICON 81
RT_MANIFEST 1
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
RHAETO ROMANCE DEFAULT 732
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
7.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
9.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
4947968

EntryPoint
0xb303ec

OriginalFileName
Photoshop.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2005 Adobe Systems Inc.

FileVersion
9.0 (9.0x196)

TimeStamp
2005:03:22 13:29:32+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Photoshop

ProductVersion
CS2

FileDescription
Adobe Photoshop CS2

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Adobe Systems, Incorporated

CodeSize
15007744

ProductName
Adobe Photoshop CS2

ProductVersionNumber
9.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 f4fa892d15433f82098a640637c3315a
SHA1 abfa6b90a4a621fd7f76df54142d7ecf14400b88
SHA256 98c746a4707a875f8077d79550f7129b459ae784de05b05f349f89ddecf56d30
ssdeep
393216:kGwjktJA8D+AijgRJqP1q+bDpoMY7jW2jQiTOEaw:XtO8D+Pjg7qPAM2MY7B

authentihash ddeb1ea0f613dac00b0e3cf900905485d5a9f0bbc0445be6b46ae320ca48f5c7
imphash 464c71889a483305afe0079e856fa418
File size 18.6 MB ( 19533824 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 EXE PECompact compressed (generic) (53.4%)
Win64 Executable (generic) (35.5%)
Win32 Executable (generic) (5.8%)
Generic Win/DOS Executable (2.5%)
DOS Executable Generic (2.5%)
Tags
peexe nsrl

VirusTotal metadata
First submission 2009-03-20 19:38:20 UTC ( 8 years, 7 months ago )
Last submission 2017-08-01 14:50:02 UTC ( 2 months, 2 weeks ago )
File names Photoshop
Photoshop.exe
Photoshop.exe
Photoshop.exe
file-3424837_exe
Photoshop.exe
Photoshop.exe
Photoshop.exe
filename
Photoshop.exe
smona_98c746a4707a875f8077d79550f7129b459ae784de05b05f349f89ddecf56d30.bin
Photoshop.exe
Photoshop.exe
Photoshop.exe
Photoshop.exe
photoshop.exe
Photoshop.exe.vir
Photoshop.exe
National Software Reference Library (NIST)
The National Software Reference Library (NSRL) is designed to collect software from various sources and incorporate file profiles computed from this software into a reference data set of information. This file was found in the NSRL dataset, in the following products and with the following file names.
Products Creative Suite 2 Premium (Adobe Systems Incorporated)
Adobe Photoshop CS2 (Adobe Systems Incorporated)
File names Photoshop.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!