× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a25f58a57a01ec6c14ad5118137afd0563d5f453f1b2bf73633ca692c3184edd
File name: invoice.scr
Detection ratio: 1 / 56
Analysis date: 2015-09-21 11:31:26 UTC ( 1 year, 12 months ago ) View latest
Antivirus Result Update
Qihoo-360 HEUR/QVM20.1.Malware.Gen 20150921
Ad-Aware 20150921
AegisLab 20150921
Yandex 20150920
AhnLab-V3 20150921
Alibaba 20150921
ALYac 20150921
Antiy-AVL 20150921
Arcabit 20150921
Avast 20150921
AVG 20150921
Avira (no cloud) 20150921
AVware 20150921
Baidu-International 20150921
BitDefender 20150921
Bkav 20150919
ByteHero 20150921
CAT-QuickHeal 20150921
ClamAV 20150918
CMC 20150921
Comodo 20150921
Cyren 20150921
DrWeb 20150921
Emsisoft 20150921
ESET-NOD32 20150921
F-Prot 20150919
F-Secure 20150921
Fortinet 20150921
GData 20150921
Ikarus 20150921
Jiangmin 20150919
K7AntiVirus 20150921
K7GW 20150921
Kaspersky 20150921
Kingsoft 20150921
Malwarebytes 20150921
McAfee 20150921
McAfee-GW-Edition 20150921
Microsoft 20150921
eScan 20150921
NANO-Antivirus 20150921
nProtect 20150921
Panda 20150921
Rising 20150920
Sophos AV 20150921
SUPERAntiSpyware 20150921
Symantec 20150920
Tencent 20150921
TheHacker 20150921
TrendMicro 20150921
TrendMicro-HouseCall 20150921
VBA32 20150920
VIPRE 20150921
ViRobot 20150921
Zillya 20150920
Zoner 20150921
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-11-20 20:24:52
Entry Point 0x00001000
Number of sections 5
PE sections
PE imports
HeapAlloc
GetModuleHandleA
ExitProcess
HeapFree
GetProcessHeap
GetMessageA
CreateWindowExA
LoadIconA
DispatchMessageA
TranslateMessage
PostQuitMessage
DefWindowProcA
RegisterClassA
Number of PE resources by type
RT_BITMAP 1
RT_GROUP_ICON 1
RT_MANIFEST 1
RT_ICON 1
Number of PE resources by language
NEUTRAL 4
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2007:11:20 21:24:52+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
5120

LinkerVersion
2.53

EntryPoint
0x1000

InitializedDataSize
23552

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
1.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 49be3e728982662a642ac8fa0dd10f4e
SHA1 57786938b7033e04e4e82618fb482c0843249987
SHA256 a25f58a57a01ec6c14ad5118137afd0563d5f453f1b2bf73633ca692c3184edd
ssdeep
384:zHqW+tOOsFiOKvW/rMTK9YROsckUlp7uo2KYY2i8jjsLzSeV/K7HKaOC6:r+UiOFFyLcTlZV2iwn7HKaO

authentihash 32ab3d7c9271ad35bfb0f9eae16d52990a84db813992f66c076df59cefe5a06a
imphash 6a0bcc21641e0332d0d7ab2722932c3d
File size 29.0 KB ( 29696 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.4%)
Win16/32 Executable Delphi generic (19.5%)
Generic Win/DOS Executable (18.8%)
DOS Executable Generic (18.8%)
VXD Driver (0.2%)
Tags
peexe

VirusTotal metadata
First submission 2015-09-21 09:29:09 UTC ( 1 year, 12 months ago )
Last submission 2016-05-30 05:40:36 UTC ( 1 year, 3 months ago )
File names invoice.scr
invoice.scr
49be3e728982662a642ac8fa0dd10f4e
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs