× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a26b7304cf0a15d377a00021b41e956a801d9c82345ecc0cf182599c2e541bcc
File name: sfk.exe
Detection ratio: 0 / 58
Analysis date: 2017-01-11 10:29:08 UTC ( 6 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware 20170111
AegisLab 20170111
AhnLab-V3 20170110
Alibaba 20170111
ALYac 20170111
Antiy-AVL 20170111
Arcabit 20170111
Avast 20170111
AVG 20170111
Avira (no cloud) 20170111
AVware 20170111
Baidu 20170111
BitDefender 20170111
Bkav 20170110
CAT-QuickHeal 20170111
ClamAV 20170111
CMC 20170111
Comodo 20170111
CrowdStrike Falcon (ML) 20161024
Cyren 20170111
DrWeb 20170111
Emsisoft 20170111
ESET-NOD32 20170111
F-Prot 20170111
F-Secure 20170111
Fortinet 20170111
GData 20170111
Ikarus 20170111
Sophos ML 20161216
Jiangmin 20170111
K7AntiVirus 20170111
K7GW 20170111
Kaspersky 20170111
Kingsoft 20170111
Malwarebytes 20170111
McAfee 20170108
McAfee-GW-Edition 20170111
Microsoft 20170111
eScan 20170111
NANO-Antivirus 20170111
nProtect 20170111
Panda 20170110
Qihoo-360 20170111
Rising 20170111
Sophos AV 20170110
SUPERAntiSpyware 20170111
Symantec 20170111
Tencent 20170111
TheHacker 20170108
TotalDefense 20170111
TrendMicro 20170111
TrendMicro-HouseCall 20170111
Trustlook 20170111
VBA32 20170110
VIPRE 20170111
ViRobot 20170111
WhiteArmor 20170109
Yandex 20170110
Zillya 20170110
Zoner 20170111
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-15 18:32:22
Entry Point 0x0011003D
Number of sections 3
PE sections
PE imports
IsValidAcl
LookupPrivilegeValueA
OpenProcessToken
GetKernelObjectSecurity
IsValidSid
GetSecurityDescriptorDacl
GetSecurityDescriptorControl
AdjustTokenPrivileges
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
GetSecurityDescriptorGroup
SetKernelObjectSecurity
IsValidSecurityDescriptor
GetDeviceCaps
GetStdHandle
GetDriveTypeW
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
FindFirstFileW
HeapDestroy
GetFileAttributesW
GetLocalTime
FreeEnvironmentStringsA
CreatePipe
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleMode
GetLocaleInfoA
SetFileAttributesA
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetOEMCP
LocalFree
MoveFileA
InitializeCriticalSection
FindClose
FormatMessageA
GetFullPathNameW
PeekNamedPipe
ReadConsoleInputA
GetNumberOfConsoleInputEvents
HeapAlloc
GetVersionExA
GetModuleFileNameA
GetVolumeInformationA
SetConsoleCtrlHandler
UnhandledExceptionFilter
MultiByteToWideChar
MoveFileW
CreateMutexA
GetModuleHandleA
SetEnvironmentVariableW
SetEnvironmentVariableA
GetDiskFreeSpaceExA
VirtualQuery
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
SetConsoleTextAttribute
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetDateFormatA
DosDateTimeToFileTime
CreateDirectoryA
DeleteFileA
GlobalLock
GetConsoleScreenBufferInfo
GetProcessHeap
CompareStringW
FindFirstFileA
CompareStringA
FindNextFileA
TerminateProcess
DuplicateHandle
GetProcAddress
GetTimeZoneInformation
CreateFileW
GetFileType
SetVolumeLabelA
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
LCMapStringW
HeapCreate
GetSystemInfo
lstrlenA
LCMapStringA
FindNextFileW
GetEnvironmentStringsW
GlobalUnlock
GlobalAlloc
RemoveDirectoryA
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
CopyFileExA
SetFileTime
WideCharToMultiByte
HeapSize
GetCommandLineA
QueryPerformanceFrequency
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
PeekConsoleInputA
GetACP
GetVersion
CreateProcessA
SetConsoleMode
VirtualFree
Sleep
GetFileAttributesExA
VirtualAlloc
GetTimeFormatA
ShellExecuteA
ReleaseDC
IsClipboardFormatAvailable
OemToCharA
EmptyClipboard
SetClipboardData
GetDesktopWindow
MessageBoxA
wsprintfA
GetWindowDC
CloseClipboard
MessageBeep
CharToOemA
GetClipboardData
OpenClipboard
htonl
getsockname
accept
ioctlsocket
WSAStartup
connect
shutdown
htons
select
gethostname
recv
ntohl
inet_addr
send
ntohs
WSAGetLastError
listen
__WSAFDIsSet
WSACleanup
gethostbyname
inet_ntoa
closesocket
setsockopt
socket
bind
recvfrom
sendto
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

TimeStamp
2016:11:15 19:32:22+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
1159168

LinkerVersion
7.1

FileTypeExtension
exe

InitializedDataSize
1040384

SubsystemVersion
4.0

EntryPoint
0x11003d

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 578cedb371bfe8fdf23b733528393bdb
SHA1 6386c9014bf05a2105ae406a9537c05df8bfa7b1
SHA256 a26b7304cf0a15d377a00021b41e956a801d9c82345ecc0cf182599c2e541bcc
ssdeep
49152:L9X9ijNGK7Ugv/75dKGr5xE1OD9prInT6:p9iZGK7Uu/7

authentihash 06b19b22cef000a80fd8c17dd87a81a31abcd5372528a917aec2431f852f6477
imphash 82f0d7c6cc1ef0533a3efcee68223302
File size 1.7 MB ( 1757184 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-11-16 05:15:31 UTC ( 8 months, 1 week ago )
Last submission 2017-06-15 15:08:24 UTC ( 1 month, 1 week ago )
File names sfk (2).exe
sfk182.exe
sfk.exe
A26B7304CF0A15D377A00021B41E956A801D9C82345ECC0CF182599C2E541BCC.exe
sfk.exe
sfk.exe
sfk182.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!