× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a28a2cf5ecfef2c1914d6da7a63bb3cd1f4d66aa18b7c91396b24bbe72061d54
File name: ELEVATE.EXE
Detection ratio: 0 / 59
Analysis date: 2017-05-25 23:24:02 UTC ( 1 year, 4 months ago ) View latest
Antivirus Result Update
Ad-Aware 20170525
AegisLab 20170525
AhnLab-V3 20170525
Alibaba 20170525
ALYac 20170525
Antiy-AVL 20170525
Arcabit 20170525
Avast 20170525
AVG 20170525
Avira (no cloud) 20170525
AVware 20170525
BitDefender 20170525
Bkav 20170525
CAT-QuickHeal 20170525
ClamAV 20170525
CMC 20170525
Comodo 20170525
CrowdStrike Falcon (ML) 20170420
Cyren 20170525
DrWeb 20170525
Emsisoft 20170525
Endgame 20170515
ESET-NOD32 20170525
F-Prot 20170525
F-Secure 20170525
Fortinet 20170525
GData 20170525
Ikarus 20170525
Sophos ML 20170519
Jiangmin 20170525
K7AntiVirus 20170525
K7GW 20170525
Kaspersky 20170525
Kingsoft 20170526
Malwarebytes 20170525
McAfee 20170525
McAfee-GW-Edition 20170525
Microsoft 20170525
eScan 20170525
NANO-Antivirus 20170525
nProtect 20170525
Palo Alto Networks (Known Signatures) 20170526
Panda 20170525
Qihoo-360 20170526
Rising 20170525
SentinelOne (Static ML) 20170516
Sophos AV 20170526
SUPERAntiSpyware 20170525
Symantec 20170525
Symantec Mobile Insight 20170525
Tencent 20170526
TheHacker 20170525
TrendMicro 20170525
Trustlook 20170526
VBA32 20170525
VIPRE 20170525
ViRobot 20170525
Webroot 20170526
WhiteArmor 20170524
Yandex 20170518
Zillya 20170525
ZoneAlarm by Check Point 20170525
Zoner 20170525
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2007

Product Elevate Application
Original name Elevate.exe
Internal name Elevate
File version 1, 0, 0, 2894
Description Elevate
Comments Tool for elevating applications on the command line
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-01-05 11:19:35
Entry Point 0x00001CFC
Number of sections 5
PE sections
PE imports
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
EncodePointer
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
RtlUnwind
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
GetFileType
GetConsoleMode
GetStringTypeW
GetCurrentProcessId
GetCommandLineW
WideCharToMultiByte
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
HeapSize
SetFilePointerEx
FreeEnvironmentStringsW
GetProcAddress
GetProcessHeap
SetStdHandle
GetCPInfo
TlsFree
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
WriteFile
CloseHandle
IsProcessorFeaturePresent
GetACP
HeapReAlloc
DecodePointer
GetModuleHandleW
HeapAlloc
TerminateProcess
GetConsoleCP
GetModuleHandleExW
IsValidCodePage
OutputDebugStringW
CreateFileW
TlsGetValue
Sleep
WriteConsoleW
TlsSetValue
ExitProcess
GetCurrentThreadId
GetEnvironmentVariableW
SetLastError
LeaveCriticalSection
ShellExecuteExW
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
GERMAN 1
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
FileDescription
Elevate

Comments
Tool for elevating applications on the command line

InitializedDataSize
37888

ImageVersion
0.0

ProductName
Elevate Application

FileVersionNumber
1.0.0.2894

LanguageCode
Neutral

FileFlagsMask
0x0017

CharacterSet
Unicode

LinkerVersion
12.0

FileTypeExtension
exe

OriginalFileName
Elevate.exe

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
1, 0, 0, 2894

TimeStamp
2016:01:05 12:19:35+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Elevate

SubsystemVersion
6.0

ProductVersion
1, 0, 0, 2894

UninitializedDataSize
0

OSVersion
6.0

FileOS
Win32

LegalCopyright
Copyright (C) 2007

MachineType
Intel 386 or later, and compatibles

CompanyName
Johannes Passing

CodeSize
48640

FileSubtype
0

ProductVersionNumber
1.0.0.2894

EntryPoint
0x1cfc

ObjectFileType
Executable application

Execution parents
PE resource-wise parents
Compressed bundles
File identification
MD5 6d454071ec396f0534171e1248345a62
SHA1 c4dbbad056855869b1a760d278fe0fb12ad77a7e
SHA256 a28a2cf5ecfef2c1914d6da7a63bb3cd1f4d66aa18b7c91396b24bbe72061d54
ssdeep
1536:LNOX8QziMrx5SRXd2sBeP7Hky7C+cbFq0/sWjcdeNSqPVtWhZW:5ivPSddVsjBCHAe0qPVUG

authentihash 50ddef2b99cbd059abe1113f5a10b4f4cc045f2579188b5222f3cefada20b07e
imphash 48757ae122b00b7a8d57aabc7851224e
File size 77.5 KB ( 79360 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-01-29 18:33:48 UTC ( 2 years, 7 months ago )
Last submission 2018-05-08 13:10:27 UTC ( 4 months, 2 weeks ago )
File names Elevate.exe
Elevate.exe
Elevate.exe
Elevate.exe
Elevate.exe
elevate.exe
Elevate
Elevate-x86.exe
ELEVAT32.EXE
Elevate.exe
UnInstall.exe
ELEVATE.EXE
Elevate.exe
Elevate.exe
elevate.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!