× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a5bf6800fb33b09efcc40d53b33c328ea010b8021f13f595b909021009f99ac6
File name: sViewSetup_v.13.5_19.exe
Detection ratio: 0 / 46
Analysis date: 2013-05-19 17:45:59 UTC ( 5 years, 8 months ago ) View latest
Antivirus Result Update
Yandex 20130519
AhnLab-V3 20130519
AntiVir 20130519
Antiy-AVL 20130519
Avast 20130519
AVG 20130519
BitDefender 20130519
ByteHero 20130517
CAT-QuickHeal 20130518
ClamAV 20130519
Commtouch 20130518
Comodo 20130519
DrWeb 20130519
Emsisoft 20130519
eSafe 20130516
ESET-NOD32 20130519
F-Prot 20130518
F-Secure 20130519
Fortinet 20130519
GData 20130519
Ikarus 20130519
Jiangmin 20130519
K7AntiVirus 20130517
K7GW 20130517
Kaspersky 20130519
Kingsoft 20130506
Malwarebytes 20130519
McAfee 20130519
McAfee-GW-Edition 20130519
Microsoft 20130519
eScan 20130519
NANO-Antivirus 20130519
Norman 20130519
nProtect 20130518
Panda 20130519
PCTools 20130519
Rising 20130517
Sophos AV 20130519
SUPERAntiSpyware 20130519
Symantec 20130519
TheHacker 20130519
TotalDefense 20130519
TrendMicro 20130519
TrendMicro-HouseCall 20130519
VBA32 20130518
VIPRE 20130519
ViRobot 20130519
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Product sView
File version sView (version 13.5_
Description sView - Media Player
Comments This installation was built with Inno Setup.
Packers identified
F-PROT INNO, appended, UTF-8, embedded
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-01-06 09:56:24
Entry Point 0x000163C4
Number of sections 9
PE sections
Overlays
MD5 5152558f7cfaa7c019688296c69d29bf
File type data
Offset 333312
Size 15990258
Entropy 8.00
PE imports
RegCloseKey
OpenProcessToken
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControls
GetLastError
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
GetSystemInfo
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetThreadLocale
VirtualProtect
GetFileAttributesW
RtlUnwind
lstrlenW
GetLocalTime
CreateProcessW
DeleteCriticalSection
GetStartupInfoA
SizeofResource
GetWindowsDirectoryW
LocalAlloc
LockResource
GetDiskFreeSpaceW
GetCommandLineW
SetErrorMode
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetCPInfo
DeleteFileW
GetProcAddress
GetDateFormatW
InterlockedCompareExchange
GetLocaleInfoW
lstrcpynW
CompareStringW
RaiseException
WideCharToMultiByte
RemoveDirectoryW
SetFilePointer
GetFullPathNameW
ReadFile
GetEnvironmentVariableW
InterlockedExchange
CreateDirectoryW
WriteFile
GetCurrentProcess
CloseHandle
FindFirstFileW
GetACP
GetModuleHandleW
SignalObjectAndWait
SetEvent
FormatMessageW
LoadLibraryW
CreateEventW
GetExitCodeProcess
GetVersion
InitializeCriticalSection
LoadResource
FindResourceW
CreateFileW
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
LeaveCriticalSection
VirtualAlloc
GetFileSize
SetLastError
ResetEvent
VariantChangeType
SafeArrayGetLBound
SafeArrayPtrOfIndex
SysAllocStringLen
VariantClear
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
SysFreeString
VariantInit
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
LoadStringW
MessageBoxA
CreateWindowExW
MsgWaitForMultipleObjects
TranslateMessage
CharUpperBuffW
CallWindowProcW
CharNextW
GetKeyboardType
ExitWindowsEx
DispatchMessageW
DestroyWindow
Number of PE resources by type
RT_ICON 8
RT_STRING 6
RT_RCDATA 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
NEUTRAL 9
PE resources
ExifTool file metadata
SubsystemVersion
5.0

Comments
This installation was built with Inno Setup.

InitializedDataSize
245248

ImageVersion
6.0

ProductName
sView

FileVersionNumber
13.5.4.19

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Unicode

LinkerVersion
2.25

FileTypeExtension
exe

MIMEType
application/octet-stream

FileVersion
sView (version 13.5_

TimeStamp
2010:01:06 10:56:24+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
13.5.4.19

FileDescription
sView - Media Player

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Kirill Gavrilov

CodeSize
87040

FileSubtype
0

ProductVersionNumber
13.5.4.19

EntryPoint
0x163c4

ObjectFileType
Executable application

File identification
MD5 0f16b79f443581f7ebdf2b8cdee64379
SHA1 2cf4a45532dc6e4f0b0adef2fdd248dca97f89e3
SHA256 a5bf6800fb33b09efcc40d53b33c328ea010b8021f13f595b909021009f99ac6
ssdeep
393216:MX1YHlF5RdBbbhgal6eXHQAOl4U03DkLIgUK:KYHlF5RdJhvpXwA+tEPK

authentihash 1eecfa4978fedfb9e277ee3eee7e2a75c3a3bcaecb98cb37f5bae433ab706fb3
imphash 483f0c4259a9148c34961abbda6146c1
File size 15.6 MB ( 16323570 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Inno Setup installer (80.3%)
Win32 Executable Delphi generic (10.3%)
Win32 Executable (generic) (3.3%)
Win16/32 Executable Delphi generic (1.5%)
OS/2 Executable (generic) (1.4%)
Tags
peexe overlay

VirusTotal metadata
First submission 2013-05-19 17:45:59 UTC ( 5 years, 8 months ago )
Last submission 2013-05-19 17:45:59 UTC ( 5 years, 8 months ago )
File names sViewSetup_v.13.5_19.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Runtime DLLs