× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: abc85152d52d86586ccac93e10f36140f645c1f8cc0d433031c528f99d0ca89d
File name: VSCover.exe
Detection ratio: 35 / 49
Analysis date: 2013-09-19 07:08:03 UTC ( 7 months, 1 week ago )
Antivirus Result Update
AVG Agent3.BRAP 20130918
AhnLab-V3 Win-Trojan/Ainslot.10696 20130918
AntiVir TR/Agent.skqm 20130919
Avast Win32:Malware-gen 20130919
BitDefender Trojan.Generic.7609535 20130919
Bkav W32.MatezoneC.Trojan 20130918
CMC Trojan.Win32.Agent!O 20130918
ClamAV W32.Trojan.Agent-3817 20130918
Comodo UnclassifiedMalware 20130919
DrWeb Trojan.DownLoader6.15125 20130919
ESET-NOD32 MSIL/Injector.AEG 20130918
Emsisoft Trojan.Generic.7609535 (B) 20130919
F-Secure Trojan.Generic.7609535 20130919
Fortinet W32/Agent.AEG!tr 20130919
GData Trojan.Generic.7609535 20130919
Ikarus Trojan.Win32.Agent 20130919
Jiangmin Trojan/Agent.gmtc 20130903
K7AntiVirus Trojan 20130918
K7GW Trojan 20130918
Kaspersky Trojan.Win32.Agent.skiq 20130919
Malwarebytes Backdoor.Messa.Gen 20130919
McAfee Generic.ku 20130919
McAfee-GW-Edition Generic.ku 20130919
MicroWorld-eScan Trojan.Generic.7609535 20130919
Microsoft Trojan:MSIL/Ainslot.A 20130919
NANO-Antivirus Trojan.Win32.Agent2.sphhe 20130918
Norman Injector.ATSP 20130918
PCTools Malware.Shadesrat 20130918
Panda Trj/Agent.JIH 20130918
Sophos Mal/Generic-L 20130919
Symantec W32.Shadesrat.C 20130919
TrendMicro TROJ_INJECT.BYY 20130919
TrendMicro-HouseCall TROJ_INJECT.BYY 20130919
VBA32 Trojan.Agent 20130917
VIPRE Trojan.Win32.Generic!BT 20130919
Agnitum 20130918
Antiy-AVL 20130919
Baidu-International 20130918
ByteHero 20130918
CAT-QuickHeal 20130919
Commtouch 20130919
F-Prot 20130919
Kingsoft 20130829
Rising 20130918
SUPERAntiSpyware 20130919
TheHacker 20130919
TotalDefense 20130918
ViRobot 20130919
nProtect 20130917
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
© Microsoft Corporation. All rights reserved.

Publisher Familie-PC\Familie
Product Mic© Microsoft Corporation. All rights reserved.rosoft® Windows® Operating System
Version 11.0.40825.0
Original name Project1.exe
Internal name Project1.exe
File version 11.0.40825.0
Description Code Coverage Collection
Comments VSCover
Signature verification A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-06-05 03:07:16
Link date 4:07 AM 6/5/2012
Entry Point 0x000039E6
Number of sections 3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
ExifTool file metadata
FileDescription
Code Coverage Collection

Comments
VSCover

LinkerVersion
11.0

ImageVersion
0.0

ProductName
Mic Microsoft Corporation. All rights reserved.rosoft Windows Operating System

FileVersionNumber
11.0.40825.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
8704

OriginalFilename
Project1.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
11.0.40825.0

TimeStamp
2012:06:05 05:07:16+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
Project1.exe

SubsystemVersion
4.0

ProductVersion
11.0.40825.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
6656

FileSubtype
0

ProductVersionNumber
11.0.40825.0

EntryPoint
0x39e6

ObjectFileType
Executable application

AssemblyVersion
11.0.40825.2

File identification
MD5 291ce2c51e5ea57b571d6610e1d324f9
SHA1 c236053023e403d55effaf1b2d8b22e0aa652b69
SHA256 abc85152d52d86586ccac93e10f36140f645c1f8cc0d433031c528f99d0ca89d
ssdeep
192:vsv5kBApeJTjC4cfRPMRyqcHA329o1h1y6WKwWrVcFy:GCgHA329oD86WKwWhcFy

File size 10.4 KB ( 10696 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe assembly

VirusTotal metadata
First submission 2012-06-06 09:41:59 UTC ( 1 year, 10 months ago )
Last submission 2013-09-19 07:08:03 UTC ( 7 months, 1 week ago )
File names file-4063465_exe
Project1.exe
D6F03C25C8061D0B291D007DCA4876007B5CE918.exe
VSCover.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!