× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: acbc0fc18df3256b13d8fef7b2df2a39565c5dd065fa5d3d68db8e6480c5ca8f
File name: file-4512913_exe
Detection ratio: 0 / 25
Analysis date: 2012-09-14 17:42:01 UTC ( 1 year, 7 months ago )
Antivirus Result Update
AVG 20120914
AhnLab-V3 20120914
AntiVir 20120914
Antiy-AVL 20120911
Avast 20120914
ByteHero 20120910
CAT-QuickHeal 20120914
ClamAV 20120914
Commtouch 20120914
ESET-NOD32 20120914
F-Prot 20120913
Fortinet 20120830
Ikarus 20120914
Jiangmin 20120914
K7AntiVirus 20120914
McAfee 20120914
McAfee-GW-Edition 20120914
Norman 20120914
SUPERAntiSpyware 20120911
TheHacker 20120911
TotalDefense 20120913
TrendMicro 20120914
TrendMicro-HouseCall 20120914
VBA32 20120914
VIPRE 20120914
The file being studied is a Portable Executable file! More specifically, it is a DOS EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright (c) 2000 Daniel Werner

Product RegCompact
Original name RegCompact.exe
Internal name RegCompact
File version 1.0
Description RegCompact
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2000-10-17 14:39:29
Entry Point 0x00003190
Number of sections 4
PE sections
PE imports
LookupPrivilegeValueA
RegOpenKeyA
RegSaveKeyA
OpenProcessToken
RegReplaceKeyA
AdjustTokenPrivileges
RegEnumValueA
RegOpenKeyExA
RegCloseKey
ImageList_Create
Ord(17)
ImageList_ReplaceIcon
SetBkMode
CreateFontA
DeleteObject
GetStockObject
SetTextColor
GetLastError
HeapFree
GetStdHandle
LCMapStringW
SetHandleCount
GetOEMCP
LCMapStringA
HeapDestroy
HeapAlloc
IsBadWritePtr
FlushFileBuffers
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
RtlUnwind
GetACP
GetShortPathNameA
FreeEnvironmentStringsA
GetCurrentProcess
GetEnvironmentStrings
GetFileType
GetStringTypeW
GetFileSize
DeleteFileA
WideCharToMultiByte
UnhandledExceptionFilter
MultiByteToWideChar
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
IsBadReadPtr
SetStdHandle
SetFilePointer
GetTempPathA
RaiseException
GetCPInfo
GetStringTypeA
GetModuleHandleA
ReadFile
IsBadCodePtr
WriteFile
GetStartupInfoA
CloseHandle
GetTempFileNameA
GetSystemDirectoryA
HeapReAlloc
MoveFileExA
SetFileAttributesA
MoveFileA
TerminateProcess
GetModuleFileNameA
SetUnhandledExceptionFilter
HeapCreate
VirtualFree
FormatMessageA
SetEndOfFile
CreateFileA
ExitProcess
GetVersion
VirtualAlloc
SetCurrentDirectoryA
ShellExecuteA
GetCursorPos
GetMessageA
GetDlgCtrlID
LoadCursorA
LoadIconA
DispatchMessageA
SetDlgItemTextA
TranslateMessage
SendMessageA
MessageBoxA
PeekMessageA
GetDlgItem
CreateDialogParamA
PostQuitMessage
WinHelpA
ShowWindow
DestroyWindow
ScreenToClient
ExitWindowsEx
SetWindowPos
SetCursor
Number of PE resources by type
RT_ICON 6
RT_GROUP_ICON 3
RT_DIALOG 1
RT_GROUP_CURSOR 1
RT_BITMAP 1
RT_CURSOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 14
ExifTool file metadata
CodeSize
36864

SubsystemVersion
4.0

InitializedDataSize
40960

ImageVersion
0.0

ProductName
RegCompact

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
English (Australian)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

OriginalFilename
RegCompact.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0

TimeStamp
2000:10:17 16:39:29+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
RegCompact

ProductVersion
1.0

FileDescription
RegCompact

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 2000 Daniel Werner

MachineType
Intel 386 or later, and compatibles

CompanyName

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x3190

ObjectFileType
Executable application

File identification
MD5 328012d5badf9833ad645d7ca9b08b37
SHA1 ab84d5248a8795470e7c7afcaf0994d18d28c01c
SHA256 acbc0fc18df3256b13d8fef7b2df2a39565c5dd065fa5d3d68db8e6480c5ca8f
ssdeep
768:hmQVl0PIAqnlLrV3/2ZLdGZr/9anvWj1Xh3iB92ncUHVkmB1oo5bkOuco:hm60PIAARVDrMaNPcU68ooFm

File size 72.0 KB ( 73728 bytes )
File type DOS EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable Generic (54.6%)
Win32 Executable MS Visual C++ (generic) (24.0%)
Windows Screen Saver (8.3%)
Win32 Executable Generic (5.4%)
Win32 Dynamic Link Library (generic) (4.8%)
Tags
armadillo mz

VirusTotal metadata
First submission 2010-11-06 03:35:32 UTC ( 3 years, 5 months ago )
Last submission 2012-09-14 17:42:01 UTC ( 1 year, 7 months ago )
File names file-4512913_exe
RegCompact
RegCompact.exe
2021649700F761B02087012190A980000B676CCC.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!