× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: acbc0fc18df3256b13d8fef7b2df2a39565c5dd065fa5d3d68db8e6480c5ca8f
File name: RegCompact.exe
Detection ratio: 1 / 56
Analysis date: 2015-06-29 12:06:09 UTC ( 2 months ago )
Antivirus Result Update
NANO-Antivirus Trojan.Win32.Hupigon.bjqehx 20150629
ALYac 20150629
AVG 20150629
AVware 20150629
Ad-Aware 20150629
AegisLab 20150629
Agnitum 20150628
AhnLab-V3 20150629
Alibaba 20150629
Antiy-AVL 20150629
Arcabit 20150629
Avast 20150629
Avira 20150629
Baidu-International 20150629
BitDefender 20150629
Bkav 20150629
ByteHero 20150629
CAT-QuickHeal 20150628
ClamAV 20150629
Comodo 20150629
Cyren 20150629
DrWeb 20150629
ESET-NOD32 20150629
Emsisoft 20150629
F-Prot 20150629
F-Secure 20150629
Fortinet 20150629
GData 20150629
Ikarus 20150629
Jiangmin 20150626
K7AntiVirus 20150629
K7GW 20150629
Kaspersky 20150629
Kingsoft 20150629
Malwarebytes 20150629
McAfee 20150629
McAfee-GW-Edition 20150629
MicroWorld-eScan 20150629
Microsoft 20150629
Panda 20150629
Qihoo-360 20150629
Rising 20150628
SUPERAntiSpyware 20150629
Sophos 20150629
Symantec 20150629
Tencent 20150629
TheHacker 20150626
TotalDefense 20150629
TrendMicro 20150629
TrendMicro-HouseCall 20150629
VBA32 20150629
VIPRE 20150629
ViRobot 20150629
Zillya 20150629
Zoner 20150629
nProtect 20150629
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2000 Daniel Werner

Publisher
Product RegCompact
Original name RegCompact.exe
Internal name RegCompact
File version 1.0
Description RegCompact
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2000-10-17 14:39:29
Link date 3:39 PM 10/17/2000
Entry Point 0x00003190
Number of sections 4
PE sections
PE imports
LookupPrivilegeValueA
RegOpenKeyA
RegSaveKeyA
OpenProcessToken
RegReplaceKeyA
AdjustTokenPrivileges
RegEnumValueA
RegOpenKeyExA
RegCloseKey
ImageList_Create
Ord(17)
ImageList_ReplaceIcon
SetBkMode
CreateFontA
DeleteObject
GetStockObject
SetTextColor
GetLastError
HeapFree
GetStdHandle
LCMapStringW
SetHandleCount
GetOEMCP
LCMapStringA
HeapDestroy
HeapAlloc
IsBadWritePtr
FlushFileBuffers
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
RtlUnwind
GetACP
GetShortPathNameA
FreeEnvironmentStringsA
GetCurrentProcess
GetEnvironmentStrings
GetFileType
GetStringTypeW
GetFileSize
DeleteFileA
WideCharToMultiByte
UnhandledExceptionFilter
MultiByteToWideChar
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
IsBadReadPtr
SetStdHandle
SetFilePointer
GetTempPathA
RaiseException
GetCPInfo
GetStringTypeA
GetModuleHandleA
ReadFile
IsBadCodePtr
WriteFile
GetStartupInfoA
CloseHandle
GetTempFileNameA
GetSystemDirectoryA
HeapReAlloc
MoveFileExA
SetFileAttributesA
MoveFileA
TerminateProcess
GetModuleFileNameA
SetUnhandledExceptionFilter
HeapCreate
VirtualFree
FormatMessageA
SetEndOfFile
CreateFileA
ExitProcess
GetVersion
VirtualAlloc
SetCurrentDirectoryA
ShellExecuteA
GetCursorPos
GetMessageA
GetDlgCtrlID
LoadCursorA
LoadIconA
DispatchMessageA
SetDlgItemTextA
TranslateMessage
SendMessageA
MessageBoxA
PeekMessageA
GetDlgItem
CreateDialogParamA
PostQuitMessage
WinHelpA
ShowWindow
DestroyWindow
ScreenToClient
ExitWindowsEx
SetWindowPos
SetCursor
Number of PE resources by type
RT_ICON 6
RT_GROUP_ICON 3
RT_DIALOG 1
RT_GROUP_CURSOR 1
RT_BITMAP 1
RT_CURSOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 14
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
40960

ImageVersion
0.0

ProductName
RegCompact

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
English (Australian)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
RegCompact.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0

TimeStamp
2000:10:17 15:39:29+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
RegCompact

ProductVersion
1.0

FileDescription
RegCompact

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 2000 Daniel Werner

MachineType
Intel 386 or later, and compatibles

CodeSize
36864

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x3190

ObjectFileType
Executable application

Execution parents
File identification
MD5 328012d5badf9833ad645d7ca9b08b37
SHA1 ab84d5248a8795470e7c7afcaf0994d18d28c01c
SHA256 acbc0fc18df3256b13d8fef7b2df2a39565c5dd065fa5d3d68db8e6480c5ca8f
ssdeep
768:hmQVl0PIAqnlLrV3/2ZLdGZr/9anvWj1Xh3iB92ncUHVkmB1oo5bkOuco:hm60PIAARVDrMaNPcU68ooFm

authentihash f14b0fbaaff91af7d2322c721421dc2cb720df6c59b5eb54c5776b2601b25b79
imphash b365dfada9d3688dc3b5d62fa724311e
File size 72.0 KB ( 73728 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (35.8%)
Win64 Executable (generic) (31.7%)
Windows screen saver (15.0%)
Win32 Dynamic Link Library (generic) (7.5%)
Win32 Executable (generic) (5.1%)
Tags
peexe armadillo

VirusTotal metadata
First submission 2010-11-06 03:35:32 UTC ( 4 years, 9 months ago )
Last submission 2015-06-29 12:06:09 UTC ( 2 months ago )
File names file-4512913_exe
2021649700F761B02087012190A980000B676CCC.exe
RegCompact.exe
RegCompact
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Runtime DLLs