× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b610a75a9801553fa7e5aa8c63c471b063e4501ca413103b50cab2df3711efa3
File name: 77900e5cbae3057dd2bf5344ce5c67e5238db5b6
Detection ratio: 49 / 52
Analysis date: 2015-12-31 21:03:59 UTC ( 3 years, 1 month ago )
Antivirus Result Update
Ad-Aware Win32.Virtob.Gen.12 20151224
Yandex Win32.Virut.AB.Gen 20151231
AhnLab-V3 Win32/Virut.F 20151231
Antiy-AVL Virus/Win32.Virut.ce 20151231
Arcabit Win32.Virtob.Gen.12 20151231
Avast Win32:Vitro 20151231
AVG Win32/Virut 20151231
Avira (no cloud) W32/Virut.Gen 20151231
AVware Virus.Win32.Virut.ce.5 (v) 20151231
Baidu-International Virus.Win32.Virut.$NBP 20151231
BitDefender Win32.Virtob.Gen.12 20151231
Bkav W32.Vetor.PE 20151231
CAT-QuickHeal W32.Virut.G 20151231
ClamAV Trojan.Lebag-3 20151231
CMC Virus.Win32.Virut.1!O 20151231
Comodo Virus.Win32.Virut.CE 20151231
Cyren W32/Virut.E.gen!Eldorado 20151231
DrWeb Win32.Virut.56 20151231
ESET-NOD32 Win32/Virut.NBP 20151231
F-Prot W32/Virut.E.gen!Eldorado 20151231
F-Secure Win32.Virtob.Gen.12 20151231
Fortinet W32/Virut.CE 20151231
GData Win32.Virtob.Gen.12 20151231
Ikarus Gen:Heur 20151231
Jiangmin Win32/Virut.bt 20151231
K7AntiVirus Backdoor ( 04c4d8df1 ) 20151231
K7GW Backdoor ( 04c4d8df1 ) 20151231
Kaspersky Virus.Win32.Virut.ce 20151231
Malwarebytes Spyware.Zbot 20151231
McAfee PWS-Zbot.gen.cy 20151231
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.cm 20151231
Microsoft Trojan:Win32/Ramnit 20151231
eScan Win32.Virtob.Gen.12 20151231
NANO-Antivirus Virus.Win32.Virut.hpeg 20151231
nProtect Virus/W32.Virut.Gen 20151231
Panda Trj/Ramnit.F 20151231
Rising PE:Virus.Virut!1.A08B [F] 20151231
Sophos AV W32/Scribble-B 20151231
SUPERAntiSpyware Trojan.Agent/Gen-FakeSecurity 20151231
Symantec W32.Virut.CF 20151231
TheHacker W32/Virtob.Gen(F) 20151231
TotalDefense Win32/Virut.17408 20151231
TrendMicro PE_VIRUX.R 20151231
TrendMicro-HouseCall PE_VIRUX.R 20151231
VBA32 Virus.Virut.14 20151231
VIPRE Virus.Win32.Virut.ce.5 (v) 20151231
ViRobot Win32.Virut.AM[h] 20151231
Zillya Virus.Virut.Win32.1938 20151231
Zoner Win32.Ramnit.A 20151231
AegisLab 20151231
Alibaba 20151208
ByteHero 20151231
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2007 Avira GmbH. All rights reserved.

Internal name AntiVir/Win32
File version 7.6.0.59
Description AntiVir Command Line Scanner for Windows
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-06-18 13:39:32
Entry Point 0x00030760
Number of sections 6
PE sections
PE imports
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
IsTextUnicode
CreateBitmap
DeleteDC
EndDoc
SelectObject
CreateFontIndirectW
CreatePen
DeleteObject
RemoveFontResourceW
AddFontResourceW
BitBlt
GetROP2
GetTextMetricsW
GetTextExtentPoint32W
CreateCompatibleBitmap
OffsetWindowOrgEx
GetModuleFileNameW
FindResourceW
HeapAlloc
TlsAlloc
LoadLibraryA
GetLocalTime
GlobalSize
GetConsoleMode
UnhandledExceptionFilter
MultiByteToWideChar
GetProcAddress
InterlockedCompareExchange
lstrcpynW
GetTimeFormatW
FindNextFileW
GetACP
GetStringTypeW
GetLongPathNameW
ResumeThread
OpenEventW
FindClose
VirtualAlloc
LeaveCriticalSection
SetFocus
GetScrollPos
CreateCaret
DrawFrameControl
RemoveMenu
GetSystemMetrics
SetScrollRange
GetWindowRect
InflateRect
CharLowerW
GetDlgItemTextW
PostMessageW
CreateCursor
CreateDialogParamW
ShowScrollBar
EnableMenuItem
ScreenToClient
GetKeyboardState
LoadIconW
RealChildWindowFromPoint
InsertMenuW
CloseClipboard
GetSaveFileNameW
PrintDlgW
GetOpenFileNameW
ChooseColorW
OleDuplicateData
Number of PE resources by type
RT_ICON 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 6
PE resources
ExifTool file metadata
LegalTrademarks
AntiVir is a registered trademark of Avira GmbH, Germany

SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileVersionNumber
7.6.0.59

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
105472

EntryPoint
0x30760

MIMEType
application/octet-stream

LegalCopyright
Copyright 2007 Avira GmbH. All rights reserved.

FileVersion
7.6.0.59

TimeStamp
2004:06:18 14:39:32+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
AntiVir/Win32

ProductVersion
7.6.0.59

FileDescription
AntiVir Command Line Scanner for Windows

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Avira GmbH

CodeSize
2048

FileSubtype
0

ProductVersionNumber
7.6.0.59

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 8f3cff037fc536be00e6cfb2f57d7e02
SHA1 77900e5cbae3057dd2bf5344ce5c67e5238db5b6
SHA256 b610a75a9801553fa7e5aa8c63c471b063e4501ca413103b50cab2df3711efa3
ssdeep
3072:XnnAQVG/LytaKItS/fiLKS+f5Aq7iXx1ITUQHfR31A:3OTeHI8HiL7+f561YfHZ31A

authentihash a2708508d3842cf1fbe3424b477738b93ba09ca312cb9220425d58af2174c1a1
imphash 093a51e0b7dcb2466b7edfd78d191aa0
File size 184.5 KB ( 188928 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Windows screen saver (46.4%)
Win32 Dynamic Link Library (generic) (23.3%)
Win32 Executable (generic) (15.9%)
Generic Win/DOS Executable (7.1%)
DOS Executable Generic (7.0%)
Tags
peexe

VirusTotal metadata
First submission 2015-12-20 07:55:45 UTC ( 3 years, 2 months ago )
Last submission 2015-12-31 21:03:59 UTC ( 3 years, 1 month ago )
File names Win32
Cmgr.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!