× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b61145d03b15ac78b5c7f501afb42fac1e99f43b481929f4a01764db9a1ffc90
File name: e26f1d5f-822f-4f6c-b96c-ee90e6d24878.bs64dec.show_new
Detection ratio: 4 / 56
Analysis date: 2015-04-12 11:35:27 UTC ( 4 years, 1 month ago ) View latest
Antivirus Result Update
Avast Win32:Emotet-P [Trj] 20150412
ByteHero Virus.Win32.Heur.p 20150412
CMC Heur.Win32.VBKrypt.3!O 20150410
Tencent Trojan.Win32.Qudamah.Gen.17 20150412
Ad-Aware 20150412
AegisLab 20150412
Yandex 20150409
AhnLab-V3 20150412
Alibaba 20150412
ALYac 20150412
Antiy-AVL 20150412
AVG 20150412
AVware 20150412
Baidu-International 20150412
BitDefender 20150412
Bkav 20150410
CAT-QuickHeal 20150411
ClamAV 20150412
Comodo 20150412
Cyren 20150412
DrWeb 20150412
Emsisoft 20150412
ESET-NOD32 20150412
F-Prot 20150412
F-Secure 20150412
Fortinet 20150412
GData 20150412
Ikarus 20150412
Jiangmin 20150411
K7AntiVirus 20150412
K7GW 20150412
Kaspersky 20150412
Kingsoft 20150412
Malwarebytes 20150412
McAfee 20150412
McAfee-GW-Edition 20150411
Microsoft 20150412
eScan 20150412
NANO-Antivirus 20150412
Norman 20150412
nProtect 20150410
Panda 20150410
Qihoo-360 20150412
Rising 20150412
Sophos AV 20150412
SUPERAntiSpyware 20150411
Symantec 20150412
TheHacker 20150410
TotalDefense 20150412
TrendMicro 20150412
TrendMicro-HouseCall 20150412
VBA32 20150410
VIPRE 20150412
ViRobot 20150412
Zillya 20150411
Zoner 20150410
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
acoustics analysis software for measuring

Publisher acoustics analysis software for measuring
Product acoustics analysis software for measuring
Original name TextConv.exe
Internal name TextConv
File version 1.00.0015
Description acoustics analysis software for measuring
Comments acoustics analysis software for measuring
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-04-11 11:11:26
Entry Point 0x00001128
Number of sections 3
PE sections
PE imports
EVENT_SINK_QueryInterface
Ord(645)
Ord(537)
Ord(648)
Ord(516)
Ord(685)
Ord(594)
Ord(689)
Ord(525)
EVENT_SINK_AddRef
Ord(300)
Ord(717)
__vbaExceptHandler
MethCallEngine
DllFunctionCall
Ord(100)
Ord(599)
Ord(608)
Ord(570)
Ord(571)
ProcCallEngine
Ord(711)
EVENT_SINK_Release
Ord(595)
Ord(593)
Ord(306)
Ord(631)
Ord(563)
Number of PE resources by type
RT_ICON 4
RT_STRING 1
RT_VERSION 1
CEROL 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 6
THAI DEFAULT 2
PE resources
ExifTool file metadata
LegalTrademarks
acoustics analysis software for measuring

SubsystemVersion
4.0

Comments
acoustics analysis software for measuring

LinkerVersion
6.0

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.15

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
acoustics analysis software for measuring

CharacterSet
Unicode

InitializedDataSize
53248

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
acoustics analysis software for measuring

FileVersion
1.00.0015

TimeStamp
2015:04:11 11:11:26+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
TextConv

ProductVersion
1.00.0015

UninitializedDataSize
0

OSVersion
4.0

OriginalFilename
TextConv.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
acoustics analysis software for measuring

CodeSize
102400

ProductName
acoustics analysis software for measuring

ProductVersionNumber
1.0.0.15

EntryPoint
0x1128

ObjectFileType
Executable application

File identification
MD5 ef6dfd897d10e8345aa424a51103f2e9
SHA1 2a40ae0689bb54287baeb507f7e36167c3f27c7e
SHA256 b61145d03b15ac78b5c7f501afb42fac1e99f43b481929f4a01764db9a1ffc90
ssdeep
3072:uOQhZOOQhZOOQhZhzpsgV0OQhZOOQhZOOQhZacdFztKmigIZQIc0brOuIDtL+OXU:L0cPztVIiIc0br+tL+OTp9g

authentihash 1407bf5d8a024941068d27dad08f6172b3c629376784c79b828f449f2530464e
imphash e9c7d402150ccfcc98bb88e155a1e3b6
File size 271.2 KB ( 277757 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (90.5%)
Win32 Executable (generic) (4.9%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2015-04-12 11:35:27 UTC ( 4 years, 1 month ago )
Last submission 2015-04-12 11:35:27 UTC ( 4 years, 1 month ago )
File names TextConv.exe
TextConv
e26f1d5f-822f-4f6c-b96c-ee90e6d24878.bs64dec.show_new
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!