× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b6191699544b00a9608869badd65920d6b7bcf67a482f14c1d4bdf5f52df2809
File name: 7 Taskbar Tweaker.exe
Detection ratio: 3 / 45
Analysis date: 2013-02-10 12:16:23 UTC ( 1 year, 2 months ago )
Antivirus Result Update
CAT-QuickHeal (Suspicious) - DNAScan 20130208
TrendMicro-HouseCall TROJ_GEN.R47H1AQ 20130210
VIPRE Trojan-Spy.Win32.Zbot.gen (v) 20130210
AVG 20130210
Agnitum 20130209
AhnLab-V3 20130210
AntiVir 20130210
Antiy-AVL 20130210
Avast 20130210
BitDefender 20130210
ByteHero 20130207
ClamAV 20130210
Commtouch 20130209
Comodo 20130210
ESET-NOD32 20130209
Emsisoft 20130210
F-Prot 20130201
F-Secure 20130210
Fortinet 20130210
GData 20130210
Ikarus 20130210
Jiangmin 20130210
K7AntiVirus 20130209
Kaspersky 20130210
Kingsoft 20130204
Malwarebytes 20130210
McAfee 20130210
McAfee-GW-Edition 20130210
MicroWorld-eScan 20130210
Microsoft 20130210
NANO-Antivirus 20130210
Norman 20130210
PCTools 20130210
Panda 20130210
Rising 20130205
SUPERAntiSpyware 20130210
Sophos 20130210
Symantec 20130210
TheHacker 20130208
TotalDefense 20130210
TrendMicro 20130210
VBA32 20130208
ViRobot 20130210
eSafe 20130206
nProtect 20130210
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
All rights reserved

Publisher RaMMicHaeL
Product 7_ Taskbar Tweaker
File version 4.1.3
Description 7_ Taskbar Tweaker
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-01-25 13:49:53
Entry Point 0x00001F10
Number of sections 4
PE sections
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
Ord(345)
InitCommonControlsEx
CreatePatternBrush
SetBrushOrgEx
DeleteDC
SelectObject
BitBlt
DeleteObject
GetObjectW
SetBkMode
CreateCompatibleDC
GetTextExtentPoint32W
CreateCompatibleBitmap
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
WriteProcessMemory
lstrlenW
VirtualAllocEx
lstrlenA
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
HeapReAlloc
ExitProcess
GetThreadUILanguage
GetProcessHeap
lstrcmpiW
DuplicateHandle
LCIDToLocaleName
CreateProcessW
DeleteCriticalSection
GetCurrentProcess
FindResourceExW
VirtualFreeEx
GetFileSize
OpenProcess
LockResource
GetCommandLineW
MultiByteToWideChar
HeapSize
ReadProcessMemory
lstrcatW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetTempFileNameW
CreateRemoteThread
CompareStringW
lstrcpyW
CreateThread
LoadLibraryW
MoveFileExW
ReadFile
InterlockedExchange
WriteFile
CreateMutexW
CloseHandle
GetSystemTimeAsFileTime
EnumResourceLanguagesW
lstrcmpW
WaitForMultipleObjects
GetModuleHandleW
SetEvent
SetThreadUILanguage
IsWow64Process
ResumeThread
CreateEventW
LoadResource
GetTempPathW
CreateFileW
VirtualFree
GetFileAttributesW
HeapAlloc
GetProcAddress
SetLastError
LeaveCriticalSection
Shell_NotifyIconW
ShellExecuteW
SetCurrentProcessExplicitAppUserModelID
Shell_NotifyIconGetRect
MapWindowPoints
RegisterWindowMessageW
GetParent
EndDialog
FindWindowW
KillTimer
DestroyMenu
ShowWindow
LoadMenuW
GetWindowThreadProcessId
GetSystemMetrics
SetWindowLongW
MessageBoxW
DestroyIcon
GetWindowRect
MoveWindow
DialogBoxParamW
SendDlgItemMessageW
GetWindow
PostMessageW
SetActiveWindow
GetDC
GetCursorPos
ReleaseDC
GetDlgCtrlID
SendMessageW
GetLastActivePopup
wsprintfW
IsWindowVisible
LoadStringW
GetClientRect
GetDlgItem
AllowSetForegroundWindow
DeleteMenu
GetSubMenu
SetTimer
LoadImageW
GetClassNameW
TrackPopupMenu
IsDlgButtonChecked
WaitForInputIdle
CheckDlgButton
GetMenuState
GetWindowLongW
SetForegroundWindow
ReplyMessage
PtInRect
HttpQueryInfoW
InternetSetStatusCallbackW
InternetConnectW
InternetWriteFile
InternetReadFile
HttpEndRequestW
HttpSendRequestExW
InternetCloseHandle
HttpSendRequestW
InternetOpenW
HttpOpenRequestW
Number of PE resources by type
RT_STRING 64
RT_DIALOG 32
RT_MENU 16
RT_ICON 5
RT_BITMAP 3
RT_GROUP_ICON 2
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 10
ENGLISH US 9
SWEDISH 7
HUNGARIAN DEFAULT 7
TURKISH DEFAULT 7
LATVIAN DEFAULT 7
GERMAN 7
CHINESE TRADITIONAL 7
DUTCH 7
FRENCH 7
CHINESE SIMPLIFIED 7
PORTUGUESE BRAZILIAN 7
SLOVENIAN DEFAULT 7
POLISH DEFAULT 7
SPANISH 7
RUSSIAN 7
ITALIAN 7
ExifTool file metadata
SubsystemVersion
6.0

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.1.3.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
208896

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.1.3

TimeStamp
2013:01:25 14:49:53+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
4.1.3

FileDescription
7+ Taskbar Tweaker

OSVersion
6.0

FileOS
Windows NT 32-bit

LegalCopyright
All rights reserved

MachineType
Intel 386 or later, and compatibles

CompanyName
RaMMicHaeL

CodeSize
19968

ProductName
7+ Taskbar Tweaker

ProductVersionNumber
4.1.3.0

EntryPoint
0x1f10

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 3495fa8313e0c53477fd5ebe5c8c43b9
SHA1 7cfd8de6529ef05ad13cd66c03b4a155725ef5aa
SHA256 b6191699544b00a9608869badd65920d6b7bcf67a482f14c1d4bdf5f52df2809
ssdeep
3072:QmUt0xMYqbgD5ysoWvr36ok9258UQAT6s8lCzYK0VXRV9lxIDMOKOyJscBUAUdd4:3Y0Gy55oWD36ok92vQPoBqzH

File size 222.5 KB ( 227840 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable Generic (79.4%)
Win32 Executable Generic (7.9%)
Win32 Dynamic Link Library (generic) (7.0%)
Win16/32 Executable Delphi generic (1.9%)
Generic Win/DOS Executable (1.8%)
Tags
peexe

VirusTotal metadata
First submission 2013-01-26 14:53:07 UTC ( 1 year, 2 months ago )
Last submission 2013-02-10 12:16:23 UTC ( 1 year, 2 months ago )
File names 7 Taskbar Tweaker.exe
vt-upload-jn6C3
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!