× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b7bbb0d1e03b1b8dd8d8c62317e52910a610b429c82e9a0afef84a1fd19e0e22
File name: 6VRjCFx.exe
Detection ratio: 0 / 40
Analysis date: 2012-08-26 08:03:50 UTC ( 6 years, 6 months ago ) View latest
Antivirus Result Update
AhnLab-V3 20120825
AntiVir 20120825
Antiy-AVL 20120824
Avast 20120826
AVG 20120825
BitDefender 20120826
ByteHero 20120817
CAT-QuickHeal 20120825
ClamAV 20120826
Commtouch 20120825
Comodo 20120826
DrWeb 20120826
Emsisoft 20120826
eSafe 20120823
ESET-NOD32 20120825
F-Prot 20120825
F-Secure 20120826
Fortinet 20120826
GData 20120826
Ikarus 20120826
Jiangmin 20120826
K7AntiVirus 20120825
Kaspersky 20120826
McAfee 20120826
McAfee-GW-Edition 20120825
Microsoft 20120826
Norman 20120825
nProtect 20120825
Panda 20120825
PCTools 20120826
Rising 20120824
Sophos AV 20120826
SUPERAntiSpyware 20120826
Symantec 20120826
TheHacker 20120824
TotalDefense 20120824
TrendMicro 20120826
VIPRE 20120826
ViRobot 20120825
VirusBuster 20120825
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-08-26 06:54:04
Entry Point 0x00001240
Number of sections 6
PE sections
Overlays
MD5 397492d925fdf01721c2284e66ebe032
File type data
Offset 359424
Size 512
Entropy 7.64
PE imports
GetCommandLineA
GetModuleHandleA
ExitProcess
GetStartupInfoA
SetUnhandledExceptionFilter
_cexit
__p__fmode
cos
__p__environ
signal
strcmp
malloc
_onexit
atexit
_setmode
__getmainargs
_iob
sin
__set_app_type
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
512

LinkerVersion
2.56

ImageVersion
1.0

FileVersionNumber
1.3.2.400

LanguageCode
Unknown (045E)

FileFlagsMask
0x0000

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit, No debug

CharacterSet
Windows, Latin1

InitializedDataSize
325120

EntryPoint
0x1240

MIMEType
application/octet-stream

TimeStamp
2012:08:25 23:54:04-07:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Unknown (0)

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
33280

FileSubtype
0

ProductVersionNumber
1.3.2.400

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 220b9661371e1728e366b4e00d41580d
SHA1 7b0d57a745b23376035f1b9b90af41cd495fdb77
SHA256 b7bbb0d1e03b1b8dd8d8c62317e52910a610b429c82e9a0afef84a1fd19e0e22
ssdeep
6144:fL5VGJcKYEz7QYV/hcnAptNU3Rwd+7bqJSkrayVGi:fL5VbEz75/9ptGyCbqJ2yD

authentihash 45936f9dd48c7ea25c76f47d1ba5f3fde9b05cb30db34c772943be623107d1fe
imphash 2aaccf8f30f70a4d69874e4cc5dcebcf
File size 351.5 KB ( 359936 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (58.9%)
Win32 Dynamic Link Library (generic) (14.0%)
Win32 Executable (generic) (9.6%)
Win16/32 Executable Delphi generic (4.4%)
OS/2 Executable (generic) (4.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2012-08-26 08:03:50 UTC ( 6 years, 6 months ago )
Last submission 2019-02-02 18:11:21 UTC ( 1 month, 1 week ago )
File names 6VRjCFx.exe
1345990704.6VRjCFx.exe
aa
file
file-4419919_exe
CxWk29TTV.docm
b7bbb0d1e03b1b8dd8d8c62317e52910a610b429c82e9a0afef84a1fd19e0e22.bin
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!