× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b8be6602fd7b10b1689b7025392cc2088456f6dc11407a8d3cfc18ca790e517e
File name: free-snipping-tool-setup.exe
Detection ratio: 0 / 67
Analysis date: 2018-02-09 06:13:08 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware 20180209
AegisLab 20180209
AhnLab-V3 20180208
Alibaba 20180208
ALYac 20180209
Antiy-AVL 20180209
Arcabit 20180209
Avast 20180209
Avast-Mobile 20180209
AVG 20180209
Avira (no cloud) 20180208
AVware 20180209
Baidu 20180208
BitDefender 20180209
Bkav 20180208
CAT-QuickHeal 20180209
ClamAV 20180209
CMC 20180209
Comodo 20180209
CrowdStrike Falcon (ML) 20170201
Cybereason 20180205
Cylance 20180209
Cyren 20180209
DrWeb 20180209
eGambit 20180209
Emsisoft 20180209
Endgame 20171130
ESET-NOD32 20180209
F-Prot 20180209
F-Secure 20180209
Fortinet 20180209
GData 20180209
Ikarus 20180208
Sophos ML 20180121
Jiangmin 20180209
K7AntiVirus 20180208
K7GW 20180209
Kaspersky 20180209
Kingsoft 20180209
Malwarebytes 20180209
MAX 20180209
McAfee 20180209
McAfee-GW-Edition 20180209
Microsoft 20180209
eScan 20180209
NANO-Antivirus 20180209
nProtect 20180208
Palo Alto Networks (Known Signatures) 20180209
Panda 20180208
Qihoo-360 20180209
Rising 20180209
SentinelOne (Static ML) 20180115
Sophos AV 20180209
SUPERAntiSpyware 20180209
Symantec 20180209
Symantec Mobile Insight 20180209
Tencent 20180209
TheHacker 20180208
TotalDefense 20180208
TrendMicro 20180209
TrendMicro-HouseCall 20180209
Trustlook 20180209
VBA32 20180208
VIPRE 20180209
ViRobot 20180209
Webroot 20180209
Yandex 20180207
Zillya 20180208
ZoneAlarm by Check Point 20180209
Zoner 20180209
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2018 Free Snipping Tool

Product Free Snipping Tool
Original name Free Snipping Tool.exe
Internal name Free Snipping Tool
File version 1.0
Description This installer database contains the logic and data required to install Free Snipping Tool.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-12-06 13:04:18
Entry Point 0x000DA467
Number of sections 5
PE sections
Overlays
MD5 abf0d188ba12c3023698a79aff188b68
File type application/x-ms-dos-executable
Offset 1712128
Size 2782819
Entropy 7.99
PE imports
GetStdHandle
GetDriveTypeW
FileTimeToSystemTime
WaitForSingleObject
HeapDestroy
GetPrivateProfileSectionNamesW
GetFileAttributesW
GetExitCodeProcess
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
LocalAlloc
EnumSystemLocalesW
FreeEnvironmentStringsW
InitializeSListHead
InterlockedPopEntrySList
GetLocaleInfoW
EnumResourceLanguagesW
GetFileTime
WideCharToMultiByte
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
FormatMessageW
ConnectNamedPipe
InterlockedPushEntrySList
InitializeCriticalSection
LoadResource
GetLogicalDriveStringsW
FindClose
InterlockedDecrement
MoveFileW
SetFileAttributesW
EncodePointer
WritePrivateProfileStringW
GetEnvironmentVariableW
SetLastError
GetSystemTime
TlsGetValue
CopyFileW
GetUserDefaultLangID
OutputDebugStringW
OpenEventW
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
LoadLibraryA
QueryPerformanceFrequency
LoadLibraryExA
GetUserDefaultLCID
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
GetLocalTime
SetFilePointerEx
FlushInstructionCache
GetPrivateProfileStringW
GetFullPathNameW
CreateThread
GetSystemDirectoryW
GetExitCodeThread
SetUnhandledExceptionFilter
MulDiv
IsProcessorFeaturePresent
DecodePointer
TerminateProcess
GetModuleHandleExW
SetCurrentDirectoryW
VirtualQuery
GetDiskFreeSpaceExW
SetEndOfFile
GetCurrentThreadId
GetProcAddress
WriteConsoleW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
PeekNamedPipe
TerminateThread
LoadLibraryW
GetVersionExW
SetEvent
QueryPerformanceCounter
SetConsoleTextAttribute
TlsAlloc
VirtualProtect
FlushFileBuffers
lstrcmpiW
RtlUnwind
GetWindowsDirectoryW
GetFileSize
GetStartupInfoW
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
GetConsoleScreenBufferInfo
CreateNamedPipeW
GetProcessHeap
GetTempFileNameW
CompareStringW
RemoveDirectoryW
FindNextFileW
InterlockedIncrement
ResetEvent
FindFirstFileW
IsValidLocale
lstrcmpW
FindFirstFileExW
GlobalLock
ReadConsoleW
GetTempPathW
CreateEventW
CreateFileW
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
LCMapStringW
GetShortPathNameW
GetSystemInfo
GlobalFree
GetConsoleCP
FindResourceW
GetEnvironmentStringsW
GlobalUnlock
GlobalAlloc
lstrlenW
Process32NextW
VirtualFree
WaitForSingleObjectEx
SizeofResource
CompareFileTime
GetCurrentProcessId
LockResource
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
CopyFileExW
Process32FirstW
GetCurrentThread
lstrcpynW
GetSystemDefaultLangID
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
SetStdHandle
IsValidCodePage
FindResourceExW
CreateProcessW
Sleep
VirtualAlloc
GetOEMCP
Number of PE resources by type
RT_STRING 15
RT_DIALOG 13
RT_BITMAP 6
RT_ICON 5
RTF_FILE 2
RT_MENU 2
IMAGE_FILE 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 48
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

InitializedDataSize
515072

ImageVersion
0.0

ProductName
Free Snipping Tool

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
14.12

FileTypeExtension
exe

OriginalFileName
Free Snipping Tool.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0

TimeStamp
2017:12:06 14:04:18+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Free Snipping Tool

ProductVersion
1.0

FileDescription
This installer database contains the logic and data required to install Free Snipping Tool.

OSVersion
5.1

FileOS
Win32

LegalCopyright
Copyright (C) 2018 Free Snipping Tool

MachineType
Intel 386 or later, and compatibles

CompanyName
Free Snipping Tool

CodeSize
1196032

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0xda467

ObjectFileType
Dynamic link library

File identification
MD5 a736d1d45f19a982366c344370330d9f
SHA1 fc98f4380eb121ecfb975e0c081103c9e8f1cea1
SHA256 b8be6602fd7b10b1689b7025392cc2088456f6dc11407a8d3cfc18ca790e517e
ssdeep
98304:BJezx+4f/r9HpA0I1PnOFdX1MWkYJc1zupM2I:WzxT9HlI1fOFDMfFuI

authentihash 735dd6d3a7fdb1ea217487779c1dab007f6906d4d870c76182a120ae4bca7a87
imphash ac220fb01eeea4ecb84da554526c3e36
File size 4.3 MB ( 4494947 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (72.3%)
Win32 Executable (generic) (11.8%)
OS/2 Executable (generic) (5.3%)
Generic Win/DOS Executable (5.2%)
DOS Executable Generic (5.2%)
Tags
peexe overlay

VirusTotal metadata
First submission 2018-02-05 23:16:09 UTC ( 5 months, 1 week ago )
Last submission 2018-02-09 06:13:08 UTC ( 5 months, 1 week ago )
File names Free Snipping Tool.exe
free-snipping-tool-setup.exe
Free Snipping Tool
B8BE6602FD7B10B1689B7025392CC2088456F6DC11407A8D3CFC18CA790E517E.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Runtime DLLs