× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ba4b67937034f1eb5860fc4da7be0d310481e0adce211df2efd1e16f236f34fb
File name: 47a0af228a1bdea764b1168fbcb9e971
Detection ratio: 5 / 44
Analysis date: 2012-11-09 22:55:14 UTC ( 1 year, 5 months ago ) View latest
Antivirus Result Update
AVG Downloader.ILAgent 20121109
Avast Win32:Trojan-gen 20121109
ESET-NOD32 a variant of MSIL/TrojanDownloader.Banload.I 20121109
GData Win32:Trojan-gen 20121109
Symantec WS.Reputation.1 20121109
Agnitum 20121109
AhnLab-V3 20121109
AntiVir 20121109
Antiy-AVL 20121108
BitDefender 20121109
ByteHero 20121107
CAT-QuickHeal 20121109
ClamAV 20121109
Commtouch 20121109
Comodo 20121109
DrWeb 20121109
Emsisoft 20121109
F-Prot 20121109
F-Secure 20121109
Fortinet 20121109
Ikarus 20121109
Jiangmin 20121109
K7AntiVirus 20121109
Kaspersky 20121109
Kingsoft 20121105
McAfee 20121109
McAfee-GW-Edition 20121109
MicroWorld-eScan 20121109
Microsoft 20121109
Norman 20121109
PCTools 20121109
Panda 20121109
Rising 20121109
SUPERAntiSpyware 20121109
Sophos 20121109
TheHacker 20121109
TotalDefense 20121109
TrendMicro 20121109
TrendMicro-HouseCall 20121109
VBA32 20121109
VIPRE 20121109
ViRobot 20121109
eSafe 20121107
nProtect 20121109
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-10-25 15:50:00
Entry Point 0x00003E9E
Number of sections 4
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
4096

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
Copyright 2012

FileVersion
1.0.0.0

TimeStamp
2012:10:25 16:50:00+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Winamp_Mode.exe

ProductVersion
1.0.0.0

FileDescription
Winamp_Mode

OSVersion
4.0

OriginalFilename
Winamp_Mode.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
8192

ProductName
Winamp_Mode

ProductVersionNumber
1.0.0.0

EntryPoint
0x3e9e

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 47a0af228a1bdea764b1168fbcb9e971
SHA1 5f351965f1fcba1731452022c269fa9ce46c911e
SHA256 ba4b67937034f1eb5860fc4da7be0d310481e0adce211df2efd1e16f236f34fb
ssdeep
192:5HAdFWT/a6MhZmanloYk44NIDLTdWPOGDEf2C:JuYu6o+4k+LTdwOUEf2

File size 13.0 KB ( 13312 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win64 Executable Generic (49.3%)
Generic CIL Executable (.NET, Mono, etc.) (42.2%)
Win32 Executable Generic (4.9%)
Win16/32 Executable Delphi generic (1.1%)
Generic Win/DOS Executable (1.1%)
Tags
peexe

VirusTotal metadata
First submission 2012-11-09 22:55:14 UTC ( 1 year, 5 months ago )
Last submission 2012-11-15 05:53:52 UTC ( 1 year, 5 months ago )
File names Pendencias-serasa.com
47a0af228a1bdea764b1168fbcb9e971
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!