× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bafe42bfa45719309657e1e1f5f0635b4d38a4c365b8c3c3fb4ffbf75bf61652
File name: 69958
Detection ratio: 0 / 67
Analysis date: 2018-04-20 06:18:02 UTC ( 1 month ago ) View latest
Antivirus Result Update
Ad-Aware 20180420
AegisLab 20180420
AhnLab-V3 20180419
Alibaba 20180420
ALYac 20180420
Antiy-AVL 20180418
Arcabit 20180419
Avast 20180420
Avast-Mobile 20180420
AVG 20180420
Avira (no cloud) 20180420
AVware 20180420
Babable 20180406
Baidu 20180419
BitDefender 20180420
Bkav 20180410
CAT-QuickHeal 20180419
ClamAV 20180420
CMC 20180419
Comodo 20180420
CrowdStrike Falcon (ML) 20180418
Cybereason 20180225
Cylance 20180420
Cyren 20180420
DrWeb 20180420
eGambit 20180420
Endgame 20180403
ESET-NOD32 20180420
F-Prot 20180420
F-Secure 20180420
Fortinet 20180420
GData 20180420
Ikarus 20180419
Sophos ML 20180121
Jiangmin 20180420
K7AntiVirus 20180420
K7GW 20180420
Kaspersky 20180420
Kingsoft 20180420
Malwarebytes 20180420
MAX 20180420
McAfee 20180420
McAfee-GW-Edition 20180420
Microsoft 20180420
eScan 20180420
NANO-Antivirus 20180420
nProtect 20180420
Palo Alto Networks (Known Signatures) 20180420
Panda 20180419
Qihoo-360 20180420
Rising 20180420
SentinelOne (Static ML) 20180225
Sophos AV 20180420
SUPERAntiSpyware 20180420
Symantec 20180419
Symantec Mobile Insight 20180419
Tencent 20180420
TheHacker 20180415
TotalDefense 20180420
TrendMicro 20180420
TrendMicro-HouseCall 20180420
Trustlook 20180420
VBA32 20180419
VIPRE 20180420
ViRobot 20180420
Webroot 20180420
Yandex 20180419
Zillya 20180419
ZoneAlarm by Check Point 20180420
Zoner 20180419
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT NSIS, appended, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-10-17 09:19:53
Entry Point 0x00003544
Number of sections 5
PE sections
Overlays
MD5 5dc197289257bcc11cdcdc88a92ed42f
File type data
Offset 64512
Size 5383856
Entropy 8.00
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegEnumValueW
RegOpenKeyExW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
ImageList_Create
Ord(17)
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
CreateFontIndirectW
SetBkMode
CreateBrushIndirect
SelectObject
SetBkColor
DeleteObject
SetTextColor
GetLastError
WriteFile
CopyFileW
GetUserDefaultLangID
GetShortPathNameW
LoadLibraryA
lstrlenA
GetModuleFileNameW
GlobalFree
WaitForSingleObject
GetVersionExW
GetExitCodeProcess
ExitProcess
GlobalUnlock
GetFileAttributesW
lstrlenW
GetCurrentProcess
CompareFileTime
FindNextFileW
GetFileSize
OpenProcess
SetFileTime
GetCommandLineW
GetWindowsDirectoryW
SetErrorMode
MultiByteToWideChar
CreateDirectoryW
SetFilePointer
GlobalLock
GetPrivateProfileStringW
WritePrivateProfileStringW
GetTempFileNameW
lstrcpynW
RemoveDirectoryW
ExpandEnvironmentStringsW
lstrcpyW
GetFullPathNameW
lstrcmpiA
CreateThread
LoadLibraryW
GetModuleHandleA
GetSystemDirectoryW
GetDiskFreeSpaceW
ReadFile
GetTempPathW
CloseHandle
DeleteFileW
FindFirstFileW
lstrcmpW
GetModuleHandleW
lstrcatW
lstrcpynA
FreeLibrary
SearchPathW
WideCharToMultiByte
lstrcmpiW
SetCurrentDirectoryW
lstrcpyA
CreateFileW
GlobalAlloc
CreateProcessW
FindClose
Sleep
MoveFileW
SetFileAttributesW
GetTickCount
GetProcAddress
LoadLibraryExW
MulDiv
SHBrowseForFolderW
SHFileOperationW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
EmptyClipboard
GetMessagePos
EndPaint
EndDialog
LoadBitmapW
SetClassLongW
DefWindowProcW
CharPrevW
PostQuitMessage
ShowWindow
FillRect
SetWindowPos
GetSystemMetrics
SetWindowLongW
IsWindow
PeekMessageW
GetWindowRect
EnableWindow
GetDC
CharUpperW
DialogBoxParamW
GetClassInfoW
AppendMenuW
CharNextW
IsWindowEnabled
GetDlgItemTextW
MessageBoxIndirectW
GetSysColor
CheckDlgButton
DispatchMessageW
CreateDialogParamW
BeginPaint
CreatePopupMenu
SendMessageW
SetCursor
SetClipboardData
GetWindowLongW
IsWindowVisible
SetForegroundWindow
SetWindowTextW
GetDlgItem
SystemParametersInfoW
LoadImageW
EnableMenuItem
ScreenToClient
InvalidateRect
wsprintfA
SetTimer
CallWindowProcW
TrackPopupMenu
RegisterClassW
FindWindowExW
CharNextA
SetDlgItemTextW
LoadCursorW
GetSystemMenu
SendMessageTimeoutW
CreateWindowExW
wsprintfW
CloseClipboard
GetClientRect
DrawTextW
DestroyWindow
ExitWindowsEx
OpenClipboard
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
OleUninitialize
CoTaskMemFree
OleInitialize
CoCreateInstance
Number of PE resources by type
RT_DIALOG 24
RT_ICON 6
RT_GROUP_ICON 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 32
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2009:10:17 11:19:53+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
25088

LinkerVersion
7.1

EntryPoint
0x3544

InitializedDataSize
144384

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
2048

Execution parents
File identification
MD5 c288db1c690cbe6ca50d24700d3433c0
SHA1 24619f58bf6ed35feb11659dfa393bd6151eb6c2
SHA256 bafe42bfa45719309657e1e1f5f0635b4d38a4c365b8c3c3fb4ffbf75bf61652
ssdeep
98304:lRKxw1AUXs9ggWlwsWixAxdL1ymXFUHjUP5JR6cxqQHDk/+/YO0:l1hsWlwcAxdLom1UHj+5JRZq4k/eYO0

authentihash 7a9e84355dab2e2a6542ccaee1fd4fd9c0ee737d5ca37a406c4e9940f0c3e959
imphash 1c829295060bee5b39db5f21e20abecd
File size 5.2 MB ( 5448368 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
nsis peexe overlay software-collection

VirusTotal metadata
First submission 2011-05-03 14:14:13 UTC ( 7 years ago )
Last submission 2018-05-23 17:29:06 UTC ( 1 day ago )
File names m-iso-creator.exe
922108
c288db1c690cbe6ca50d24700d3433c0_INFF2CB.tmp
misocreator.exe
c288db1c690cbe6ca50d24700d3433c0.exe
c288db1c690cbe6ca50d24700d3433c0
c288db1c690cbe6ca50d24700d3433c0
C288DB1C690CBE6CA50D24700D3433C0.bin
m-iso-creator.exe
file
file-2933502_EXE
69958
file
m-iso-creator.exe
file-2920126_EXE
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!