× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bc1e2d4499d5aa58bc2b555052c179ac0414ac95625d22b16bdda873cbbdc13a
File name: eccfb49b723671b37056ff68e7ae06b8
Detection ratio: 40 / 56
Analysis date: 2015-05-13 00:01:00 UTC ( 4 years ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.137056 20150513
Yandex Trojan.Emotet! 20150512
AhnLab-V3 Worm/Win32.VBNA 20150512
ALYac Gen:Variant.Zusy.137056 20150512
Antiy-AVL Trojan/Win32.VBKrypt 20150513
Avast Win32:Malware-gen 20150513
AVG Atros.SLC 20150512
AVware Trojan.Win32.Generic.pak!cobra 20150513
Baidu-International Adware.Win32.Agent.Elnx 20150512
BitDefender Gen:Variant.Zusy.137056 20150513
ByteHero Virus.Win32.Heur.p 20150513
Cyren W32/Trojan.YZDQ-5790 20150513
Emsisoft Gen:Variant.Zusy.137056 (B) 20150513
ESET-NOD32 Win32/Emotet.AD 20150512
F-Secure Gen:Variant.Zusy.137056 20150513
Fortinet W32/Emotet.AD!tr 20150513
GData Gen:Variant.Zusy.137056 20150513
Ikarus Trojan.Win32.Emotet 20150513
Jiangmin Trojan/Blocker.ahsz 20150511
K7AntiVirus Trojan ( 004b5df11 ) 20150512
K7GW Trojan ( 004b5df11 ) 20150512
Kaspersky Trojan.Win32.VBKrypt.vftd 20150513
Malwarebytes Trojan.Agent.TXC 20150512
McAfee RDN/Generic.dx!dq3 20150513
McAfee-GW-Edition RDN/Generic.dx!dq3 20150513
Microsoft Trojan:Win32/Emotet.G 20150513
eScan Gen:Variant.Zusy.137056 20150513
NANO-Antivirus Trojan.Win32.VBKrypt.dqosjm 20150513
Norman Troj_Generic_2.AUGP 20150512
Panda Trj/Genetic.gen 20150512
Qihoo-360 HEUR/QVM03.0.Malware.Gen 20150513
Sophos AV Mal/Generic-S 20150513
SUPERAntiSpyware Trojan.Agent/Gen-Ransom 20150512
Symantec Trojan.Gen.2 20150513
Tencent Trojan.Win32.Qudamah.Gen.17 20150513
TrendMicro TROJ_GEN.R00UC0DDM15 20150513
TrendMicro-HouseCall TROJ_GEN.R00UC0DDM15 20150513
VBA32 TScope.Trojan.VB 20150511
VIPRE Trojan.Win32.Generic.pak!cobra 20150513
ViRobot Worm.Win32.S.Agent.186621[h] 20150512
AegisLab 20150513
Alibaba 20150513
Bkav 20150512
CAT-QuickHeal 20150512
ClamAV 20150513
CMC 20150508
Comodo 20150513
DrWeb 20150513
F-Prot 20150513
Kingsoft 20150513
nProtect 20150512
Rising 20150512
TheHacker 20150511
TotalDefense 20150512
Zillya 20150510
Zoner 20150511
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
REW is room acoustics analysis software for measuring

Publisher REW is room acoustics analysis software for measuring
Product REW is room acoustics analysis software for measuring
Original name TextConv.exe
Internal name TextConv
File version 1.00.0087
Description REW is room acoustics analysis software for measuring
Comments REW is room acoustics analysis software for measuring
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-04-14 14:14:30
Entry Point 0x0000113C
Number of sections 3
PE sections
Overlays
MD5 2f9d7723d2f16da9f2764216598e2034
File type data
Offset 135168
Size 51453
Entropy 7.95
PE imports
EVENT_SINK_QueryInterface
Ord(537)
Ord(516)
Ord(616)
EVENT_SINK_Invoke
Ord(320)
Ord(685)
Ord(525)
EVENT_SINK_AddRef
Ord(300)
EVENT_SINK_GetIDsOfNames
Ord(717)
__vbaExceptHandler
Ord(632)
MethCallEngine
DllFunctionCall
Zombie_GetTypeInfoCount
Zombie_GetTypeInfo
Ord(599)
Ord(608)
Ord(570)
Ord(534)
Ord(100)
Ord(319)
Ord(321)
ProcCallEngine
EVENT_SINK_Release
Ord(595)
Ord(306)
Ord(631)
Ord(563)
Number of PE resources by type
RT_ICON 4
RT_STRING 1
RT_VERSION 1
CEROL 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 6
THAI DEFAULT 2
PE resources
ExifTool file metadata
LegalTrademarks
REW is room acoustics analysis software for measuring

SubsystemVersion
4.0

Comments
REW is room acoustics analysis software for measuring

LinkerVersion
6.0

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.87

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
REW is room acoustics analysis software for measuring

CharacterSet
Unicode

InitializedDataSize
53248

EntryPoint
0x113c

OriginalFileName
TextConv.exe

MIMEType
application/octet-stream

LegalCopyright
REW is room acoustics analysis software for measuring

FileVersion
1.00.0087

TimeStamp
2015:04:14 15:14:30+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
TextConv

ProductVersion
1.00.0087

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
REW is room acoustics analysis software for measuring

CodeSize
90112

ProductName
REW is room acoustics analysis software for measuring

ProductVersionNumber
1.0.0.87

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 eccfb49b723671b37056ff68e7ae06b8
SHA1 66de69ceec8d9df379d84df6380028bd31c36061
SHA256 bc1e2d4499d5aa58bc2b555052c179ac0414ac95625d22b16bdda873cbbdc13a
ssdeep
3072:IOQhZOOQhZOOQhZHpNyM70OQhZOOQhZOOQhZe7+mKQDtouWI:4+mroRI

authentihash 051230d188690518b97bb591deb2c4e23dc9a999b7aa1a8b763794c9a55c4d72
imphash e3a34091ec374788497ca1e84e08789e
File size 182.2 KB ( 186621 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (90.5%)
Win32 Executable (generic) (4.9%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-04-18 20:45:40 UTC ( 4 years, 1 month ago )
Last submission 2015-04-18 20:45:40 UTC ( 4 years, 1 month ago )
File names TextConv.exe
TextConv
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!