× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bcda23debbd9f3c4f7eadba35a53f3e060ff9984f1d3a3f9fb032ebfcdbee645
File name: acdzip.exe
Detection ratio: 1 / 62
Analysis date: 2017-06-02 06:09:02 UTC ( 1 year, 8 months ago ) View latest
Antivirus Result Update
TheHacker Trojan/Small.nav 20170528
Ad-Aware 20170602
AegisLab 20170602
AhnLab-V3 20170602
Alibaba 20170602
ALYac 20170602
Antiy-AVL 20170602
Arcabit 20170602
Avast 20170602
AVG 20170602
Avira (no cloud) 20170601
AVware 20170602
Baidu 20170601
BitDefender 20170602
Bkav 20170601
CAT-QuickHeal 20170602
ClamAV 20170602
CMC 20170602
Comodo 20170602
CrowdStrike Falcon (ML) 20170420
Cyren 20170602
DrWeb 20170602
Emsisoft 20170602
Endgame 20170515
ESET-NOD32 20170602
F-Prot 20170602
F-Secure 20170602
Fortinet 20170602
GData 20170602
Ikarus 20170601
Sophos ML 20170519
Jiangmin 20170602
K7AntiVirus 20170602
K7GW 20170602
Kaspersky 20170602
Kingsoft 20170602
Malwarebytes 20170602
McAfee 20170602
McAfee-GW-Edition 20170602
Microsoft 20170602
eScan 20170602
NANO-Antivirus 20170602
nProtect 20170602
Palo Alto Networks (Known Signatures) 20170602
Panda 20170601
Qihoo-360 20170602
Rising None
SentinelOne (Static ML) 20170516
Sophos AV 20170602
SUPERAntiSpyware 20170602
Symantec 20170602
Symantec Mobile Insight 20170601
Tencent 20170602
TotalDefense 20170602
TrendMicro 20170602
TrendMicro-HouseCall 20170602
Trustlook 20170602
VBA32 20170601
VIPRE 20170602
ViRobot 20170602
Webroot 20170602
WhiteArmor 20170601
Yandex 20170601
Zillya 20170601
ZoneAlarm by Check Point 20170602
Zoner 20170602
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 2001 ACD Systems Ltd

Product ACDZip Trial Version
File version 1.00.0000
Description Setup Launcher
Comments
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-06-24 18:22:31
Entry Point 0x00015D7F
Number of sections 4
PE sections
Overlays
MD5 54eee8f20f5acff15e808c5fbd12b3cb
File type data
Offset 217088
Size 2978419
Entropy 7.73
PE imports
GetTokenInformation
RegDeleteKeyA
LookupPrivilegeValueA
RegOpenKeyA
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges
RegQueryValueA
FreeSid
RegQueryValueExA
AllocateAndInitializeSid
OpenThreadToken
RegSetValueExA
EqualSid
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegEnumValueA
GetDeviceCaps
GetObjectA
TranslateCharsetInfo
DeleteDC
GetSystemPaletteEntries
SetBkMode
SelectObject
CreatePalette
GetStockObject
CreateDIBitmap
SelectPalette
CreateFontIndirectA
CreateSolidBrush
GetTextExtentPointA
BitBlt
CreateCompatibleDC
DeleteObject
RealizePalette
SetTextColor
GetStdHandle
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
lstrcatA
UnhandledExceptionFilter
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
WideCharToMultiByte
GetStringTypeA
WriteFile
GetDiskFreeSpaceA
GetStringTypeW
SetFileAttributesA
GetExitCodeProcess
LocalFree
MoveFileA
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
FormatMessageA
SetLastError
GetEnvironmentVariableA
CopyFileA
ExitProcess
GetVersionExA
GetModuleFileNameA
QueryPerformanceFrequency
GetPrivateProfileStringA
GetSystemDefaultLCID
TlsGetValue
MultiByteToWideChar
GetModuleHandleA
_lclose
CreateThread
TlsSetValue
GetExitCodeThread
SetUnhandledExceptionFilter
TerminateProcess
GlobalAlloc
LocalFileTimeToFileTime
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
FreeLibrary
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
SystemTimeToFileTime
GetFileSize
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetEvent
GetProcAddress
CompareStringW
lstrcmpA
FindFirstFileA
lstrcpyA
CompareStringA
GetTempFileNameA
CreateFileMappingA
ExpandEnvironmentStringsA
RemoveDirectoryA
CreateEventA
GetFileType
GetPrivateProfileSectionA
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
DosDateTimeToFileTime
LCMapStringW
HeapCreate
GetSystemInfo
lstrlenA
GlobalFree
LCMapStringA
HeapReAlloc
GetEnvironmentStringsW
GlobalUnlock
VirtualQuery
lstrlenW
OpenFile
SizeofResource
SearchPathA
WritePrivateProfileStringA
LockResource
SetFileTime
GetCPInfo
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
MapViewOfFile
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetACP
GlobalLock
GetVersion
GetEnvironmentStrings
CreateProcessA
IsValidCodePage
UnmapViewOfFile
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
VirtualAlloc
GetOEMCP
ResetEvent
VariantChangeType
SysStringLen
SysAllocStringLen
VariantClear
SysAllocString
SysReAllocStringLen
SysFreeString
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
GetMessageA
GetParent
CharPrevA
IntersectRect
EndDialog
BeginPaint
DrawIcon
KillTimer
PostQuitMessage
DefWindowProcA
ShowWindow
FillRect
SetWindowPos
FindWindowA
SendDlgItemMessageA
GetSystemMetrics
IsWindow
GetWindowRect
DispatchMessageA
ClientToScreen
LoadStringA
PostMessageA
MoveWindow
GetDlgItemTextA
MessageBoxA
PeekMessageA
GetWindowDC
SetWindowLongA
wvsprintfA
TranslateMessage
DialogBoxParamA
UpdateWindow
GetSysColor
GetDC
ReleaseDC
GetDlgCtrlID
GetClassInfoA
DestroyIcon
GetWindowLongA
GetWindowPlacement
SendMessageA
GetClientRect
SetTimer
GetDlgItem
CreateDialogParamA
CharLowerBuffA
SubtractRect
RegisterClassA
SetRect
wsprintfA
GetWindowTextLengthA
CreateWindowExA
LoadCursorA
LoadIconA
SetWindowTextA
EnableWindow
GetSysColorBrush
CharNextA
WaitForInputIdle
GetDesktopWindow
MsgWaitForMultipleObjects
EndPaint
GetWindowTextA
DestroyWindow
ExitWindowsEx
IsDialogMessageA
SetCursor
VerLanguageNameA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
CoUninitialize
CoInitialize
StgIsStorageFile
CoCreateGuid
CoCreateInstance
StgOpenStorage
StringFromCLSID
GetRunningObjectTable
CoTaskMemFree
CreateItemMoniker
Number of PE resources by type
RT_ICON 9
RT_DIALOG 5
RT_STRING 3
RT_GROUP_ICON 3
GIF 1
RT_GROUP_CURSOR 1
RT_MANIFEST 1
RT_CURSOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 24
NEUTRAL 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.4.262.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0002

FileDescription
Setup Launcher

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
102400

EntryPoint
0x15d7f

MIMEType
application/octet-stream

LegalCopyright
Copyright 2001 ACD Systems Ltd

FileVersion
1.00.0000

TimeStamp
2002:06:24 19:22:31+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.00.0000

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows 16-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
ACD Systems

CodeSize
126976

ProductName
ACDZip Trial Version

ProductVersionNumber
7.4.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 25a6a17c87bccdc500b3c388347a434c
SHA1 09c37abdedbdf2e77864daac7c468d98d936ab45
SHA256 bcda23debbd9f3c4f7eadba35a53f3e060ff9984f1d3a3f9fb032ebfcdbee645
ssdeep
98304:ZSWUYyYSvxA0xkGU6vzr8vNzSFa2vkLHZ:sWwvxhxw6vMvNzlb

authentihash ee462a65317a0e94bac58a88f874af2d13d239f5ab6e988dd8a6550bcce15851
imphash 3df1cad47b0f4f27a8eb25481d61d147
File size 3.0 MB ( 3195507 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (24.7%)
Win32 EXE PECompact compressed (generic) (23.9%)
Win32 Executable MS Visual C++ (generic) (17.9%)
Win64 Executable (generic) (15.9%)
Windows screen saver (7.5%)
Tags
peexe armadillo overlay

VirusTotal metadata
First submission 2009-07-14 03:08:48 UTC ( 9 years, 7 months ago )
Last submission 2019-01-11 06:16:28 UTC ( 1 month, 1 week ago )
File names 51175
acdzip.exe
BCDA23DEBBD9F3C4F7EADBA35A53F3E060FF9984F1D3A3F9FB032EBFCDBEE645
fuIQB.js
1341953960-acdzip.exe
H_gW4kx2.exe
acdzip.exe
acdzip.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!