× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bf25b6c415673b3797572b7e57688278f72dbd69836aca38dced83b6e3045aae
File name: cheatengine-i386.exe
Detection ratio: 3 / 49
Analysis date: 2014-02-25 13:45:36 UTC ( 3 years ago ) View latest
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
ESET-NOD32 a variant of Win32/HackTool.CheatEngine.AB 20140225
K7GW Hacktool ( 00129fbe1 ) 20140225
Kingsoft Win32.HackTool.Undef.(kcloud) 20140225
AVG 20140225
Ad-Aware 20140225
Yandex 20140223
AhnLab-V3 20140224
AntiVir 20140225
Antiy-AVL 20140225
Avast 20140225
Baidu-International 20140225
BitDefender 20140225
Bkav 20140224
ByteHero 20140225
CAT-QuickHeal 20140225
CMC 20140220
ClamAV 20140225
Commtouch 20140225
Comodo 20140225
DrWeb 20140225
Emsisoft 20140225
F-Prot 20140225
F-Secure 20140225
Fortinet 20140225
GData 20140225
Ikarus 20140225
Jiangmin 20140225
K7AntiVirus 20140225
Kaspersky 20140225
Malwarebytes 20140225
McAfee 20140225
McAfee-GW-Edition 20140225
eScan 20140225
Microsoft 20140225
NANO-Antivirus 20140225
Norman 20140224
Panda 20140224
Qihoo-360 20140220
Rising 20140223
SUPERAntiSpyware 20140225
Sophos 20140225
Symantec 20140225
TheHacker 20140224
TotalDefense 20140225
TrendMicro 20140225
TrendMicro-HouseCall 20140225
VBA32 20140224
VIPRE 20140225
ViRobot 20140225
nProtect 20140225
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
File version 6.3.0.3293
Description Cheat Engine
Signature verification Signed file, verified signature
Signing date 2:38 PM 6/30/2013
Signers
[+] Cheat Engine
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer GlobalSign CodeSigning CA - G2
Valid from 3:26 AM 3/25/2013
Valid to 12:08 PM 7/22/2014
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint E896DC18DF16CAE692BD11C874FD70395AFA5A6A
Serial number 11 21 EC FE BA 3F 53 10 2B 74 1B 7E 1A ED B2 50 1C 7C
[+] GlobalSign CodeSigning CA - G2
Status Valid
Issuer GlobalSign Root CA
Valid from 11:00 AM 4/13/2011
Valid to 11:00 AM 4/13/2019
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 9000401777DD2B43393D7B594D2FF4CBA4516B38
Serial number 04 00 00 00 00 01 2F 4E E1 35 5C
[+] GlobalSign
Status Valid
Issuer GlobalSign Root CA
Valid from 1:00 PM 9/1/1998
Valid to 1:00 PM 1/28/2028
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, IPSEC IKE Intermediate
Algorithm sha1RSA
Thumbprint B1BC968BD4F49D622AA89A81F2150152A41D829C
Serial number 04 00 00 00 00 01 15 4B 5A C3 94
Counter signers
[+] GlobalSign Time Stamping Authority
Status The revocation status of the certificate or one of the certificates in the certificate chain is unknown., Error 65536 (0x10000), The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer GlobalSign Timestamping CA
Valid from 10:32 AM 12/21/2009
Valid to 10:32 AM 12/22/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint AEDF7DF76BBA2410D67DBAF18F5BA15B417E496C
Serial number 01 00 00 00 00 01 25 B0 B4 CC 01
[+] GlobalSign Timestamping CA
Status Valid
Issuer GlobalSign Root CA
Valid from 12:00 PM 3/18/2009
Valid to 1:00 PM 1/28/2028
Valid usage All
Algorithm sha1RSA
Thumbrint 958D23902D5448314F2F811034356A58255CDC9B
Serial number 04 00 00 00 00 01 20 19 C1 90 66
[+] GlobalSign
Status Valid
Issuer GlobalSign Root CA
Valid from 1:00 PM 9/1/1998
Valid to 1:00 PM 1/28/2028
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, IPSEC IKE Intermediate
Algorithm sha1RSA
Thumbrint B1BC968BD4F49D622AA89A81F2150152A41D829C
Serial number 04 00 00 00 00 01 15 4B 5A C3 94
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Entry Point 0x0041E810
Number of sections 6
PE sections
Overlays
MD5 a4d4abd2e99f7da2fc92a31e6844d233
File type data
Offset 6746112
Size 5816
Entropy 7.43
PE imports
RegDeleteKeyA
LookupPrivilegeValueA
RegCloseKey
OpenServiceA
RegQueryValueExA
AdjustTokenPrivileges
LookupAccountSidA
RegCreateKeyExA
CloseServiceHandle
RegFlushKey
OpenProcessToken
CreateServiceA
RegOpenKeyExA
RegEnumValueA
GetTokenInformation
RegEnumKeyExA
RegQueryInfoKeyA
ChangeServiceConfigA
AllocateAndInitializeSid
RegSetValueExA
StartServiceA
RegDeleteValueA
OpenSCManagerA
ImageList_GetImageCount
ImageList_BeginDrag
ImageList_Destroy
ImageList_AddMasked
InitCommonControls
ImageList_Replace
ImageList_DragLeave
ImageList_Remove
ImageList_DragShowNolock
ImageList_DrawIndirect
ImageList_DragMove
ImageList_Create
ImageList_DrawEx
ImageList_EndDrag
ImageList_Copy
ImageList_DragEnter
ImageList_Add
ImageList_SetImageCount
GetOpenFileNameW
ChooseFontW
GetSaveFileNameW
GetOpenFileNameA
ChooseColorA
CommDlgExtendedError
GetSaveFileNameA
ChooseFontA
SetMapMode
GetWindowOrgEx
GetTextMetricsA
GetCharABCWidthsA
CombineRgn
GetROP2
GetViewportOrgEx
GetObjectType
GetTextExtentPointA
SetPixel
IntersectClipRect
CreateEllipticRgn
CreateDIBitmap
GetDIBits
ExtCreateRegion
SetPixelFormat
SetTextAlign
GetDCOrgEx
StretchBlt
SwapBuffers
Pie
SetWindowExtEx
Arc
SetViewportExtEx
ExtCreatePen
SetBkColor
GetBkColor
TextOutW
CreateFontIndirectW
OffsetRgn
CreateFontIndirectA
LPtoDP
GetBitmapBits
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
PtInRegion
ChoosePixelFormat
BitBlt
EnumFontFamiliesA
GetObjectA
FillRgn
CreateBrushIndirect
SelectPalette
CreatePenIndirect
ExtSelectClipRgn
SetROP2
GetTextColor
DeleteObject
CreateCompatibleDC
GetWindowExtEx
PatBlt
CreatePen
GetClipBox
Rectangle
GetDeviceCaps
LineTo
DeleteDC
GetMapMode
GetObjectW
RealizePalette
CreatePatternBrush
ExtTextOutW
CreateBitmap
RectVisible
GetStockObject
ExtTextOutA
SelectClipRgn
RoundRect
GetTextAlign
GetTextExtentPoint32A
SetWindowOrgEx
SelectObject
GetViewportExtEx
SetTextCharacterExtra
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
GetRgnBox
SaveDC
MaskBlt
GetRandomRgn
GetTextExtentExPointA
RestoreDC
GetPixel
GetTextExtentExPointW
CreateDIBSection
SetTextColor
ExtFloodFill
GetCurrentObject
MoveToEx
EnumFontFamiliesExW
SetViewportOrgEx
SetArcDirection
CreateRoundRectRgn
EnumFontFamiliesExA
SetStretchBltMode
PolyBezier
Chord
SetBrushOrgEx
CreateRectRgn
GetClipRgn
SetPolyFillMode
CreateCompatibleBitmap
CreateSolidBrush
Polyline
DPtoLP
Ellipse
HtmlHelpA
StackWalk64
SymEnumerateSymbols
SymLoadModule64
SymSetOptions
SymGetOptions
SymGetModuleBase64
SymCleanup
SymInitialize
SymEnumerateSymbols64
SymEnumerateModules64
SymFunctionTableAccess64
SymSetSearchPath
SymEnumerateModules
ImmReleaseContext
ImmNotifyIME
ImmGetCompositionStringW
ImmGetContext
SetThreadLocale
GetStdHandle
FileTimeToDosDateTime
GetConsoleOutputCP
FileTimeToSystemTime
CreateFileMappingA
GetFileAttributesA
SetEvent
FindFirstFileW
GetFileAttributesW
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
OpenFileMappingA
SetErrorMode
GetFileTime
GetTempPathA
WideCharToMultiByte
WriteFile
WaitForSingleObject
EnumResourceLanguagesA
ConnectNamedPipe
SetFileAttributesA
GetExitCodeProcess
LocalFree
MoveFileA
GetThreadPriority
GetLogicalDriveStringsA
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
FormatMessageA
SetFileAttributesW
OutputDebugStringA
BeginUpdateResourceA
SetLastError
PeekNamedPipe
DeviceIoControl
SuspendThread
RemoveDirectoryW
TryEnterCriticalSection
CopyFileA
ExitProcess
GetModuleFileNameA
UpdateResourceA
EnumCalendarInfoA
LoadLibraryExA
SetThreadPriority
MultiByteToWideChar
SetProcessAffinityMask
FlushInstructionCache
MoveFileW
SetFilePointer
CreateThread
GetExitCodeThread
GlobalAddAtomA
SetUnhandledExceptionFilter
MulDiv
ExitThread
GetThreadSelectorEntry
GlobalMemoryStatus
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
VirtualQueryEx
SetEndOfFile
GetCurrentThreadId
SetCurrentDirectoryA
CloseHandle
HeapFree
EnterCriticalSection
TerminateThread
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
EndUpdateResourceA
GlobalSize
GetStartupInfoA
GetDateFormatA
GetFileSize
WriteProcessMemory
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
ReadProcessMemory
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetProcessHeap
CompareStringW
GlobalReAlloc
FindNextFileW
EnumResourceNamesA
CompareStringA
GetProcessWorkingSetSize
FindNextFileA
TerminateProcess
DuplicateHandle
WaitForMultipleObjects
GetProcAddress
GetProcessAffinityMask
CreateFileW
CreateEventA
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
DosDateTimeToFileTime
GlobalDeleteAtom
GetSystemInfo
GetEnvironmentStringsA
ResumeThread
GetThreadLocale
GlobalUnlock
FindResourceExA
CreateNamedPipeA
RemoveDirectoryA
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
SetFileTime
GetCurrentDirectoryA
GetCommandLineA
GetCurrentThread
EnumResourceTypesA
QueryPerformanceFrequency
MapViewOfFile
GetModuleHandleA
ReadFile
SetProcessWorkingSetSize
FindFirstFileA
GetACP
GlobalLock
FreeResource
CreateProcessA
UnmapViewOfFile
VirtualFree
Sleep
FindResourceA
VirtualAlloc
GetOEMCP
ResetEvent
lua_createtable
lua_call
lua_pushlstring
luaL_unref
lua_pushinteger
lua_pushcclosure
luaL_loadstring
lua_settable
lua_isuserdata
lua_type
lua_tocfunction
lua_gettop
lua_close
lua_setmetatable
luaL_ref
lua_setfield
lua_tolstring
lua_pushboolean
luaL_newstate
lua_objlen
lua_rawseti
lua_tointeger
lua_getmetatable
lua_rawgeti
lua_error
lua_pcall
lua_newuserdata
lua_settop
lua_atpanic
lua_toboolean
lua_pushnil
lua_newthread
lua_pushvalue
lua_pushnumber
lua_tonumber
lua_isnumber
luaL_openlibs
lua_gettable
luaL_loadfile
lua_pushstring
lua_getfield
lua_isstring
lua_pushlightuserdata
lua_touserdata
OleUninitialize
CLSIDFromProgID
CoInitialize
CoTaskMemAlloc
CoCreateGuid
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
GetErrorInfo
CoTaskMemFree
OleInitialize
VariantCopy
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayPtrOfIndex
SysAllocStringLen
SafeArrayUnaccessData
VariantClear
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayRedim
SysFreeString
SafeArrayPutElement
VariantInit
VariantChangeTypeEx
wglUseFontBitmapsA
wglMakeCurrent
wglCreateContext
DragQueryFileW
DragFinish
ExtractIconA
DragAcceptFiles
SHGetPathFromIDListW
SHBrowseForFolder
SHGetSpecialFolderLocation
SHGetPathFromIDList
DragQueryFileA
SHGetMalloc
ShellExecuteA
SHBrowseForFolderW
RedrawWindow
GetForegroundWindow
SetWindowRgn
UnregisterHotKey
DrawTextW
DrawStateA
EnableScrollBar
DestroyMenu
PostQuitMessage
SetWindowLongW
DrawStateW
SetWindowPos
WindowFromDC
IsWindow
DispatchMessageA
EndPaint
ScrollWindowEx
GetWindowLongA
SetMenuItemInfoA
CharUpperBuffA
WindowFromPoint
CharUpperBuffW
SetActiveWindow
GetDC
GetAsyncKeyState
ChildWindowFromPointEx
GetClassInfoA
GetMenu
UnregisterClassA
IsClipboardFormatAvailable
SendMessageA
UnregisterClassW
GetClassInfoW
SetCaretPos
CharLowerBuffA
CallNextHookEx
GetWindowTextLengthA
CharUpperA
GetActiveWindow
GetWindowTextW
EnumClipboardFormats
LoadImageA
GetWindowTextLengthW
MsgWaitForMultipleObjects
GetMenuItemInfoA
GetWindowTextA
InvalidateRgn
GetKeyState
DestroyWindow
DrawEdge
GetParent
UpdateWindow
SetPropA
CreateCaret
ShowWindow
GetCaretPos
DrawFrameControl
GetClipboardFormatNameA
PeekMessageW
EnableWindow
SetWindowPlacement
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
DestroyCaret
SetClipboardData
InsertMenuItemA
GetIconInfo
SetParent
RegisterClassW
ScrollWindow
GetSystemMetrics
IsZoomed
GetWindowPlacement
CloseWindow
DrawMenuBar
EnableMenuItem
RegisterClassA
TrackPopupMenuEx
DrawFocusRect
EnumPropsA
CreateWindowExA
OemToCharA
ShowOwnedPopups
FillRect
EnumThreadWindows
GetSysColorBrush
CreateWindowExW
ReleaseDC
CreateMenu
OpenClipboard
MapWindowPoints
EmptyClipboard
SetCapture
BeginPaint
OffsetRect
DefWindowProcW
keybd_event
KillTimer
SetTimer
DefWindowProcA
GetClipboardData
CharLowerA
IsIconic
GetWindowRect
InflateRect
PostMessageA
ReleaseCapture
SetWindowLongA
PostMessageW
RemovePropA
CreatePopupMenu
ShowCaret
GetSubMenu
PtInRect
DrawIconEx
SetWindowTextW
GetDCEx
GetDlgItem
BringWindowToTop
ClientToScreen
LoadCursorA
LoadIconA
CountClipboardFormats
GetMenuItemCount
GetDesktopWindow
GetSystemMenu
DispatchMessageW
SetForegroundWindow
PostThreadMessageA
CharToOemA
GetCursorPos
CharLowerBuffW
IntersectRect
GetScrollInfo
HideCaret
CreateIconIndirect
GetCapture
ScreenToClient
FindWindowA
MessageBeep
SetClassLongA
RemoveMenu
GetWindowThreadProcessId
ShowScrollBar
MessageBoxW
SendMessageW
GetPropA
SetMenu
RegisterClipboardFormatA
IsRectEmpty
MessageBoxA
IsMenu
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
SetScrollInfo
CopyImage
SystemParametersInfoA
SetSysColors
GetDoubleClickTime
DestroyIcon
GetTopWindow
GetWindowLongW
IsWindowVisible
SetCursorPos
FrameRect
SetRect
DeleteMenu
InvalidateRect
SendMessageTimeoutA
CallWindowProcW
DrawTextA
SetWindowTextA
SetFocus
GetClientRect
CallWindowProcA
GetClassNameA
GetFocus
CloseClipboard
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
recvfrom
recv
socket
setsockopt
bind
send
WSACleanup
WSAStartup
connect
sendto
closesocket
WSAStartup
gethostbyname
gethostbyaddr
Number of PE resources by type
RT_RCDATA 33
RT_DIALOG 1
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 38
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
2.62

ImageVersion
1.0

FileVersionNumber
6.3.0.3293

UninitializedDataSize
40276

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
2204796

EntryPoint
0x41e810

MIMEType
application/octet-stream

FileVersion
6.3.0.3293

TimeStamp
0000:00:00 00:00:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
6.3

FileDescription
Cheat Engine

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Cheat Engine

CodeSize
4315200

FileSubtype
0

ProductVersionNumber
6.3.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Execution parents
Compressed bundles
File identification
MD5 d2aa9bb0e3220378c1022e8c951b73ee
SHA1 b20b0bd8e5cdd280c5dc922ffd896df50d208cb7
SHA256 bf25b6c415673b3797572b7e57688278f72dbd69836aca38dced83b6e3045aae
ssdeep
196608:LJLx4DB64hex9ezvOm31hRe3r0vPBKqhBSw:LJF4V648wv7lhc70vPBK4D

authentihash 6db85f223de915d5de5b29c6f901aeeb9b5d0d9995765fcc9d6694c4c0a491bf
imphash 46f9a1675b5238251f045c4aa4e526f4
File size 6.4 MB ( 6751928 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 EXE PECompact compressed (generic) (35.3%)
Win32 Executable MS Visual C++ (generic) (26.5%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2013-07-04 13:34:45 UTC ( 3 years, 7 months ago )
Last submission 2017-02-16 19:56:55 UTC ( 1 week, 4 days ago )
File names d2aa9bb0e3220378c1022e8c951b73ee.exe
hapak_key.exe
statdb.EXE
Dark Souls 2 V1.02 Trainer 22 MrAntiFun (3).EXE
787ebc20-sample.exe
Stronghold 3 V1.10.27781 Trainer 2 MrAntiFun.EXE
bf25b6c415673b37_broforce%2520v4.2.2.12621%2520trainer.exe
Assassin Creed Liberation HD Trainer +5 MrAntiFun C.EXE
cheatengine-i386.exe
Marvel Avengers Alliance Trainer V7 x86 - Brandon's PC.EXE
Assassin Creed Liberation HD Trainer +5.EXE
SE3.EXE
cheatengine-i386.exe
InfiniteZ Trainer - SG_[www.unknowncheats.me]_.exe
file-6442677_exe
cheatengine-i386.exe
cheatengine-i386.exe
Marvel V7.1 x86.EXE
SouthParkSOT_STEAM_PLUS6_TRN-dEViATED (2).exe
Assassin Creed Liberation HD Trainer +5 MrAntiFun C.EXE
토크온고스트마이크.exe
N3.exe
BO2 Multiplayer Trainer.EXE
cheatengine-i386.exe
Assassin Creed Liberation HD Trainer +5 MrAntiFun C.EXE
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!