× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c47cf190afb2c4f2aa44e569c25afda764a0d38993f5af3d09cce6b8eba90224
File name: 719599
Detection ratio: 0 / 57
Analysis date: 2016-05-14 19:20:13 UTC ( 2 years, 10 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160514
AegisLab 20160514
AhnLab-V3 20160514
Alibaba 20160513
ALYac 20160514
Antiy-AVL 20160514
Arcabit 20160514
Avast 20160514
AVG 20160514
Avira (no cloud) 20160514
AVware 20160511
Baidu 20160514
Baidu-International 20160514
BitDefender 20160514
Bkav 20160514
CAT-QuickHeal 20160514
ClamAV 20160514
CMC 20160510
Comodo 20160514
Cyren 20160514
DrWeb 20160514
Emsisoft 20160514
ESET-NOD32 20160514
F-Prot 20160514
F-Secure 20160514
Fortinet 20160514
GData 20160514
Ikarus 20160514
Jiangmin 20160514
K7AntiVirus 20160514
K7GW 20160514
Kaspersky 20160514
Kingsoft 20160514
Malwarebytes 20160514
McAfee 20160514
McAfee-GW-Edition 20160514
Microsoft 20160514
eScan 20160514
NANO-Antivirus 20160514
nProtect 20160513
Panda 20160514
Qihoo-360 20160514
Rising 20160514
Sophos AV 20160514
SUPERAntiSpyware 20160514
Symantec 20160514
Tencent 20160514
TheHacker 20160514
TotalDefense 20160514
TrendMicro 20160514
TrendMicro-HouseCall 20160514
VBA32 20160513
VIPRE 20160514
ViRobot 20160514
Yandex 20160513
Zillya 20160514
Zoner 20160514
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) Yamicsoft

Product WinXP Manager
Original name xpmanager.exe
Internal name xpmanager
File version 8.0.1
Description WinXP Manager Setup packet.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-12-09 16:11:39
Entry Point 0x0002D447
Number of sections 4
PE sections
Overlays
MD5 daf73b1be86f407bfff3130bb577699b
File type data
Offset 404480
Size 5008296
Entropy 7.82
PE imports
DestroyPropertySheetPage
CreatePropertySheetPageW
PropertySheetW
GetDeviceCaps
GetWindowExtEx
SetMapMode
DeleteDC
CreateFontIndirectW
SetBkMode
GetStockObject
GetObjectW
SelectObject
GetViewportExtEx
GetMapMode
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
WaitForSingleObject
HeapDestroy
GetFileAttributesW
lstrcmpW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetTempPathA
WideCharToMultiByte
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetEvent
FormatMessageW
GetExitCodeProcess
InitializeCriticalSection
OutputDebugStringW
GetLogicalDriveStringsW
FindClose
InterlockedDecrement
MoveFileW
SetFileAttributesW
GetEnvironmentVariableW
SetLastError
GetSystemTime
TlsGetValue
CopyFileW
GetUserDefaultLangID
LoadResource
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
lstrcmpiW
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
FlushInstructionCache
GetModuleHandleA
CreateThread
GetSystemDirectoryW
GetExitCodeThread
SetUnhandledExceptionFilter
CreateMutexW
MulDiv
IsProcessorFeaturePresent
GlobalMemoryStatus
SearchPathW
WriteConsoleA
GetVersion
SetCurrentDirectoryW
GlobalAlloc
GetDiskFreeSpaceExW
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
UnlockFile
GetWindowsDirectoryW
GetFileSize
LCMapStringW
OpenProcess
DeleteFileA
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
GetTempFileNameW
RemoveDirectoryW
FindNextFileW
ResetEvent
GetTempFileNameA
FindFirstFileW
TerminateProcess
DuplicateHandle
GlobalLock
GetTempPathW
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
EnumResourceLanguagesW
GetShortPathNameW
CreateNamedPipeW
GlobalFree
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
VirtualFree
SizeofResource
GetCurrentProcessId
LockResource
GetCommandLineW
GetCPInfo
HeapSize
InterlockedCompareExchange
lstrcpynW
GetSystemDefaultLangID
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
FindResourceExW
CreateProcessA
IsValidCodePage
HeapCreate
FindResourceW
CreateProcessW
Sleep
VirtualAlloc
GetOEMCP
VarUI4FromStr
OleLoadPicture
SHGetFolderPathW
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetMalloc
PathFileExistsW
SetFocus
RedrawWindow
GetForegroundWindow
GetParent
EmptyClipboard
GetScrollRange
EndDialog
DestroyWindow
DefWindowProcW
ModifyMenuW
KillTimer
DestroyMenu
PostQuitMessage
ShowWindow
MessageBeep
LoadMenuW
MapWindowPoints
CloseClipboard
GetSystemMetrics
EnableMenuItem
IsWindow
PeekMessageW
GetWindowRect
EnableWindow
DialogBoxParamW
LoadIconW
GetWindowDC
SetPropW
TranslateMessage
GetWindow
PostMessageW
MessageBoxW
GetPropW
DispatchMessageW
CreateDialogParamW
ReleaseDC
GetDlgCtrlID
SendMessageW
UnregisterClassA
SetClipboardData
IsWindowVisible
LoadStringW
GetClientRect
SetWindowLongW
GetDlgItem
RemovePropW
SystemParametersInfoW
LoadImageW
SetWindowPos
GetDC
ScreenToClient
InvalidateRect
GetScrollPos
GetSubMenu
SetTimer
CallWindowProcW
TrackPopupMenu
GetWindowTextLengthW
GetActiveWindow
SetWindowTextW
GetWindowTextW
GetDesktopWindow
GetSystemMenu
FindWindowW
CreateWindowExW
MsgWaitForMultipleObjects
GetWindowLongW
SetForegroundWindow
CharNextW
ExitWindowsEx
OpenClipboard
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CreateILockBytesOnHGlobal
Number of PE resources by type
RT_DIALOG 12
RT_ICON 12
RT_STRING 9
RTF_FILE 2
RT_MENU 2
IMAGE_FILE 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 42
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
8.0.1.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
WinXP Manager Setup packet.

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
147456

EntryPoint
0x2d447

OriginalFileName
xpmanager.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) Yamicsoft

FileVersion
8.0.1

TimeStamp
2011:12:09 17:11:39+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
xpmanager

ProductVersion
8.0.1

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Yamicsoft

CodeSize
256000

ProductName
WinXP Manager

ProductVersionNumber
8.0.1.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Execution parents
Compressed bundles
File identification
MD5 fada2f28c0b61024c33db5c735a19327
SHA1 029d71e2d8dad9384044c02679145b6b89b541bb
SHA256 c47cf190afb2c4f2aa44e569c25afda764a0d38993f5af3d09cce6b8eba90224
ssdeep
98304:qXZ2dqqSDY5At0FweGr7/AlsDcnSAClrYFtFsnDC3BiTDqdsB50DmoqnCdTvCO:qXmCf0yl7Y18lKFsOxiTDTBXoomP

authentihash 03816ea9464b86cda986867a1722cd6e164cd8beea1fe30844f3ec4e1831a5fb
imphash 6d18548ea866762b45cee4a64efcf2ef
File size 5.2 MB ( 5412776 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-08-24 18:10:16 UTC ( 3 years, 7 months ago )
Last submission 2019-03-23 14:57:07 UTC ( 15 hours, 58 minutes ago )
File names xpmanager.exe
winxp-manager-802-jetelecharge.exe
winxp-manager-802-jetelecharge.exe
Yamicsoft-WindowsXP-Manager.exe
xpmanager.exe
xpmanager.exe
xpmanager.exe
WinXP Manager 8.0.1.exe
029d71e2d8dad9384044c02679145b6b89b541bb.exe
C47CF190AFB2C4F2AA44E569C25AFDA764A0D38993F5AF3D09CCE6B8EBA90224
xpmanager
xpmanager.exe
xpmanager801.exe
719599
xpmanager.exe
c47cf190afb2c4f2aa44e569c25afda764a0d38993f5af3d09cce6b8eba90224
xpmanager.exe
xpmanager.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created mutexes
Runtime DLLs