× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cdc95afa6ada9fd2192500a10b20de460e526d4ebfc19d5d9098e05e692682bc
File name: motocross-madness-2-4475.exe
Detection ratio: 0 / 69
Analysis date: 2018-10-03 02:34:20 UTC ( 7 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware 20181003
AegisLab 20181003
AhnLab-V3 20181002
Alibaba 20180921
ALYac 20181003
Antiy-AVL 20181003
Arcabit 20181003
Avast 20181003
Avast-Mobile 20181002
AVG 20181003
Avira (no cloud) 20181003
AVware 20180925
Babable 20180918
Baidu 20180930
BitDefender 20181003
Bkav 20181002
CAT-QuickHeal 20181001
ClamAV 20181002
CMC 20181002
Comodo 20181003
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20181003
Cyren 20181003
DrWeb 20181003
eGambit 20181003
Emsisoft 20181003
Endgame 20180730
ESET-NOD32 20181003
F-Prot 20181003
F-Secure 20181003
Fortinet 20181003
GData 20181003
Ikarus 20181002
Sophos ML 20180717
Jiangmin 20181003
K7AntiVirus 20181002
K7GW 20181001
Kaspersky 20181003
Kingsoft 20181003
Malwarebytes 20181003
MAX 20181003
McAfee 20181003
McAfee-GW-Edition 20181003
Microsoft 20181002
eScan 20181003
NANO-Antivirus 20181003
Palo Alto Networks (Known Signatures) 20181003
Panda 20181002
Qihoo-360 20181003
Rising 20181003
SentinelOne (Static ML) 20180926
Sophos AV 20181003
SUPERAntiSpyware 20180907
Symantec 20181002
Symantec Mobile Insight 20181001
TACHYON 20181003
Tencent 20181003
TheHacker 20181001
TotalDefense 20181002
TrendMicro 20181003
TrendMicro-HouseCall 20181003
Trustlook 20181003
VBA32 20181002
VIPRE 20181003
ViRobot 20181002
Webroot 20181003
Yandex 20180927
Zillya 20181002
ZoneAlarm by Check Point 20180925
Zoner 20181002
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© 1997-1999 Microsoft Corp.

Product Microsoft Games
Original name Setup.Exe
Internal name Setup.Exe
File version 1.2000.04.2507
Description Microsoft Games AutoRun/Setup
Comments AutoRun/Setup for Microsoft Games
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2000-04-25 20:40:12
Entry Point 0x000457F5
Number of sections 4
PE sections
Overlays
MD5 412fa0427585576c6c71e2407e4401ab
File type data
Offset 42811392
Size 58
Entropy 4.49
PE imports
RegDeleteKeyA
CloseServiceHandle
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
OpenSCManagerA
RegEnumKeyExA
RegQueryInfoKeyA
ImageList_LoadImageA
ImageList_Destroy
SetDIBits
GetDIBColorTable
AddFontResourceA
GetSystemPaletteEntries
GetTextMetricsA
GetObjectA
DeleteDC
SetBkMode
BitBlt
CreateDIBSection
RealizePalette
SetTextColor
GetDeviceCaps
CreateFontA
CreatePalette
GetStockObject
CreateBrushIndirect
SelectPalette
CreateCompatibleDC
RemoveFontResourceA
SelectObject
GetNearestPaletteIndex
GetPaletteEntries
SetDIBColorTable
SetBkColor
DeleteObject
ImmGetContext
GetStdHandle
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
SetEvent
GetDriveTypeA
HeapDestroy
IsValidLocale
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
lstrcatA
SetErrorMode
GetLogicalDrives
FreeEnvironmentStringsW
GetLocaleInfoW
SetFileAttributesA
GetFileTime
GetTempPathA
WideCharToMultiByte
GetStringTypeA
WriteFile
WaitForSingleObject
SetStdHandle
GetDiskFreeSpaceA
GetStringTypeW
ResumeThread
GetFullPathNameA
GetExitCodeProcess
LocalFree
GetThreadPriority
InitializeCriticalSection
LoadResource
FindClose
InterlockedDecrement
FindNextChangeNotification
SetLastError
VerLanguageNameA
DeviceIoControl
GetEnvironmentVariableA
ExitProcess
GetVersionExA
GetModuleFileNameA
QueryPerformanceFrequency
GetPriorityClass
GetPrivateProfileStringA
SetThreadPriority
GetUserDefaultLCID
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FormatMessageA
CreateMutexA
GetModuleHandleA
CreateThread
GetExitCodeThread
SetUnhandledExceptionFilter
GetSystemDirectoryA
MoveFileExA
SetEnvironmentVariableA
SetPriorityClass
TerminateProcess
FindCloseChangeNotification
SetEndOfFile
GetVersion
LeaveCriticalSection
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
GetOEMCP
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
ExitThread
FreeLibrary
GetStartupInfoA
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetCPInfo
WaitForMultipleObjects
CompareStringW
lstrcmpA
FindFirstFileA
lstrcpyA
CompareStringA
GetTempFileNameA
FindNextFileA
GlobalMemoryStatus
GetProcAddress
GetTimeZoneInformation
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
LCMapStringW
FindFirstChangeNotificationA
GetSystemInfo
lstrlenA
LCMapStringA
HeapReAlloc
GetEnvironmentStringsW
IsDBCSLeadByte
RemoveDirectoryA
GetShortPathNameA
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
LockResource
SetFileTime
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
SuspendThread
GetSystemDefaultLangID
RaiseException
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
EnumSystemLocalesA
GetACP
GetCurrentThreadId
FindResourceA
SizeofResource
CreateProcessA
IsValidCodePage
HeapCreate
VirtualFree
GetVolumeInformationA
Sleep
IsBadReadPtr
IsBadCodePtr
OpenEventA
VirtualAlloc
ResetEvent
SHChangeNotify
ShellExecuteExA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
MapWindowPoints
GetMessagePos
RedrawWindow
PostQuitMessage
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
GrayStringA
SetActiveWindow
GetDC
GetAsyncKeyState
DrawTextA
GetClassInfoA
UnregisterClassA
SendMessageA
GetNextDlgTabItem
EnumDisplaySettingsA
LoadImageA
MsgWaitForMultipleObjects
GetWindowTextA
DestroyWindow
GetMessageA
GetParent
SetPropA
EqualRect
EnumWindows
ShowWindow
GetPropA
GetNextDlgGroupItem
EnableWindow
PeekMessageA
TranslateMessage
IsWindowEnabled
CharUpperA
LoadStringA
GetWindowPlacement
IsIconic
RegisterClassA
GetWindowLongA
SetTimer
FillRect
CharNextA
WaitForInputIdle
GetUpdateRect
IsChild
IsDialogMessageA
SetFocus
CharPrevA
PostMessageA
BeginPaint
OffsetRect
KillTimer
RegisterWindowMessageA
DefWindowProcA
GetSystemMetrics
EnableMenuItem
GetWindowRect
SetCapture
ReleaseCapture
SetWindowLongA
RemovePropA
SetWindowTextA
CreateWindowExA
ScreenToClient
CreateDialogIndirectParamA
FindWindowExA
LoadCursorA
LoadIconA
GetDesktopWindow
SetForegroundWindow
ExitWindowsEx
DialogBoxIndirectParamA
CharToOemA
ReleaseDC
IntersectRect
EndDialog
CopyRect
GetCapture
FindWindowA
MessageBeep
DrawTextExA
SetRectEmpty
CallWindowProcA
MessageBoxA
DestroyCursor
wvsprintfA
SystemParametersInfoA
IsWindowVisible
UnionRect
InvalidateRect
wsprintfA
IsRectEmpty
GetClassNameA
GetFocus
GetKeyboardType
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
joyGetNumDevs
timeGetTime
waveOutGetDevCapsA
waveOutGetNumDevs
PlaySoundA
mmioInstallIOProcA
mciSendStringA
CoUninitialize
OleUninitialize
CoCreateInstance
CoInitialize
OleInitialize
PE exports
Number of PE resources by type
RT_STRING 17
RT_ICON 2
SETUPBINARY 1
PREPSTUBDATA 1
RT_GROUP_ICON 1
RT_VERSION 1
CABFILE 1
Number of PE resources by language
ENGLISH US 24
PE resources
Debug information
ExifTool file metadata
Tag_InjectBuild
01.2000.05.3142

CodeSize
348160

UninitializedDataSize
0

Comments
AutoRun/Setup for Microsoft Games

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

Tag_EngineBuild
444

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Microsoft Games AutoRun/Setup

LegalCopyright
1997-1999 Microsoft Corp.

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
42459136

EntryPoint
0x457f5

OriginalFileName
Setup.Exe

MIMEType
application/octet-stream

Tag_ScriptBuild
01.2000.05.3142

FileVersion
1.2000.04.2507

TimeStamp
2000:04:25 21:40:12+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Setup.Exe

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileVersionNumber
1.2000.4.2507

CompanyName
Microsoft Corporation

LegalTrademarks
Microsoft Corp.

ProductName
Microsoft Games

ProductVersionNumber
1.0.0.0

Tag_PrepstubBuild
5.2000.4.1801

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 de5d9dbe924a183b7887c0b8d508f8ad
SHA1 e6e55ad2603fddf37f498d0c15ce76c1fde48514
SHA256 cdc95afa6ada9fd2192500a10b20de460e526d4ebfc19d5d9098e05e692682bc
ssdeep
786432:2rCA9udXOdL9p465xJpTJjcG/4GmT7Z4aHSwXJiyspHI89V:1PWL9i6TLr/zmTd9H5Z5C

authentihash 1852af7a6be2ded261f4fdcd129811b76664a95e860656b4d083f023d7ea76b7
imphash c842b8a25cf292fe4a25d2976f12116f
File size 40.8 MB ( 42811450 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (53.0%)
Win64 Executable (generic) (34.0%)
Win32 Executable (generic) (5.5%)
OS/2 Executable (generic) (2.4%)
Generic Win/DOS Executable (2.4%)
Tags
peexe armadillo overlay

VirusTotal metadata
First submission 2013-09-06 16:46:11 UTC ( 5 years, 8 months ago )
Last submission 2018-10-03 02:34:20 UTC ( 7 months, 3 weeks ago )
File names motocross-madness-2-4475-jetelecharge.exe
CDC95AFA6ADA9FD2192500A10B20DE460E526D4EBFC19D5D9098E05E692682BC.exe
mcm2trl.exe
motocross-madness-2-4475-jetelecharge.exe
Setup.Exe
motocross-madness-2-4475.exe
motocross-madness-2-4475-jetelecharge.exe
MCM2Trl.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!