× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d389ae390f7301644fceec70eb63300c542b0522ba6ac1c278b0c160dd010802
File name: rebrb45t.exe
Detection ratio: 1 / 56
Analysis date: 2015-10-12 12:24:55 UTC ( 3 years, 7 months ago ) View latest
Antivirus Result Update
CMC Trojan.Win32.Swizzor.1!O 20151012
Ad-Aware 20151012
AegisLab 20151012
Yandex 20151011
AhnLab-V3 20151011
Alibaba 20151012
ALYac 20151012
Antiy-AVL 20151012
Arcabit 20151012
Avast 20151012
AVG 20151012
Avira (no cloud) 20151012
AVware 20151012
Baidu-International 20151012
BitDefender 20151012
Bkav 20151012
ByteHero 20151012
CAT-QuickHeal 20151012
ClamAV 20151012
Comodo 20151012
Cyren 20151012
DrWeb 20151012
Emsisoft 20151012
ESET-NOD32 20151012
F-Prot 20151012
F-Secure 20151012
Fortinet 20151012
GData 20151012
Ikarus 20151012
Jiangmin 20151011
K7AntiVirus 20151012
K7GW 20151010
Kaspersky 20151012
Kingsoft 20151012
Malwarebytes 20151011
McAfee 20151012
McAfee-GW-Edition 20151012
Microsoft 20151012
eScan 20151012
NANO-Antivirus 20151012
nProtect 20151008
Panda 20151012
Qihoo-360 20151012
Rising 20151011
Sophos AV 20151012
SUPERAntiSpyware 20151012
Symantec 20151011
Tencent 20151012
TheHacker 20151010
TrendMicro 20151012
TrendMicro-HouseCall 20151012
VBA32 20151012
VIPRE 20151012
ViRobot 20151012
Zillya 20151011
Zoner 20151012
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Codyssey.com

Product Freeraser Data Shredder
Original name Freeraser.exe
File version 1.0.0.23
Description Freeraser Data Shredder
Comments Freeraser provides ultimative easy to use tools for secure data deletion
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-10-12 11:53:25
Entry Point 0x0000692B
Number of sections 5
PE sections
PE imports
GetObjectA
LineTo
SetMapMode
DeleteDC
RestoreDC
SetBkMode
BitBlt
CreatePen
GetStockObject
SaveDC
TextOutA
CreateFontIndirectA
SelectObject
PlayMetaFile
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
MoveToEx
CreateSolidBrush
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
GetConsoleOutputCP
SetHandleCount
GetSystemInfo
lstrlenA
GetFileAttributesA
GetConsoleCP
GetOEMCP
LCMapStringA
IsDebuggerPresent
GetTickCount
TlsAlloc
GlobalUnlock
GetEnvironmentStringsW
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetModuleFileNameA
RaiseException
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
GetConsoleMode
WritePrivateProfileStringA
GetCurrentProcessId
LCMapStringW
UnhandledExceptionFilter
WideCharToMultiByte
ExitProcess
TlsGetValue
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetConsoleTitleA
GetCommandLineA
GetProcAddress
TlsFree
EnumSystemCodePagesW
SetStdHandle
GetModuleHandleA
WriteFile
WriteProfileStringA
GetCPInfo
GetStringTypeA
SetFilePointer
SetUnhandledExceptionFilter
lstrcpyA
TlsSetValue
GetProfileStringA
CloseHandle
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
HeapAlloc
TerminateProcess
QueryPerformanceCounter
WriteConsoleA
IsValidCodePage
HeapCreate
SetLastError
GetConsoleWindow
VirtualFree
InterlockedDecrement
Sleep
GetFileType
GetLocaleInfoA
CreateFileA
SetConsoleTitleA
GetCurrentThreadId
InterlockedIncrement
VirtualAlloc
GetStartupInfoA
WriteConsoleW
LeaveCriticalSection
CreateStdAccessibleObject
VariantTimeToSystemTime
UuidToStringA
RpcStringFreeA
UuidCreate
SHGetDesktopFolder
StrToIntExA
MapWindowPoints
EndDialog
BeginPaint
CheckRadioButton
DefWindowProcA
FindWindowA
SetWindowPos
GetSystemMetrics
GetWindowRect
EndPaint
LoadCursorW
LoadIconW
GetWindow
GetSysColor
GetDC
ReleaseDC
SetWindowTextA
wsprintfA
RegisterClassW
SendMessageA
GetClientRect
GetDlgItem
InvalidateRect
GetWindowLongA
SendMessageTimeoutA
FillRect
IsDlgButtonChecked
GetMenuState
LoadImageA
GetSystemMenu
GetFocus
WinVerifyTrust
getsockopt
bind
WSACleanup
WSAStartup
closesocket
socket
WTSEnumerateSessionsA
WTSQuerySessionInformationA
Ord(185)
StringFromCLSID
CoTaskMemFree
Number of PE resources by type
RT_DIALOG 10
RT_ICON 4
RT_HTML 2
RT_BITMAP 2
RT_MANIFEST 1
RT_ACCELERATOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 22
PE resources
ExifTool file metadata
FileTypeExtension
exe

UninitializedDataSize
0

Comments
Freeraser provides ultimative easy to use tools for secure data deletion

InitializedDataSize
251904

ImageVersion
0.0

ProductName
Freeraser Data Shredder

FileVersionNumber
1.0.0.23

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
9.0

Subsystem
Windows GUI

OriginalFileName
Freeraser.exe

MIMEType
application/octet-stream

Publisher
Codyssey.com

FileVersion
1.0.0.23

TimeStamp
2015:10:12 12:53:25+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

ProductVersion
1.0.0.23

FileDescription
Freeraser Data Shredder

OSVersion
5.0

FileOS
Windows NT 32-bit

LegalCopyright
Codyssey.com

MachineType
Intel 386 or later, and compatibles

CompanyName
Codyssey.com

CodeSize
85504

FileSubtype
0

ProductVersionNumber
1.0.0.23

EntryPoint
0x692b

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 6a95b030e91e804f73d14d14cb26e884
SHA1 63e87fef9316241c8061cec621241c65c76826f7
SHA256 d389ae390f7301644fceec70eb63300c542b0522ba6ac1c278b0c160dd010802
ssdeep
6144:sHPZgT0Ra/eSfmAOF1tEH+91QLLx4+SHF9oiEtbtQMDchwJ574Gpis7eEHT:sHPZYPoN6eKHx43HFgXQTwJ5pPf

authentihash c867dff139b3b31fba9f8d0f7ba62fd32f052b06525f1315e29634fd15d76d55
imphash d10fca3aae30f25cada9e1944f87fc50
File size 330.5 KB ( 338432 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386

TrID InstallShield setup (36.8%)
Win32 Executable MS Visual C++ (generic) (26.6%)
Win64 Executable (generic) (23.6%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Tags
peexe

VirusTotal metadata
First submission 2015-10-12 12:08:29 UTC ( 3 years, 7 months ago )
Last submission 2016-12-16 00:58:53 UTC ( 2 years, 5 months ago )
File names gicage.exe
Freeraser.exe
rebrb45t.exe
6a95b030e91e804f73d14d14cb26e884.exe
rebrb45t.vxe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Code injections in the following processes
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections