× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d3940b36779a5e64d2bc79ab3898eb65401cf91a9dd5ccde6947d543f112be1a
File name: super-mario-pc-fun-2-5764-jetelecharge.exe
Detection ratio: 4 / 57
Analysis date: 2017-01-17 03:24:54 UTC ( 1 year, 7 months ago ) View latest
Antivirus Result Update
Sophos ML trojanspy.win32.banker.xe 20170111
Jiangmin Adware/Agent.lb 20170117
TheHacker Trojan/generic 20170117
Zillya Trojan.Keylogger.Win32.3748 20170116
Ad-Aware 20170117
AegisLab 20170117
AhnLab-V3 20170117
Alibaba 20170117
ALYac 20170117
Antiy-AVL 20170117
Arcabit 20170117
Avast 20170117
AVG 20170116
Avira (no cloud) 20170116
AVware 20170117
Baidu 20170116
BitDefender 20170117
CAT-QuickHeal 20170116
ClamAV 20170117
CMC 20170116
Comodo 20170117
CrowdStrike Falcon (ML) 20161024
Cyren 20170117
DrWeb 20170117
Emsisoft 20170117
ESET-NOD32 20170117
F-Prot 20170117
F-Secure 20170117
Fortinet 20170117
GData 20170117
Ikarus 20170116
K7AntiVirus 20170116
K7GW 20170117
Kaspersky 20170117
Kingsoft 20170117
Malwarebytes 20170117
McAfee 20170108
McAfee-GW-Edition 20170117
Microsoft 20170117
eScan 20170117
NANO-Antivirus 20170117
nProtect 20170117
Panda 20170116
Qihoo-360 20170117
Rising 20170117
Sophos AV 20170117
SUPERAntiSpyware 20170116
Symantec 20170116
Tencent 20170117
TotalDefense 20170116
TrendMicro 20170117
TrendMicro-HouseCall 20170117
Trustlook 20170117
VBA32 20170116
VIPRE 20170117
ViRobot 20170116
WhiteArmor 20170116
Yandex 20170116
Zoner 20170117
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product Super Mario PC Fun 2 Install Program
File version 2, 0, 0, 26
Packers identified
F-PROT UPX
PEiD UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-12-13 10:11:37
Entry Point 0x00024850
Number of sections 3
PE sections
Overlays
MD5 3a7ad0b5fc4fc528a34253c883ebb089
File type data
Offset 68096
Size 3611970
Entropy 8.00
PE imports
RegCloseKey
BitBlt
LoadLibraryA
ExitProcess
GetProcAddress
SHGetMalloc
IsIconic
VerFindFileA
CoGetMalloc
Number of PE resources by type
RT_ICON 5
RT_DIALOG 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
PE resources
ExifTool file metadata
UninitializedDataSize
90112

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.0.0.26

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
12288

EntryPoint
0x24850

MIMEType
application/octet-stream

FileVersion
2, 0, 0, 26

TimeStamp
2006:12:13 11:11:37+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
2, 0, 0, 26

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
57344

ProductName
Super Mario PC Fun 2 Install Program

ProductVersionNumber
2.0.0.26

FileTypeExtension
exe

ObjectFileType
Executable application

Execution parents
PCAP parents
File identification
MD5 00cb6560a7133d310738b8bed489e576
SHA1 0db9dd1bccb6e6f5f080d2b479edadb568b946ff
SHA256 d3940b36779a5e64d2bc79ab3898eb65401cf91a9dd5ccde6947d543f112be1a
ssdeep
98304:W8QXvLce9Uug3SAQQYiqR3xCuO7M02dBMvyFWhqFvol8:H0DccPgCAciJuO7qzSyFWsFvoO

authentihash 91b91f94d3ce9fd303760f003997c74c33f9e45be0c7b25162114c3b0af71dd8
imphash dbafcd1eb78ccc1c29dad4e15bbcfab7
File size 3.5 MB ( 3680066 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (39.3%)
Win32 EXE Yoda's Crypter (38.6%)
Win32 Dynamic Link Library (generic) (9.5%)
Win32 Executable (generic) (6.5%)
Generic Win/DOS Executable (2.9%)
Tags
peexe upx overlay

VirusTotal metadata
First submission 2011-04-15 00:23:49 UTC ( 7 years, 4 months ago )
Last submission 2017-01-17 03:24:54 UTC ( 1 year, 7 months ago )
File names output.19362093.txt
19362093
super-mario-pc-fun-2-5764-jetelecharge.exe
aa
installsupermariopcfun2.exe
installsupermariopcfun2.exe
super-mario-pc-fun-2-5764-jetelecharge.exe
d3940b36779a5e64d2bc79ab3898eb65401cf91a9dd5ccde6947d543f112be1a
super-mario-pc-fun-2-5764-jetelecharge.exe
super-mario-pc-fun-2-5764-jetelecharge.exe
yHMKr5vHbR.js
installsupermariopcfun2.exe
uME_dl.html
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!