× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d6dfe0521d13b069864b93d77a5465706f1544fd78b5c6bd556fa37d7ca0a7b0
File name: flashplayer19_ga_update.exe
Detection ratio: 3 / 55
Analysis date: 2015-11-30 12:42:42 UTC ( 2 years ago ) View latest
Antivirus Result Update
Arcabit Trojan.A19773F50 20151130
Qihoo-360 QVM03.0.Malware.Gen 20151130
Tencent Win32.Trojan.Inject.Auto 20151130
Ad-Aware 20151130
AegisLab 20151130
Yandex 20151129
AhnLab-V3 20151130
Alibaba 20151130
ALYac 20151130
Antiy-AVL 20151130
Avast 20151130
AVG 20151130
Avira (no cloud) 20151130
AVware 20151130
Baidu-International 20151130
BitDefender 20151130
Bkav 20151130
ByteHero 20151130
CAT-QuickHeal 20151130
ClamAV 20151130
CMC 20151130
Comodo 20151130
Cyren 20151130
DrWeb 20151130
Emsisoft 20151130
ESET-NOD32 20151130
F-Prot 20151130
F-Secure 20151128
Fortinet 20151130
GData 20151130
Ikarus 20151130
Jiangmin 20151129
K7AntiVirus 20151130
K7GW 20151130
Kaspersky 20151130
Malwarebytes 20151130
McAfee 20151130
McAfee-GW-Edition 20151130
Microsoft 20151130
eScan 20151130
NANO-Antivirus 20151130
nProtect 20151130
Panda 20151129
Rising 20151129
Sophos AV 20151130
SUPERAntiSpyware 20151130
Symantec 20151129
TheHacker 20151127
TrendMicro 20151130
TrendMicro-HouseCall 20151130
VBA32 20151129
VIPRE 20151130
ViRobot 20151130
Zillya 20151130
Zoner 20151130
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product Retail Selling
Original name Retail Selling.exe
Internal name Retail Selling
File version 3.08.0003
Description Retail Selling
Comments Retail Selling
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-11-30 09:34:25
Entry Point 0x000012CC
Number of sections 3
PE sections
PE imports
_adj_fdiv_m32
__vbaChkstk
EVENT_SINK_Release
__vbaEnd
__vbaGenerateBoundsError
__vbaVarDup
__vbaGet4
_adj_fdivr_m64
_adj_fprem
Ord(678)
_adj_fpatan
EVENT_SINK_AddRef
Ord(650)
Ord(526)
__vbaDateVar
__vbaFileClose
_adj_fdiv_m32i
__vbaStrCopy
Ord(666)
__vbaExceptHandler
__vbaSetSystemError
__vbaFreeVarList
DllFunctionCall
__vbaFPException
__vbaStrVarMove
Ord(626)
_adj_fdivr_m16i
Ord(578)
_adj_fdiv_r
Ord(100)
__vbaFreeVar
Ord(570)
Ord(519)
Ord(619)
_CItan
__vbaFileOpen
_adj_fdiv_m64
_CIsin
_CIsqrt
__vbaHresultCheckObj
_CIlog
_allmul
Ord(530)
_CIcos
Ord(595)
EVENT_SINK_QueryInterface
_adj_fptan
Ord(593)
Ord(538)
__vbaVarMove
_CIatan
__vbaFreeStr
_adj_fdivr_m32i
Ord(553)
_CIexp
__vbaStrMove
_adj_fprem1
_adj_fdivr_m32
__vbaStrCat
__vbaFreeStrList
__vbaFpI4
__vbaFpI2
_adj_fdiv_m16i
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 2
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
Retail Selling

LinkerVersion
6.0

ImageVersion
3.8

FileSubtype
0

FileVersionNumber
3.8.0.3

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
16384

EntryPoint
0x12cc

OriginalFileName
Retail Selling.exe

MIMEType
application/octet-stream

FileVersion
3.08.0003

TimeStamp
2015:11:30 10:34:25+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Retail Selling

SubsystemVersion
4.0

ProductVersion
3.08.0003

FileDescription
Retail Selling

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
DVDVideoSoft Ltd.

CodeSize
626688

ProductName
Retail Selling

ProductVersionNumber
3.8.0.3

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 592899e0eb3c06fb9fda59d03e4b5b53
SHA1 3f500a11db5ea5ce13a95cda948703543fb41532
SHA256 d6dfe0521d13b069864b93d77a5465706f1544fd78b5c6bd556fa37d7ca0a7b0
ssdeep
12288:zwZwMTXsLH6obaulLy5gpMq0IgqDSQsX/4dklbBRrhguPYYKR7BFfswH:zawMTXsLH6dK+RGDDncQaHEYU/

authentihash 2ac4c92f88229d8ecda32c1abfeda3a132be086355991f6cd2203454b7953d53
imphash 3e10936070ade05395b8d42f1ada604b
File size 624.0 KB ( 638976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (84.4%)
Win32 Dynamic Link Library (generic) (6.7%)
Win32 Executable (generic) (4.6%)
Generic Win/DOS Executable (2.0%)
DOS Executable Generic (2.0%)
Tags
peexe

VirusTotal metadata
First submission 2015-11-30 11:17:29 UTC ( 2 years ago )
Last submission 2016-04-05 23:01:36 UTC ( 1 year, 8 months ago )
File names FlashPlayerUpdate.ex
FirefoxUpdate.exe
592899e0eb3c06fb9fda59d03e4b5b53
Retail Selling
CompatTelRunner.exe
ChromeUpda11te.exe
592899e0eb3c06fb9fda59d03e4b5b53.bin
4E6A.tmp
FlashPlayerUpdate.exe
d6dfe0521d13b069864b93d77a5465706f1544fd78b5c6bd556fa37d7ca0a7b0.bin
Retail Selling.exe
flashplayer19_ga_update.exe
free17ld.exe
ChromeUpdate.exe
d6dfe0521d13b069864b93d77a5465706f1544fd78b5c6bd556fa37d7ca0a7b0.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!