× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: dd4cd1aad451c90af1dc2d0960dff7559974f9d3c4f7b7d3e49ca888fa65d3cf
File name: 7z.sfx
Detection ratio: 0 / 56
Analysis date: 2015-04-09 06:01:37 UTC ( 4 years, 1 month ago )
Antivirus Result Update
Ad-Aware 20150409
AegisLab 20150409
Yandex 20150408
AhnLab-V3 20150408
Alibaba 20150409
ALYac 20150409
Antiy-AVL 20150409
Avast 20150409
AVG 20150409
AVware 20150409
Baidu-International 20150408
BitDefender 20150409
Bkav 20150407
ByteHero 20150409
CAT-QuickHeal 20150409
ClamAV 20150409
CMC 20150408
Comodo 20150409
Cyren 20150409
DrWeb 20150409
Emsisoft 20150409
ESET-NOD32 20150409
F-Prot 20150409
F-Secure 20150409
Fortinet 20150409
GData 20150409
Ikarus 20150409
Jiangmin 20150408
K7AntiVirus 20150408
K7GW 20150409
Kaspersky 20150409
Kingsoft 20150409
Malwarebytes 20150409
McAfee 20150409
McAfee-GW-Edition 20150409
Microsoft 20150409
eScan 20150409
NANO-Antivirus 20150409
Norman 20150409
nProtect 20150408
Panda 20150408
Qihoo-360 20150409
Rising 20150406
Sophos AV 20150409
SUPERAntiSpyware 20150409
Symantec 20150409
Tencent 20150409
TheHacker 20150408
TotalDefense 20150408
TrendMicro 20150409
TrendMicro-HouseCall 20150409
VBA32 20150408
VIPRE 20150409
ViRobot 20150408
Zillya 20150408
Zoner 20150407
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 1999-2009 Igor Pavlov

Publisher Igor Pavlov
Product 7-Zip
Original name 7z.sfx.exe
Internal name 7z.sfx
File version 4.65
Description 7z SFX
Packers identified
F-PROT appended, 7Z, embedded
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-02-03 07:21:07
Entry Point 0x0001939C
Number of sections 4
PE sections
PE imports
AreFileApisANSI
GetLastError
GetStdHandle
EnterCriticalSection
FileTimeToSystemTime
lstrlenA
RemoveDirectoryW
WaitForSingleObject
SetEvent
GetCommandLineW
SetFileTime
SetFileAttributesW
GetVersionExA
RemoveDirectoryA
DeleteFileA
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoA
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetFileSize
CreateDirectoryA
GetModuleHandleW
GetCurrentDirectoryA
MultiByteToWideChar
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
FormatMessageA
SetFileAttributesA
SetFilePointer
GetFullPathNameW
CloseHandle
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleA
ReadFile
WriteFile
FormatMessageW
FindFirstFileA
ResetEvent
FindFirstFileW
GetProcAddress
GetFullPathNameA
LocalFree
MoveFileA
InitializeCriticalSection
CreateFileW
VirtualFree
CreateEventA
FindClose
Sleep
MoveFileW
SetEndOfFile
CreateFileA
VirtualAlloc
SetLastError
LeaveCriticalSection
_purecall
__p__fmode
malloc
__CxxFrameHandler
??1type_info@@UAE@XZ
memset
__dllonexit
_controlfp
_except_handler3
_onexit
exit
_XcptFilter
memcmp
__setusermatherr
__p__commode
_acmdln
_CxxThrowException
_adjust_fdiv
free
__getmainargs
memcpy
memmove
_beginthreadex
_initterm
_exit
__set_app_type
SysFreeString
VariantClear
SysAllocString
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
EndDialog
KillTimer
MessageBoxW
PostMessageA
CharUpperW
DialogBoxParamW
SetWindowLongA
DialogBoxParamA
CharUpperA
SetWindowTextA
SendMessageW
LoadStringA
SendMessageA
LoadStringW
SetWindowTextW
GetDlgItem
GetWindowLongA
GetWindowTextLengthA
SetTimer
IsDlgButtonChecked
GetWindowTextW
GetWindowTextLengthW
GetWindowTextA
CoUninitialize
CoInitialize
Number of PE resources by type
RT_STRING 5
RT_DIALOG 5
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 14
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.65.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
47616

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 1999-2009 Igor Pavlov

FileVersion
4.65

TimeStamp
2009:02:03 08:21:07+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
7z.sfx

ProductVersion
4.65

FileDescription
7z SFX

OSVersion
4.0

OriginalFilename
7z.sfx.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Igor Pavlov

CodeSize
109056

ProductName
7-Zip

ProductVersionNumber
4.65.0.0

EntryPoint
0x1939c

ObjectFileType
Executable application

File identification
MD5 912e9f162f0d85ddb99e56a1ca22fc46
SHA1 599e6e855c38b007c886abcd61fbc3572a15a8c0
SHA256 dd4cd1aad451c90af1dc2d0960dff7559974f9d3c4f7b7d3e49ca888fa65d3cf
ssdeep
24576:2diiqAlhsgBWxRlBAB5qgK+Y01wmfDrqeSm9P2TFYVv:hiq8hZI2BIgm01zDrqereTFYZ

authentihash fb3789a083a68e9198440f3a8c931bab59c0bcd1f0ca9558c332b6ecbb693d54
imphash 26fbf291a240b90efae516aa59675d40
File size 868.0 KB ( 888842 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe armadillo

VirusTotal metadata
First submission 2012-12-24 02:10:35 UTC ( 6 years, 5 months ago )
Last submission 2012-12-24 02:10:35 UTC ( 6 years, 5 months ago )
File names 7z.sfx.exe
dd4cd1aad451c90af1dc2d0960dff7559974f9d3c4f7b7d3e49ca888fa65d3cf
7z.sfx
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!