× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e04463bd32b21d9fb83a6da4c519c5eb0ad6a64ba07b9335252478317eb2d146
File name: CopyFolderInstaller1.8.exe
Detection ratio: 0 / 55
Analysis date: 2017-01-09 19:54:44 UTC ( 11 months ago ) View latest
Antivirus Result Update
Ad-Aware 20170109
AegisLab 20170109
AhnLab-V3 20170109
Alibaba 20170109
ALYac 20170109
Antiy-AVL 20170109
Arcabit 20170109
Avast 20170109
AVG 20170109
Avira (no cloud) 20170109
AVware 20170109
Baidu 20170109
BitDefender 20170109
Bkav 20170109
CAT-QuickHeal 20170109
ClamAV 20170109
CMC 20170109
Comodo 20170109
CrowdStrike Falcon (ML) 20161024
Cyren 20170109
DrWeb 20170109
Emsisoft 20170109
ESET-NOD32 20170109
F-Prot 20170109
F-Secure 20170109
Fortinet 20170109
GData 20170109
Ikarus 20170109
Sophos ML 20161216
Jiangmin 20170109
K7AntiVirus 20170109
K7GW 20170109
Kaspersky 20170109
Kingsoft 20170109
Malwarebytes 20170109
McAfee 20170108
McAfee-GW-Edition 20170109
Microsoft 20170109
eScan 20170109
NANO-Antivirus 20170109
nProtect 20170109
Panda 20170109
Qihoo-360 20170109
Rising 20170109
Sophos AV 20170109
SUPERAntiSpyware 20170109
Tencent 20170109
TheHacker 20170108
TrendMicro 20170109
TrendMicro-HouseCall 20170109
Trustlook 20170109
VBA32 20170109
VIPRE 20170109
ViRobot 20170109
WhiteArmor 20170109
Yandex 20170109
Zillya 20170109
Zoner 20170109
The file being studied is a Portable Executable file! More specifically, it is a unknown file for the Windows GUI subsystem.
FileVersionInfo properties
Product CopyFolder 1.8
Original name C:\Users\davidw\Documents\Programming\CopyFolder\Build\CopyFolderInstaller1.8.exe
File version 1.8
Description CopyFolder 1.8
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-09-05 04:15:02
Entry Point 0x00001814
Number of sections 4
PE sections
Overlays
MD5 d416388fc2c2fc2a77da55cc51936787
File type data
Offset 24576
Size 495567
Entropy 8.00
PE imports
GetLastError
HeapFree
GetStdHandle
lstrlenA
FreeLibrary
ExitProcess
LoadLibraryA
GetModuleFileNameA
lstrcatA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetCommandLineA
GetProcAddress
GetProcessHeap
GetTempPathA
SetFilePointer
lstrcmpA
ReadFile
WriteFile
CloseHandle
GetTempFileNameA
CreateFileA
HeapAlloc
wsprintfA
MessageBoxA
Number of PE resources by type
RT_ICON 3
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 6
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.8.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unknown (1200)

InitializedDataSize
1335296

EntryPoint
0x1814

OriginalFileName
C:\Users\davidw\Documents\Programming\CopyFolder\Build\CopyFolderInstaller1.8.exe

MIMEType
application/octet-stream

FileVersion
1.8

TimeStamp
2011:09:05 05:15:02+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.8

FileDescription
CopyFolder 1.8

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
FileJockey Software

CodeSize
4096

ProductName
CopyFolder 1.8

ProductVersionNumber
1.8.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 7875816009309c0adfb066dd0fcc26f1
SHA1 914962f7006df9b1876130836732045b716ccc82
SHA256 e04463bd32b21d9fb83a6da4c519c5eb0ad6a64ba07b9335252478317eb2d146
ssdeep

authentihash 2df946fbec0ed11d8767924fb52a70d2ca7f8ce5f417f20992153ced00e06585
imphash 5e1810ccaba88cb7b9bd018a40318015
File size 508.0 KB ( 520143 bytes )
File type unknown
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
overlay

VirusTotal metadata
First submission 2017-01-09 19:54:44 UTC ( 11 months ago )
Last submission 2017-01-09 19:54:44 UTC ( 11 months ago )
File names CopyFolderInstaller1.8.exe
CopyFolderInstaller1.8.exe
CopyFolderInstaller1.8.exe
E04463BD32B21D9FB83A6DA4C519C5EB0AD6A64BA07B9335252478317EB2D146.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Deleted files
Hooking activity
Runtime DLLs
Additional details
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.