× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e3bdea26c19b88f2a5708a9297087dd0bef15aa7d4ef76c361666bd50cbc6f61
File name: Hanso Recorder.exe
Detection ratio: 1 / 44
Analysis date: 2013-08-11 20:41:26 UTC ( 8 months, 2 weeks ago )
Antivirus Result Update
Symantec WS.Reputation.1 20130811
AVG 20130811
Agnitum 20130810
AhnLab-V3 20130811
AntiVir 20130811
Antiy-AVL 20130811
Avast 20130811
BitDefender 20130811
ByteHero 20130808
CAT-QuickHeal 20130811
ClamAV 20130811
Commtouch 20130811
Comodo 20130811
DrWeb 20130811
ESET-NOD32 20130811
Emsisoft 20130811
F-Prot 20130811
Fortinet 20130811
GData 20130811
Ikarus 20130811
Jiangmin 20130811
K7AntiVirus 20130809
K7GW 20130809
Kaspersky 20130811
Kingsoft 20130723
Malwarebytes 20130811
McAfee 20130811
McAfee-GW-Edition 20130811
MicroWorld-eScan 20130811
Microsoft 20130811
NANO-Antivirus 20130811
Norman 20130811
PCTools 20130811
Panda 20130811
Rising 20130809
SUPERAntiSpyware 20130811
TheHacker 20130811
TotalDefense 20130809
TrendMicro 20130811
TrendMicro-HouseCall 20130811
VBA32 20130809
VIPRE 20130811
ViRobot 20130811
nProtect 20130811
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
Authenticode signature block
Copyright
Copyright © 2005-2006 Hanso.com

Product Hanso Recorder
Version 2, 5, 0, 0
Original name Hanso Recorder.EXE
Internal name Hanso Recorder
File version 2, 5, 0, 0
Description Hanso Recorder
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-05-24 22:34:50
Link date 11:34 PM 5/24/2013
Entry Point 0x0002825C
Number of sections 4
PE sections
PE imports
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegQueryValueA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyA
GetFileTitleA
SetMapMode
SaveDC
TextOutA
GetClipBox
GetObjectA
ExcludeClipRect
OffsetViewportOrgEx
DeleteDC
RestoreDC
IntersectClipRect
GetCharWidthA
SetTextColor
GetDeviceCaps
RectVisible
CreateBitmap
CreateFontA
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
ExtTextOutA
PtVisible
CreateCompatibleDC
StretchDIBits
GetBkColor
ScaleViewportExtEx
Escape
DeleteObject
SetWindowExtEx
SelectObject
SetBkColor
SetViewportExtEx
CreateCompatibleBitmap
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
lstrcmpW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
EnumResourceLanguagesA
HeapReAlloc
GetStringTypeW
GetFullPathNameA
FreeLibrary
LocalFree
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
SetLastError
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetVersionExA
GetModuleFileNameA
GetVolumeInformationA
LoadLibraryExA
GetPrivateProfileStringA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
CreateSemaphoreA
GetSystemDirectoryW
GlobalAddAtomA
SetUnhandledExceptionFilter
ConvertDefaultLocale
MulDiv
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
UnlockFile
GetFileSize
GlobalDeleteAtom
DeleteFileA
GlobalLock
GetProcessHeap
CompareStringW
GetFileSizeEx
GlobalReAlloc
lstrcmpA
FindFirstFileA
CompareStringA
DuplicateHandle
GetProcAddress
GetTimeZoneInformation
GlobalFindAtomA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LocalReAlloc
LCMapStringW
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GlobalGetAtomNameA
GetEnvironmentStringsW
GlobalUnlock
LockFile
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
GetACP
GetModuleHandleW
FreeResource
SizeofResource
WideCharToMultiByte
IsValidCodePage
HeapCreate
VirtualFree
Sleep
FindResourceA
VirtualAlloc
Ord(12)
Ord(6)
Ord(7)
Ord(4)
Ord(8)
Ord(2)
Ord(9)
RasEnumConnectionsA
RasHangUpA
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
Shell_NotifyIconA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
MapWindowPoints
GetForegroundWindow
UnregisterHotKey
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
GetMessagePos
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
GrayStringA
WindowFromPoint
GetMessageTime
SetActiveWindow
GetMenuItemID
GetCursorPos
DrawTextA
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
SetMenuDefaultItem
GetNextDlgTabItem
CallNextHookEx
GetWindowTextLengthA
ClientToScreen
GetActiveWindow
RegisterHotKey
LoadImageA
GetTopWindow
GetWindowTextA
PtInRect
GetMessageA
GetParent
UpdateWindow
SetPropA
EqualRect
EnumWindows
GetClassInfoExA
ShowWindow
GetPropA
ValidateRect
EnableWindow
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
CharLowerA
GetWindowPlacement
EnableMenuItem
RegisterClassA
TabbedTextOutA
GetWindowLongA
CreateWindowExA
CopyRect
DeferWindowPos
DestroyWindow
IsChild
IsDialogMessageA
SetFocus
BeginPaint
OffsetRect
KillTimer
RegisterWindowMessageA
DefWindowProcA
SendDlgItemMessageA
GetSystemMetrics
IsIconic
GetWindowRect
PostMessageA
DrawIcon
SetWindowLongA
RemovePropA
SetWindowTextA
CheckMenuItem
GetSubMenu
GetLastActivePopup
SetTimer
GetDlgItem
GetMenuCheckMarkDimensions
ScreenToClient
GetClassLongA
GetCapture
LoadCursorA
LoadIconA
TrackPopupMenu
SetWindowsHookExA
GetMenuItemCount
GetMenuState
GetSystemMenu
GetDC
SetForegroundWindow
ReleaseDC
EndDialog
LoadMenuA
CreateDialogIndirectParamA
DrawTextExA
GetWindowThreadProcessId
GetSysColorBrush
AppendMenuA
SetMenu
SetDlgItemTextA
SetRectEmpty
MessageBoxA
GetWindowDC
AdjustWindowRectEx
GetSysColor
GetKeyState
SystemParametersInfoA
GetWindowModuleFileNameA
IsWindowVisible
GetDesktopWindow
WinHelpA
SetRect
InvalidateRect
CallWindowProcA
GetClassNameA
GetFocus
ModifyMenuA
UnhookWindowsHookEx
SetCursor
OpenPrinterA
DocumentPropertiesA
ClosePrinter
CoInitializeEx
CoUninitialize
CoInitialize
CLSIDFromString
CoCreateInstance
CLSIDFromProgID
OleRun
CoTaskMemFree
Number of PE resources by type
RT_ICON 21
RT_CURSOR 16
RT_GROUP_CURSOR 15
RT_STRING 14
RT_DIALOG 9
RT_BITMAP 6
RT_GROUP_ICON 5
Struct(240) 3
RT_MENU 2
Struct(241) 1
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 67
RUSSIAN 20
ENGLISH UK 7
File identification
MD5 b74196bb8717682999afc92df743a33d
SHA1 413136f73bc2d3a934bcabbb64b58bfa9aa5fefc
SHA256 e3bdea26c19b88f2a5708a9297087dd0bef15aa7d4ef76c361666bd50cbc6f61
ssdeep
12288:b+pCYO5se1/t6GlQNLrKbhKRrywJJmhsNmf8is6aE8gkEigCju:SzO5H6GYLYc6l8QiRu

File size 829.0 KB ( 848896 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (78.5%)
Win32 Executable (generic) (11.3%)
Generic Win/DOS Executable (5.0%)
DOS Executable Generic (5.0%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2013-08-11 20:41:26 UTC ( 8 months, 2 weeks ago )
Last submission 2013-08-11 20:41:26 UTC ( 8 months, 2 weeks ago )
File names Hanso Recorder
Hanso Recorder.EXE
Hanso Recorder.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!