× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e544473cc8512fad2c1c3eeb94c6fa927a2a4a065fefa00c66b7ed31d3d0e514
File name: Survarium_LL.exe
Detection ratio: 1 / 63
Analysis date: 2017-07-10 20:58:36 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
Endgame malicious (moderate confidence) 20170706
Ad-Aware 20170710
AegisLab 20170710
AhnLab-V3 20170710
Alibaba 20170710
ALYac 20170710
Antiy-AVL 20170710
Arcabit 20170710
Avast 20170710
AVG 20170710
Avira (no cloud) 20170710
AVware 20170710
Baidu 20170710
BitDefender 20170710
Bkav 20170710
CAT-QuickHeal 20170710
ClamAV 20170710
CMC 20170710
Comodo 20170710
CrowdStrike Falcon (ML) 20170420
Cylance 20170710
Cyren 20170710
DrWeb 20170710
Emsisoft 20170710
ESET-NOD32 20170710
F-Prot 20170710
F-Secure 20170710
Fortinet 20170629
GData 20170710
Ikarus 20170710
Sophos ML 20170607
Jiangmin 20170710
K7AntiVirus 20170710
K7GW 20170710
Kaspersky 20170710
Kingsoft 20170710
Malwarebytes 20170710
MAX 20170710
McAfee 20170710
McAfee-GW-Edition 20170710
Microsoft 20170710
eScan 20170710
NANO-Antivirus 20170710
nProtect 20170710
Palo Alto Networks (Known Signatures) 20170710
Panda 20170710
Qihoo-360 20170710
Rising 20170710
SentinelOne (Static ML) 20170516
Sophos AV 20170710
SUPERAntiSpyware 20170710
Symantec 20170710
Symantec Mobile Insight 20170709
Tencent 20170710
TheHacker 20170709
TrendMicro 20170710
TrendMicro-HouseCall 20170710
Trustlook 20170710
VBA32 20170710
VIPRE 20170710
ViRobot 20170710
Webroot 20170710
WhiteArmor 20170706
Yandex 20170710
Zillya 20170707
ZoneAlarm by Check Point 20170710
Zoner 20170710
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2017 Knyazev's Tools

Product Survarium Light Launcher v1.9 [by Knyazev]
Original name Survarium_LL.exe
Internal name Survarium_LL.exe
File version 1.9.1.4
Description Survarium Light Launcher [by Knyazev]
Comments Survarium Light Launcher v1.9 [by Knyazev]
Signature verification A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signing date 1:08 AM 3/18/2018
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-07-10 22:57:55
Entry Point 0x0003F93A
Number of sections 3
.NET details
Module Version ID c3734d1f-6655-4dd9-a560-c89070da8909
TypeLib ID 7eea1887-bd4b-4fc3-a319-c74b726aa1a7
PE sections
Overlays
MD5 6f5bc5230dfa4f9f1f0a3366e4b80dcf
File type data
Offset 270336
Size 4104
Entropy 7.62
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 3
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
PE resources
ExifTool file metadata
CodeSize
252416

SubsystemVersion
4.0

Comments
Survarium Light Launcher v1.9 [by Knyazev]

InitializedDataSize
17408

ImageVersion
0.0

ProductName
Survarium Light Launcher v1.9 [by Knyazev]

FileVersionNumber
1.9.1.4

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
Survarium_LL.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.9.1.4

TimeStamp
2017:07:10 23:57:55+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Survarium_LL.exe

ProductVersion
1.9.1.4

FileDescription
Survarium Light Launcher [by Knyazev]

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2017 Knyazev's Tools

MachineType
Intel 386 or later, and compatibles

CompanyName
2017 Knyazev's Tools

LegalTrademarks
2017 Knyazev's Tools

FileSubtype
0

ProductVersionNumber
1.9.1.4

EntryPoint
0x3f93a

ObjectFileType
Executable application

AssemblyVersion
1.9.1.4

Compressed bundles
File identification
MD5 a290e0dfd4c9eaa30a0a1ee2038a49da
SHA1 77e44e39b8169421dd4ab1ec63d528f299a5cfef
SHA256 e544473cc8512fad2c1c3eeb94c6fa927a2a4a065fefa00c66b7ed31d3d0e514
ssdeep
6144:Mrioaj64VBGFXrFZVbpUS+Ja0XuWdYmCciLmT:UXhIA0eWKmCcR

authentihash 76e5ac50515b34a9e029b7f177365673e4fcef220fa70071f613b6adf32b5905
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 268.0 KB ( 274440 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win64 Executable (generic) (47.7%)
Windows screen saver (22.6%)
Win32 Dynamic Link Library (generic) (11.3%)
Win32 Executable (generic) (7.7%)
OS/2 Executable (generic) (3.5%)
Tags
peexe assembly overlay

VirusTotal metadata
First submission 2017-07-10 20:58:36 UTC ( 1 year, 2 months ago )
Last submission 2018-03-18 00:08:30 UTC ( 6 months, 1 week ago )
File names Survarium_LL.exe
Survarium_LL.exe
Survarium_LL.exe
Survarium_LL.exe
Survarium_LL.exe
Survarium_LL.exe
Survarium_LL.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
HTTP requests
DNS requests
TCP connections
UDP communications