× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e9ff821e2cc3aa18c1277ecb11dc6ee4748a0c0ffbc2521eb1bfdc4120495da8
File name: 405171
Detection ratio: 0 / 57
Analysis date: 2015-10-07 15:10:38 UTC ( 3 years, 7 months ago ) View latest
Antivirus Result Update
Ad-Aware 20151007
AegisLab 20151007
Yandex 20151004
AhnLab-V3 20151007
Alibaba 20150927
ALYac 20151007
Antiy-AVL 20151007
Arcabit 20151007
Avast 20151007
AVG 20151007
Avira (no cloud) 20151007
AVware 20151007
Baidu-International 20151007
BitDefender 20151007
Bkav 20151007
ByteHero 20151007
CAT-QuickHeal 20151007
ClamAV 20151006
CMC 20151005
Comodo 20151007
Cyren 20151007
DrWeb 20151007
Emsisoft 20151007
ESET-NOD32 20151007
F-Prot 20151007
F-Secure 20151007
Fortinet 20151007
GData 20151007
Ikarus 20151007
Jiangmin 20151005
K7AntiVirus 20151007
K7GW 20151007
Kaspersky 20151007
Kingsoft 20151007
Malwarebytes 20151007
McAfee 20151007
McAfee-GW-Edition 20151006
Microsoft 20151007
eScan 20151007
NANO-Antivirus 20151007
nProtect 20151007
Panda 20151007
Qihoo-360 20151007
Rising 20151006
Sophos AV 20151007
SUPERAntiSpyware 20151007
Symantec 20151006
Tencent 20151007
TheHacker 20151006
TotalDefense 20151007
TrendMicro 20151007
TrendMicro-HouseCall 20151007
VBA32 20151007
VIPRE 20151007
ViRobot 20151007
Zillya 20151007
Zoner 20151007
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
PC Shareware, Inc.

Description Browse and View Installation
Packers identified
F-PROT nameless, appended, ZIP
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2000-04-25 14:37:12
Entry Point 0x000021AF
Number of sections 4
PE sections
Overlays
MD5 b3ced3d8a46ed2366e680f25958d694a
File type binary Computer Graphics Metafile
Offset 14848
Size 983478
Entropy 8.00
PE imports
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
GetDeviceCaps
SelectPalette
SelectObject
PatBlt
CreateFontA
CreatePalette
GetStockObject
TextOutA
CreateSolidBrush
SetBkMode
DeleteObject
RealizePalette
SetTextColor
StretchDIBits
GetLastError
lstrlenA
GlobalFree
FreeLibrary
ExitProcess
GetVersionExA
GlobalUnlock
GetModuleFileNameA
LoadLibraryA
WinExec
OpenFile
GetCurrentProcess
_lwrite
lstrcatA
GetWindowsDirectoryA
SetErrorMode
_llseek
GetCommandLineA
GetProcAddress
_lread
GetTempPathA
_lcreat
_lclose
GetModuleHandleA
lstrcpyA
_lopen
MulDiv
GetTempFileNameA
GlobalLock
LocalFree
GlobalAlloc
FormatMessageA
DrawTextA
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
ReleaseDC
EndPaint
BeginPaint
MessageBoxA
ExitWindowsEx
SendMessageA
GetClientRect
SetTimer
SetWindowPos
PostQuitMessage
DefWindowProcA
ShowWindow
UpdateWindow
wsprintfA
GetDC
InvalidateRect
PE exports
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
5632

ImageVersion
4.0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit, Removable run from swap

CharacterSet
Windows, Latin1

LinkerVersion
6.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

TimeStamp
2000:04:25 07:37:12-07:00

FileType
Win32 EXE

PEType
PE32

FileDescription
Browse and View Installation

OSVersion
4.0

FileOS
Windows 16-bit

LegalCopyright
PC Shareware, Inc.

MachineType
Intel 386 or later, and compatibles

CompanyName
PC Shareware, Inc.

CodeSize
8704

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x21af

ObjectFileType
Executable application

File identification
MD5 19918e4436b9e05c19b262757bd9c733
SHA1 c5fc81d4a7efe9f0c0f081cb3d2fd829b2802ac3
SHA256 e9ff821e2cc3aa18c1277ecb11dc6ee4748a0c0ffbc2521eb1bfdc4120495da8
ssdeep
24576:xssJupUty9I2PNsJXwJn52ZPAfXKUUrJaKaM6y4E:xs8okyCquPFAXE

authentihash 7deee6055cdade8c2d74e11f646bf34b432a1b5af40a062b513188b3a6879918
imphash 5318cd03ef5b5da86800f1483484cfd0
File size 974.9 KB ( 998326 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Wise Installer executable (90.7%)
Win32 Executable MS Visual C++ (generic) (5.9%)
Win32 Dynamic Link Library (generic) (1.2%)
Win32 Executable (generic) (0.8%)
OS/2 Executable (generic) (0.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2008-10-25 02:15:15 UTC ( 10 years, 6 months ago )
Last submission 2018-05-25 17:23:02 UTC ( 11 months, 4 weeks ago )
File names Xcj6.docx
405171
aa
bv32321.exe
output.10769045.txt
IT0jV.xltx
bv32-321.exe
myfile
1282582622-bv32-321.exe
bv32-321.exe
bv32-321.exe
10769045
bv32-321.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!