× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: eb48e373ef5d59bc018ef687388cae5e824bc1dc09b1549eb95ddae5efbcbac0
File name: setiathome_7.00_windows_intelx86.exe
Detection ratio: 0 / 56
Analysis date: 2015-02-20 03:12:23 UTC ( 2 weeks ago )
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
ALYac 20150220
AVG 20150220
AVware 20150219
Ad-Aware 20150220
AegisLab 20150220
Agnitum 20150218
AhnLab-V3 20150219
Alibaba 20150219
Avast 20150220
Avira 20150220
Baidu-International 20150219
BitDefender 20150220
Bkav 20150213
ByteHero 20150220
CAT-QuickHeal 20150219
CMC 20150214
ClamAV 20150219
Comodo 20150219
Cyren 20150220
DrWeb 20150220
ESET-NOD32 20150220
Emsisoft 20150220
F-Prot 20150220
F-Secure 20150219
Fortinet 20150220
GData 20150220
Ikarus 20150220
Jiangmin 20150219
K7AntiVirus 20150219
K7GW 20150220
Kaspersky 20150220
Kingsoft 20150220
Malwarebytes 20150220
McAfee 20150220
McAfee-GW-Edition 20150220
MicroWorld-eScan 20150220
Microsoft 20150220
NANO-Antivirus 20150220
Norman 20150219
Panda 20150219
Qihoo-360 20150220
Rising 20150219
SUPERAntiSpyware 20150220
Sophos 20150219
Symantec 20150220
Tencent 20150220
TheHacker 20150219
TotalDefense 20150219
TrendMicro 20150220
TrendMicro-HouseCall 20150220
VBA32 20150219
VIPRE 20150220
ViRobot 20150219
Zillya 20150219
Zoner 20150218
nProtect 20150218
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Developer metadata
Copyright
Copyright 2011, Regents University of California

Publisher Space Sciences Laboratory
Product setiathome_v7
Internal name setiathome_v7
File version 7.00
Description setiathome_v7
Packers identified
F-PROT UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-03-13 21:41:27
Link date 10:41 PM 3/13/2013
Entry Point 0x00208580
Number of sections 3
PE sections
PE imports
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
EnumProcesses
GetClassNameA
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
2.21

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
7.0.0.0

UninitializedDataSize
1646592

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Windows, Latin1

InitializedDataSize
4096

MIMEType
application/octet-stream

LegalCopyright
Copyright 2011, Regents University of California

FileVersion
7.0

TimeStamp
2013:03:13 22:41:27+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
setiathome_v7

ProductVersion
7.0

FileDescription
setiathome_v7

OSVersion
4.0

FileOS
Unknown (0)

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Space Sciences Laboratory

CodeSize
483328

ProductName
setiathome_v7

ProductVersionNumber
7.0.0.0

EntryPoint
0x208580

ObjectFileType
Executable application

File identification
MD5 61ed886de72526d5c9adda9fc120df0f
SHA1 bf4180244e5ca1e7c419b25b98614748968b0599
SHA256 eb48e373ef5d59bc018ef687388cae5e824bc1dc09b1549eb95ddae5efbcbac0
ssdeep
12288:yso1zPt2oPEljlHi1mpGNXFuYZwzw35Ie:kzV7PciSVwK

authentihash bc85a64b7542168135ba9f4167e2fcd1f003addb29c46384ecedb36d617422fe
imphash da9abf551b9b3281833a7ef7cddf5f56
File size 473.0 KB ( 484352 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (42.3%)
Win32 EXE Yoda's Crypter (36.7%)
Win32 Dynamic Link Library (generic) (9.1%)
Win32 Executable (generic) (6.2%)
Generic Win/DOS Executable (2.7%)
Tags
peexe upx

VirusTotal metadata
First submission 2013-05-30 06:08:04 UTC ( 1 year, 9 months ago )
Last submission 2015-02-20 03:12:23 UTC ( 2 weeks ago )
File names setiathome_7.00_windows_intelx86.exe
file-5533898_exe
setiathome_7.00_windows_intelx86.exe
setiathome_7.00_windows_intelx86.exe
setiathome_7.00_windows_intelx86.exe
setiathome_7.00_windows_intelx86.exe
setiathome_7.00_windows_intelx86.exe
setiathome_7.00_windows_intelx86.exe
setiathome_7.00_windows_intelx86.exe
HTTP-Fd2x0k4ApmKRCmaA9a.exe
setiathome_7.00_windows_intelx86.exe
setiathome_7.00_windows_intelx86.exe
setiathome_7.00_windows_intelx86.exe
setiathome_7.00_windows_intelx86.exe
setiathome_v7
setiathome_7.00_windows_intelx86.exe
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/doc/pua.html .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!