× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: eb755ec19d8b519bbf0f662a11fc06bc6d48422dfd312e2f1670a2e95a5b04e3
File name: vti-rescan
Detection ratio: 13 / 56
Analysis date: 2015-04-13 06:50:27 UTC ( 4 years, 1 month ago ) View latest
Antivirus Result Update
Avast Win32:Emotet-W [Trj] 20150413
Baidu-International Trojan.Win32.Injector.BYED 20150412
BitDefender Trojan.GenericKD.2292618 20150413
ByteHero Virus.Win32.Heur.p 20150413
CMC Heur.Win32.VBKrypt.3!O 20150410
Emsisoft Trojan.GenericKD.2292618 (B) 20150413
ESET-NOD32 a variant of Win32/Injector.BYED 20150413
GData Trojan.GenericKD.2292618 20150413
Kaspersky Trojan.Win32.Bublik.dnuf 20150413
McAfee Artemis!7430289B38D7 20150413
eScan Trojan.GenericKD.2292618 20150413
Qihoo-360 HEUR/QVM03.0.Malware.Gen 20150413
Tencent Trojan.Win32.Qudamah.Gen.17 20150413
Ad-Aware 20150413
AegisLab 20150413
Yandex 20150409
AhnLab-V3 20150413
Alibaba 20150413
ALYac 20150413
Antiy-AVL 20150413
AVG 20150413
AVware 20150413
Bkav 20150410
CAT-QuickHeal 20150413
ClamAV 20150413
Comodo 20150413
Cyren 20150413
DrWeb 20150413
F-Prot 20150413
F-Secure 20150412
Fortinet 20150413
Ikarus 20150413
Jiangmin 20150412
K7AntiVirus 20150413
K7GW 20150413
Kingsoft 20150413
Malwarebytes 20150413
McAfee-GW-Edition 20150413
Microsoft 20150413
NANO-Antivirus 20150413
Norman 20150413
nProtect 20150410
Panda 20150410
Rising 20150412
Sophos AV 20150413
SUPERAntiSpyware 20150412
Symantec 20150413
TheHacker 20150413
TotalDefense 20150412
TrendMicro 20150413
TrendMicro-HouseCall 20150413
VBA32 20150412
VIPRE 20150413
ViRobot 20150413
Zillya 20150411
Zoner 20150410
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
REW is room acoustics analysis software for measuring

Publisher REW is room acoustics analysis software for measuring
Product REW is room acoustics analysis software for measuring
Original name TextConv.exe
Internal name TextConv
File version 1.00.0015
Description REW is room acoustics analysis software for measuring
Comments REW is room acoustics analysis software for measuring
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-04-12 19:14:29
Entry Point 0x00001128
Number of sections 3
PE sections
PE imports
EVENT_SINK_QueryInterface
Ord(645)
Ord(537)
Ord(648)
Ord(516)
Ord(685)
Ord(594)
Ord(689)
Ord(525)
EVENT_SINK_AddRef
Ord(300)
Ord(717)
__vbaExceptHandler
MethCallEngine
DllFunctionCall
Ord(100)
Ord(599)
Ord(608)
Ord(570)
Ord(571)
ProcCallEngine
Ord(711)
EVENT_SINK_Release
Ord(595)
Ord(593)
Ord(306)
Ord(631)
Ord(563)
Number of PE resources by type
RT_ICON 4
RT_STRING 1
RT_VERSION 1
CEROL 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
THAI DEFAULT 2
NEUTRAL DEFAULT 1
PE resources
ExifTool file metadata
LegalTrademarks
REW is room acoustics analysis software for measuring

SubsystemVersion
4.0

Comments
REW is room acoustics analysis software for measuring

InitializedDataSize
53248

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.15

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
REW is room acoustics analysis software for measuring

CharacterSet
Unicode

LinkerVersion
6.0

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
REW is room acoustics analysis software for measuring

FileVersion
1.00.0015

TimeStamp
2015:04:12 20:14:29+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
TextConv

ProductVersion
1.00.0015

UninitializedDataSize
0

OSVersion
4.0

OriginalFilename
TextConv.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
REW is room acoustics analysis software for measuring

CodeSize
98304

ProductName
REW is room acoustics analysis software for measuring

ProductVersionNumber
1.0.0.15

EntryPoint
0x1128

ObjectFileType
Executable application

File identification
MD5 7430289b38d7b7faf194711d1570087c
SHA1 0929ed7bf3325faa86d93fb64b1ed25af6758f58
SHA256 eb755ec19d8b519bbf0f662a11fc06bc6d48422dfd312e2f1670a2e95a5b04e3
ssdeep
3072:qOQhZOOQhZOOQhZ8fpz+E+0OQhZOOQhZOOQhZtcdFztKmigIZQPc0HwYOuIDtL+R:tbcPztVIiPc0HwY+tL+OTp9Zc

authentihash 62e5f0ad4a6348a4c155c06266e5502181e4dd95577b28b87bc99d808b589d0c
imphash e9c7d402150ccfcc98bb88e155a1e3b6
File size 267.2 KB ( 273661 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (90.5%)
Win32 Executable (generic) (4.9%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2015-04-12 20:05:52 UTC ( 4 years, 1 month ago )
Last submission 2015-04-13 06:50:27 UTC ( 4 years, 1 month ago )
File names TextConv.exe
y6nkS4e.inf
TextConv
35a.exe
512713-1
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!