× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ec19444addfd0dd3100566fdbb35dc571b168212210f2010f15c3d3bd75cf220
File name: amazonstarter.exe
Detection ratio: 9 / 41
Analysis date: 2010-05-19 01:04:08 UTC ( 3 years, 11 months ago ) View latest
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
BitDefender Trojan.Generic.KD.4217 20100519
CAT-QuickHeal Win32.TrojanDropper.ProcessInjector.A.8 20100518
F-Secure Trojan.Generic.KD.4217 20100519
GData Trojan.Generic.KD.4217 20100519
Ikarus Trojan.SuspectCRC 20100518
Panda Suspicious file 20100518
Sophos Mal/Generic-L 20100519
a-squared Trojan.SuspectCRC!IK 20100510
nProtect Trojan.Generic.KD.4217 20100518
AVG 20100518
AhnLab-V3 20100518
AntiVir 20100518
Antiy-AVL 20100518
Authentium 20100518
Avast 20100518
Avast5 20100518
ClamAV 20100519
Comodo 20100518
DrWeb 20100518
F-Prot 20100518
Fortinet 20100518
Jiangmin 20100518
Kaspersky 20100519
McAfee 20100519
McAfee-GW-Edition 20100518
Microsoft 20100518
NOD32 20100518
Norman 20100518
PCTools 20100518
Prevx 20100519
Rising 20100518
Sunbelt 20100519
Symantec 20100518
TheHacker 20100517
TrendMicro 20100518
TrendMicro-HouseCall 20100519
VBA32 20100518
ViRobot 20100518
VirusBuster 20100518
eSafe 20100517
eTrust-Vet 20100518
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x000123D0
Number of sections 8
PE sections
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetLastError
GetStdHandle
EnterCriticalSection
ReadFile
lstrlenA
WaitForSingleObject
FreeLibrary
ExitProcess
GetThreadLocale
GetVersionExA
GetModuleFileNameA
RtlUnwind
GetLocalTime
DeleteCriticalSection
GetStartupInfoA
GetDateFormatA
LoadLibraryExA
GetLocaleInfoA
LocalAlloc
GetCPInfo
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetCommandLineA
GetProcAddress
SetFilePointer
RaiseException
CompareStringA
CloseHandle
WideCharToMultiByte
GetModuleHandleA
FindFirstFileA
WriteFile
EnumCalendarInfoA
ResetEvent
lstrcpynA
GetACP
GetDiskFreeSpaceA
GetCurrentThreadId
GetFullPathNameA
SetEvent
LocalFree
InitializeCriticalSection
VirtualQuery
VirtualFree
CreateEventA
FindClose
InterlockedDecrement
Sleep
FormatMessageA
SetEndOfFile
TlsSetValue
CreateFileA
GetStringTypeExA
GetVersion
LeaveCriticalSection
VirtualAlloc
InterlockedIncrement
VariantChangeType
SafeArrayGetLBound
SafeArrayPtrOfIndex
SysAllocStringLen
VariantClear
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
SysFreeString
VariantInit
ShellExecuteA
GetSystemMetrics
LoadStringA
CharNextA
MessageBoxA
GetKeyboardType
CharToOemA
Number of PE resources by type
RT_ICON 11
RT_STRING 7
RT_RCDATA 2
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 21
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
71168

LinkerVersion
2.25

FileAccessDate
2013:04:30 11:50:04+01:00

EntryPoint
0x123d0

InitializedDataSize
398848

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

FileCreateDate
2013:04:30 11:50:04+01:00

UninitializedDataSize
0

File identification
MD5 23fdc2d06ea024c3351b81d037717ae7
SHA1 b0c523d7ac4b599937c114f44e67623a5e74776d
SHA256 ec19444addfd0dd3100566fdbb35dc571b168212210f2010f15c3d3bd75cf220
ssdeep
6144:hg+cynpoZap6eYBD2lhquwAWqGhFiV31v/kqYS6zbcaVt2kLW7xLGH/+3yT1uAOn:hxcAoZawdH

File size 460.0 KB ( 471040 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Borland Delphi 7 (70.7%)
Win32 Executable Borland Delphi 6 (27.9%)
Win32 Executable (generic) (0.6%)
Win16/32 Executable Delphi generic (0.2%)
Generic Win/DOS Executable (0.2%)
Tags
peexe

VirusTotal metadata
First submission 2009-11-05 17:38:56 UTC ( 4 years, 5 months ago )
Last submission 2013-04-30 10:49:48 UTC ( 11 months, 4 weeks ago )
File names AmazonStarter.exe
file-3186636_
b0c523d7ac4b599937c114f44e67623a5e74776d
23FDC2D06EA024C3351B81D037717AE7
AMAZONSTARTER.EXE._B0C523D7AC4B599937C114F44E67623A5E74776D
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!