× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ecd252cbd4b408564e489c830a36b981cd57acb432134119c3115b0cd3f9ba3b
File name: dcgold.exe
Detection ratio: 2 / 41
Analysis date: 2012-08-31 08:24:16 UTC ( 6 years, 6 months ago ) View latest
Antivirus Result Update
AVG ILCrypt 20120831
Kaspersky UDS:DangerousObject.Multi.Generic 20120831
AntiVir 20120830
Antiy-AVL 20120831
Avast 20120831
BitDefender 20120831
ByteHero 20120817
CAT-QuickHeal 20120831
ClamAV 20120828
Commtouch 20120831
Comodo 20120831
DrWeb 20120831
Emsisoft 20120831
eSafe 20120830
ESET-NOD32 20120830
F-Prot 20120831
F-Secure 20120831
Fortinet 20120830
GData 20120831
Ikarus 20120831
Jiangmin 20120831
K7AntiVirus 20120830
McAfee 20120831
McAfee-GW-Edition 20120831
Microsoft 20120831
Norman 20120831
nProtect 20120831
Panda 20120830
PCTools 20120831
Rising 20120831
Sophos AV 20120831
SUPERAntiSpyware 20120831
Symantec 20120831
TheHacker 20120830
TotalDefense 20120830
TrendMicro 20120831
TrendMicro-HouseCall 20120831
VBA32 20120831
VIPRE 20120831
ViRobot 20120831
VirusBuster 20120831
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Original name dcgold.exe
Internal name dcgold.exe
File version 0.0.0.0
Description
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-08-31 05:47:29
Entry Point 0x000B087E
Number of sections 3
.NET details
Module Version ID 9d47e77a-024a-4669-bbfc-f4c6a99d69eb
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
39424

EntryPoint
0xb087e

OriginalFileName
dcgold.exe

MIMEType
application/octet-stream

FileVersion
0.0.0.0

TimeStamp
2012:08:31 06:47:29+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
dcgold.exe

ProductVersion
0.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
715264

FileSubtype
0

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 8ba95643f512a2363beb312e1d62047f
SHA1 4a4871694b6eb6a94ce95cd4cb1139d0417b3d28
SHA256 ecd252cbd4b408564e489c830a36b981cd57acb432134119c3115b0cd3f9ba3b
ssdeep
12288:hmw6phMZWmCDvk4LTEOaFdXz34a2ssJg39M07ypL+Ju/3SFcz1o1aNUU:heTgGoaTErXj4r+3vUL+Ju/qO3Nf

authentihash f8b5195d5d6d9f550cf7e6a6b26b8d1a0536eda17e4ffc63c6171d0638289736
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 737.5 KB ( 755200 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (72.2%)
Windows screen saver (12.9%)
Win32 Dynamic Link Library (generic) (6.4%)
Win32 Executable (generic) (4.4%)
Generic Win/DOS Executable (1.9%)
Tags
peexe assembly

VirusTotal metadata
First submission 2012-08-31 07:01:55 UTC ( 6 years, 6 months ago )
Last submission 2017-03-14 06:39:13 UTC ( 2 years ago )
File names dcgold.exe
8BA95643F512A2363BEB312E1D62047F.bin
output.2144156.txt
93538cf3239df2a3991ad4a325a36223ba6544a0
1.exe
8BA95643F512A2363BEB312E1D62047F
ecd252cbd4b408564e489c830a36b981cd57acb432134119c3115b0cd3f9ba3b
dcgold.exe-nqn8RJ
2144156
8ba95643f512a2363beb312e1d62047f
004232670
dcgold.png
file-4441687_
dcgold.exe
755200_8ba95643f512a2363beb312e1d62047f.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!