× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: eea45fb2e864bb26f4b7b2dc7f1434527d017bac326054508a6edbd51b438a6d
File name: unregmp2.exe
Detection ratio: 0 / 54
Analysis date: 2014-11-15 21:20:14 UTC ( 4 years, 5 months ago )
Antivirus Result Update
Ad-Aware 20141115
AegisLab 20141115
Yandex 20141115
AhnLab-V3 20141115
Antiy-AVL 20141115
Avast 20141115
AVG 20141115
Avira (no cloud) 20141115
AVware 20141115
Baidu-International 20141107
BitDefender 20141115
Bkav 20141115
ByteHero 20141115
CAT-QuickHeal 20141114
ClamAV 20141115
CMC 20141114
Comodo 20141115
Cyren 20141115
DrWeb 20141115
Emsisoft 20141115
F-Prot 20141115
F-Secure 20141115
Fortinet 20141115
GData 20141115
Ikarus 20141115
Jiangmin 20141115
K7AntiVirus 20141114
K7GW 20141115
Kaspersky 20141115
Kingsoft 20141115
Malwarebytes 20141115
McAfee 20141115
McAfee-GW-Edition 20141115
Microsoft 20141115
eScan 20141115
NANO-Antivirus 20141115
Norman 20141115
nProtect 20141114
Panda 20141115
Qihoo-360 20141115
Rising 20141115
Sophos AV 20141115
SUPERAntiSpyware 20141115
Symantec 20141115
Tencent 20141115
TheHacker 20141115
TotalDefense 20141115
TrendMicro 20141115
TrendMicro-HouseCall 20141115
VBA32 20141114
VIPRE 20141115
ViRobot 20141115
Zillya 20141115
Zoner 20141112
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(C) ?????????? ??????????. ??? ????? ????????.

Publisher Microsoft Corporation
Product ???????????? ??????? Microsoft® Windows®
Original name unregmp2.exe
Internal name unregmp2.exe
File version 11.0.5721.5262 (WMP_11.090130-1421)
Description ????????? ????????? ????????????? Windows Media (Microsoft)
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-01-31 01:40:18
Entry Point 0x000319F2
Number of sections 4
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
RegQueryValueExA
GetSecurityDescriptorControl
OpenServiceW
QueryServiceConfigW
ControlService
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
CloseServiceHandle
ConvertStringSecurityDescriptorToSecurityDescriptorW
QueryServiceStatus
RegOpenKeyExW
SetEntriesInAclW
RegOpenKeyExA
GetNamedSecurityInfoW
RegQueryInfoKeyW
GetSecurityDescriptorDacl
RegEnumValueW
RegEnumKeyExW
ConvertStringSidToSidW
RegDeleteValueW
StartServiceW
RegSetValueExW
OpenSCManagerW
ChangeServiceConfigW
SetNamedSecurityInfoW
GetLastError
CopyFileW
GetShortPathNameW
FileTimeToSystemTime
GetModuleFileNameW
GetFileTime
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetSystemDefaultLangID
GetSystemWindowsDirectoryW
GetVersionExA
GetFileAttributesW
RtlUnwind
lstrlenW
GetLocalTime
GetWindowsDirectoryW
GetCurrentProcess
RemoveDirectoryW
GetCurrentDirectoryW
GetCurrentProcessId
SetLastError
CreateDirectoryA
GetWindowsDirectoryA
UnhandledExceptionFilter
LoadLibraryExW
CreateDirectoryW
DeleteFileW
GetProcAddress
InterlockedCompareExchange
WriteProfileStringW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetProfileStringW
ExpandEnvironmentStringsW
GetTempPathA
GetFileAttributesA
MoveFileExW
SetFilePointer
GetSystemDirectoryW
FindNextFileW
InterlockedExchange
SetUnhandledExceptionFilter
GetTempPathW
GetStartupInfoA
CloseHandle
GetSystemTimeAsFileTime
FindFirstFileW
lstrcmpW
FindFirstFileExW
GetVersion
LocalFree
TerminateProcess
GetLongPathNameW
LoadLibraryW
GetTimeZoneInformation
SetCurrentDirectoryW
WriteFile
CreateFileW
FindClose
Sleep
MoveFileW
SetFileAttributesW
CreateFileA
GetTickCount
GetCurrentThreadId
GetFileSize
GetModuleHandleA
CreateHardLinkW
VariantTimeToSystemTime
SystemTimeToVariantTime
SHBindToParent
SHGetFolderPathW
SHChangeNotify
Ord(155)
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHSetLocalizedName
SHParseDisplayName
SHGetPathFromIDListA
SHGetSpecialFolderPathW
SHGetMalloc
PathAddBackslashA
PathRemoveFileSpecW
Ord(158)
PathAddBackslashW
PathAppendW
PathRemoveBlanksW
PathIsDirectoryW
CreatePopupMenu
GetMenuItemCount
CharNextA
LoadStringW
DestroyMenu
GetMenuItemInfoW
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
WMDRMCreateProvider
iswalnum
__p__fmode
malloc
_wcsupr
??_U@YAPAXI@Z
wcschr
__dllonexit
_cexit
_wcslwr
_controlfp
_wcsicmp
_onexit
_vsnwprintf
_amsg_exit
_lock
memcpy
exit
??_V@YAXPAX@Z
_itow
iswalpha
__setusermatherr
mbstowcs
__p__commode
_XcptFilter
_acmdln
memset
_ismbblead
_unlock
_wcsnicmp
_adjust_fdiv
free
__getmainargs
_wtol
_vsnprintf
swscanf
wcsrchr
wcsstr
_initterm
_exit
_wtoi
__set_app_type
OleUninitialize
CoUninitialize
CoInitialize
OleInitialize
CoCreateGuid
CoCreateInstance
StringFromGUID2
Number of PE resources by type
RT_STRING 21
RT_ICON 6
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
RUSSIAN 30
PE resources
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
8.0

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
11.0.5721.5262

UninitializedDataSize
0

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
58880

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
(C) . .

FileVersion
11.0.5721.5262 (WMP_11.090130-1421)

TimeStamp
2009:01:31 02:40:18+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
unregmp2.exe

FileAccessDate
2014:11:15 22:21:30+01:00

ProductVersion
11.0.5721.5262

FileDescription
Windows Media (Microsoft)

OSVersion
6.0

FileCreateDate
2014:11:15 22:21:30+01:00

OriginalFilename
unregmp2.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
280576

ProductName
Microsoft Windows

ProductVersionNumber
11.0.5721.5262

EntryPoint
0x319f2

ObjectFileType
Executable application

File identification
MD5 33756c4cc98598c1815ae808fb54f576
SHA1 3c12caaf5b5ea61d47b75a8ddc9ad1b54c42e836
SHA256 eea45fb2e864bb26f4b7b2dc7f1434527d017bac326054508a6edbd51b438a6d
ssdeep
6144:yKXckLmdaY0yFTL4nLLuB4tiUGYxKMePYptuCl3s:9nryFTkuYxhntuCl3

authentihash 9088ed3f7b94b30bf300fc395e1ab7e73faee58d0abec8d7eb623156589d8136
imphash e3b32b722e4014380ec3f3b586f5af2c
File size 332.5 KB ( 340480 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2010-11-29 17:19:35 UTC ( 8 years, 4 months ago )
Last submission 2014-03-30 01:16:47 UTC ( 5 years ago )
File names vt-upload-xlpfxw
unregmp2.exe
unregmp2.exe
unregmp2.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!