× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ef854d21cbf297ee267f22049b773ffeb4c1ff1a3e55227cc2a260754699d644
File name: calc.exe
Detection ratio: 0 / 66
Analysis date: 2018-06-12 07:14:32 UTC ( 1 week, 2 days ago )
Trusted source! This file belongs to the Microsoft Corporation software catalogue.
Antivirus Result Update
ALYac 20180612
AVG 20180612
AVware 20180612
Ad-Aware 20180612
AegisLab 20180612
AhnLab-V3 20180612
Antiy-AVL 20180612
Arcabit 20180612
Avast 20180612
Avast-Mobile 20180611
Avira (no cloud) 20180612
Babable 20180406
Baidu 20180612
BitDefender 20180612
Bkav 20180611
CAT-QuickHeal 20180612
CMC 20180611
ClamAV 20180612
Comodo 20180612
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cyren 20180612
DrWeb 20180612
ESET-NOD32 20180612
Emsisoft 20180612
Endgame 20180507
F-Prot 20180612
F-Secure 20180612
Fortinet 20180612
GData 20180612
Ikarus 20180611
Sophos ML 20180601
Jiangmin 20180612
K7AntiVirus 20180612
K7GW 20180612
Kaspersky 20180612
Kingsoft 20180612
MAX 20180612
Malwarebytes 20180612
McAfee 20180612
McAfee-GW-Edition 20180612
eScan 20180612
Microsoft 20180612
NANO-Antivirus 20180612
Palo Alto Networks (Known Signatures) 20180612
Panda 20180611
Qihoo-360 20180612
Rising 20180612
SUPERAntiSpyware 20180612
SentinelOne (Static ML) 20180225
Sophos AV 20180612
Symantec 20180612
TACHYON 20180612
Tencent 20180612
TheHacker 20180608
TrendMicro 20180612
TrendMicro-HouseCall 20180612
VBA32 20180611
VIPRE 20180612
ViRobot 20180612
Webroot 20180612
Yandex 20180609
Zillya 20180611
ZoneAlarm by Check Point 20180612
Zoner 20180612
eGambit 20180612
Alibaba 20180612
Cylance Unsafe 20180612
Symantec Mobile Insight 20180605
Trustlook 20180612
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Корпорация Майкрософт. Все права защищены.

Product Операционная система Microsoft® Windows®
Original name CALC.EXE
Internal name CALC
File version 5.1.2600.0 (xpclient.010817-1148)
Description Калькулятор для Windows
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2001-08-17 20:52:32
Entry Point 0x00012475
Number of sections 3
PE sections
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
SetBkColor
SetBkMode
SetTextColor
LocalReAlloc
GlobalFree
WaitForSingleObject
SetEvent
GlobalUnlock
LoadLibraryA
lstrlenW
GlobalSize
GetStartupInfoA
LocalAlloc
GetCommandLineW
CreateThread
lstrcatW
WriteProfileStringW
lstrcpynW
GetProfileStringW
lstrcpyW
GlobalReAlloc
GetModuleHandleA
ResetEvent
lstrcmpW
GlobalLock
GetProcAddress
LocalFree
GetProfileIntW
CreateEventW
GlobalCompact
GlobalAlloc
Sleep
CloseHandle
ShellAboutW
SetFocus
MapWindowPoints
UpdateWindow
EndDialog
DestroyWindow
HideCaret
OffsetRect
DefWindowProcW
CheckRadioButton
GetProcessDefaultLayout
DestroyMenu
PostQuitMessage
ShowWindow
MessageBeep
GetMessageW
LoadMenuW
GetClipboardData
SetDlgItemInt
SetWindowLongW
MessageBoxW
SendMessageW
GetWindowRect
RegisterClassExW
SetMenu
DialogBoxParamW
ChildWindowFromPoint
SetWindowPos
TranslateMessage
GetSysColor
CheckMenuRadioItem
CheckDlgButton
DispatchMessageW
CreateDialogParamW
GetDlgCtrlID
CheckMenuItem
GetMenu
TranslateAcceleratorW
GetWindowLongW
WinHelpW
LoadStringW
SetWindowTextW
GetDlgItem
SystemParametersInfoW
DrawTextW
EnableMenuItem
ScreenToClient
TrackPopupMenuEx
GetSubMenu
IsClipboardFormatAvailable
CharNextW
CallWindowProcW
InvalidateRect
IsDialogMessageW
SetProcessDefaultLayout
GetSysColorBrush
CharNextA
GetWindowTextW
SetDlgItemTextW
GetDesktopWindow
LoadCursorW
LoadIconW
CreateWindowExW
LoadAcceleratorsW
EnableWindow
CloseClipboard
GetClientRect
SetCursor
IsChild
OpenClipboard
__p__fmode
_acmdln
??1type_info@@UAE@XZ
wcstoul
wcschr
_controlfp
toupper
_cexit
?terminate@@YAXXZ
_c_exit
wcslen
exit
_XcptFilter
__setusermatherr
__p__commode
__CxxFrameHandler
_CxxThrowException
??3@YAXPAX@Z
_adjust_fdiv
_wcsrev
__getmainargs
_initterm
_except_handler3
memmove
_exit
__set_app_type
Number of PE resources by type
RT_ICON 8
RT_STRING 6
RT_DIALOG 4
RT_MENU 4
RT_MANIFEST 1
RT_ACCELERATOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
RUSSIAN 26
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
38400

ImageVersion
5.1

ProductName
Microsoft Windows

FileVersionNumber
5.1.2600.0

UninitializedDataSize
0

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
7.0

FileTypeExtension
exe

OriginalFileName
CALC.EXE

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
5.1.2600.0 (xpclient.010817-1148)

TimeStamp
2001:08:17 21:52:32+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
CALC

ProductVersion
5.1.2600.0

FileDescription
Windows

OSVersion
5.1

FileOS
Windows NT 32-bit

LegalCopyright
. .

MachineType
Intel 386 or later, and compatibles

CodeSize
75776

FileSubtype
0

ProductVersionNumber
5.1.2600.0

EntryPoint
0x12475

ObjectFileType
Executable application

Execution parents
PE resource-wise parents
Overlay parents
Compressed bundles
File identification
MD5 e9cc8c20b0e682c77b97e6787de16e5d
SHA1 8be674dec4fcf14ae853a5c20a9288bff3e0520a
SHA256 ef854d21cbf297ee267f22049b773ffeb4c1ff1a3e55227cc2a260754699d644
ssdeep
1536:Zl14rQcWAkN7GAlqbkfAGQGV8aMbrNyrf1w+noPvaeBsCXK15Zr6O:7mZWXyaiedMbrN6pnoXPBsr5ZrR

authentihash 536705b32a88e7f0cf66c64ec15e2671dd1922ad2d637d1b7c706b05b6a8e99c
imphash 08f6a1b121da8cedde2d1089d0906ed8
File size 112.5 KB ( 115200 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe trusted via-tor

Trusted verdicts
This file belongs to the Microsoft Corporation software catalogue. The file is often found with calc.exe as its name. The file belongs to the Windows XP Professional product, more specifically in ['SW CD Windows XP Professional Russian #1 ProdAct w/SP1a OEM'].
VirusTotal metadata
First submission 2012-01-11 17:01:33 UTC ( 6 years, 5 months ago )
Last submission 2018-06-12 07:14:32 UTC ( 1 week, 2 days ago )
File names ef854d21cbf297ee_7fa1.tmp
844665488d.exe
abby0_tar.exe
calc.exe
file-3197252_exe
CALC.EXE
e9cc8c20b0e682c77b97e6787de16e5d_c336kl1.dyndns.biz_4c27f
26.EXE
vti-rescan
calc_s.exe
calc.exe
d79abd28145d20f8.exe
e9cc8c20b0e682c77b97e6787de16e5d_46.183.217.155_97d19
calc._exe
26.exe
8be674dec4fcf14ae853a5c20a9288bff3e0520a.exe
calc.exe
25
calc.exe.001
test.exe
e9cc8c20b0e682c77b97e6787de16e5d_141.136.16.127_182b5
calc.exe
adobe_flash_player.exe
0.exe
filename
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!