× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f1e36665dc7ca50e37e1710f6308097d409f0cdcaf0c8499988ca202382c217f
File name: vti-rescan
Detection ratio: 23 / 57
Analysis date: 2015-04-13 16:09:25 UTC ( 4 years, 1 month ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.2290130 20150413
Avast Win32:Emotet-P [Trj] 20150413
Avira (no cloud) TR/Agent.277757 20150413
Baidu-International Trojan.Win32.Bublik.dntm 20150413
BitDefender Trojan.GenericKD.2290130 20150413
ByteHero Virus.Win32.Heur.p 20150413
CMC Heur.Win32.VBKrypt.3!O 20150413
Emsisoft Trojan.GenericKD.2290130 (B) 20150413
ESET-NOD32 a variant of Win32/Injector.BYED 20150413
F-Secure Trojan.GenericKD.2290130 20150413
Fortinet W32/Bublik.DNTM!tr 20150413
GData Trojan.GenericKD.2290130 20150413
Ikarus Trojan.Win32.Bublik 20150413
K7AntiVirus Riskware ( 0040eff71 ) 20150413
K7GW Riskware ( 0040eff71 ) 20150413
Kaspersky Trojan.Win32.Bublik.dntm 20150413
McAfee Artemis!9BC161054B2F 20150413
eScan Trojan.GenericKD.2290130 20150413
nProtect Trojan.GenericKD.2290130 20150413
Panda Generic Suspicious 20150413
Qihoo-360 HEUR/QVM03.0.Malware.Gen 20150413
Sophos AV Mal/Generic-S 20150413
Tencent Trojan.Win32.Qudamah.Gen.17 20150413
AegisLab 20150413
Yandex 20150413
AhnLab-V3 20150413
Alibaba 20150413
ALYac 20150413
Antiy-AVL 20150413
AVG 20150413
AVware 20150413
Bkav 20150413
CAT-QuickHeal 20150413
ClamAV 20150413
Comodo 20150413
Cyren 20150413
DrWeb 20150413
F-Prot 20150413
Jiangmin 20150412
Kingsoft 20150413
Malwarebytes 20150413
McAfee-GW-Edition 20150413
Microsoft 20150413
NANO-Antivirus 20150413
Norman 20150413
Rising 20150413
SUPERAntiSpyware 20150412
Symantec 20150413
TheHacker 20150413
TotalDefense 20150413
TrendMicro 20150413
TrendMicro-HouseCall 20150413
VBA32 20150412
VIPRE 20150413
ViRobot 20150413
Zillya 20150413
Zoner 20150413
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
REW is room acoustics analysis software for measuring

Publisher REW is room acoustics analysis software for measuring
Product REW is room acoustics analysis software for measuring
Original name TextConv.exe
Internal name TextConv
File version 1.00.0015
Description REW is room acoustics analysis software for measuring
Comments REW is room acoustics analysis software for measuring
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-04-10 14:20:17
Entry Point 0x00001128
Number of sections 3
PE sections
Overlays
MD5 56b7bdd7b4169a9bf0ec4823603dfb68
File type data
Offset 147456
Size 130301
Entropy 7.99
PE imports
EVENT_SINK_QueryInterface
Ord(645)
Ord(537)
Ord(648)
Ord(516)
Ord(685)
Ord(594)
Ord(689)
Ord(525)
EVENT_SINK_AddRef
Ord(300)
Ord(717)
__vbaExceptHandler
MethCallEngine
DllFunctionCall
Ord(100)
Ord(599)
Ord(608)
Ord(570)
Ord(571)
ProcCallEngine
Ord(711)
EVENT_SINK_Release
Ord(595)
Ord(593)
Ord(306)
Ord(631)
Ord(563)
Number of PE resources by type
RT_ICON 4
RT_STRING 1
RT_VERSION 1
CEROL 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
THAI DEFAULT 2
ENGLISH US 1
PE resources
ExifTool file metadata
LegalTrademarks
REW is room acoustics analysis software for measuring

SubsystemVersion
4.0

Comments
REW is room acoustics analysis software for measuring

LinkerVersion
6.0

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.15

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
REW is room acoustics analysis software for measuring

CharacterSet
Unicode

InitializedDataSize
53248

EntryPoint
0x1128

OriginalFileName
TextConv.exe

MIMEType
application/octet-stream

LegalCopyright
REW is room acoustics analysis software for measuring

FileVersion
1.00.0015

TimeStamp
2015:04:10 15:20:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
TextConv

ProductVersion
1.00.0015

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
REW is room acoustics analysis software for measuring

CodeSize
102400

ProductName
REW is room acoustics analysis software for measuring

ProductVersionNumber
1.0.0.15

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 9bc161054b2f019ea775cbee224a146e
SHA1 c03f48c2fc7ad61275cec827480d0dddff1622d0
SHA256 f1e36665dc7ca50e37e1710f6308097d409f0cdcaf0c8499988ca202382c217f
ssdeep
3072:KOQhZOOQhZOOQhZ3np9sK0OQhZOOQhZOOQhZacdFztKmigIZQIc0brOuIDtL+OXU:8bcPztVIiIc0br+tL+OTp9g

authentihash 0b0ef97161767c8deaee188cb70c63baf38de6da95f24ce2af4a3ae7e1029a82
imphash e9c7d402150ccfcc98bb88e155a1e3b6
File size 271.2 KB ( 277757 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (90.5%)
Win32 Executable (generic) (4.9%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-04-11 15:10:12 UTC ( 4 years, 1 month ago )
Last submission 2015-04-13 16:09:25 UTC ( 4 years, 1 month ago )
File names TextConv.exe
TextConv
35a.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!