| SHA256: | f2b8c636158782f1cfda772fa6c60394c2babdc4456bb217e4b49d619c86acb9 |
| File name: | copyq-2.1.0-setup.exe |
| Detection ratio: | 1 / 52 |
| Analysis date: | 2014-05-09 10:02:38 UTC ( 3 years ago ) View latest |
| Antivirus | Result | Update |
|---|---|---|
| CMC | RiskTool.Win32.CloseApp!O | 20140506 |
| Ad-Aware | 20140509 | |
| AegisLab | 20140509 | |
| Yandex | 20140508 | |
| AhnLab-V3 | 20140509 | |
| AntiVir | 20140509 | |
| Antiy-AVL | 20140509 | |
| Avast | 20140509 | |
| AVG | 20140509 | |
| Baidu-International | 20140509 | |
| BitDefender | 20140509 | |
| Bkav | 20140507 | |
| ByteHero | 20140509 | |
| CAT-QuickHeal | 20140508 | |
| ClamAV | 20140509 | |
| Commtouch | 20140509 | |
| Comodo | 20140509 | |
| DrWeb | 20140509 | |
| Emsisoft | 20140509 | |
| ESET-NOD32 | 20140509 | |
| F-Prot | 20140509 | |
| F-Secure | 20140509 | |
| Fortinet | 20140509 | |
| GData | 20140509 | |
| Ikarus | 20140509 | |
| Jiangmin | 20140509 | |
| K7AntiVirus | 20140508 | |
| K7GW | 20140508 | |
| Kaspersky | 20140509 | |
| Kingsoft | 20140509 | |
| Malwarebytes | 20140509 | |
| McAfee | 20140509 | |
| McAfee-GW-Edition | 20140508 | |
| Microsoft | 20140509 | |
| eScan | 20140509 | |
| NANO-Antivirus | 20140509 | |
| Norman | 20140509 | |
| nProtect | 20140509 | |
| Panda | 20140509 | |
| Qihoo-360 | 20140509 | |
| Rising | 20140507 | |
| Sophos | 20140509 | |
| SUPERAntiSpyware | 20140509 | |
| Symantec | 20140509 | |
| TheHacker | 20140508 | |
| TotalDefense | 20140509 | |
| TrendMicro | 20140509 | |
| TrendMicro-HouseCall | 20140509 | |
| VBA32 | 20140507 | |
| VIPRE | 20140509 | |
| ViRobot | 20140509 | |
| Zillya | 20140509 |
The file being studied is a Portable Executable file!
More specifically, it is a Win32 EXE
file
for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Product CopyQ
File version
Description CopyQ Setup
Comments This installation was built with Inno Setup.
Packers identified
F-PROT INNO, appended
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-01-30 14:21:56
Entry Point 0x000113BC
Number of sections 8
PE sections
Overlays
MD5 7a9c2140e08217ae24bdc16efb36f606
File type data
Offset 118784
Size 9219560
Entropy 8.00
PE imports
Number of PE resources by type
RT_STRING 6
RT_ICON 4
RT_RCDATA 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 9
ENGLISH US 4
DUTCH 4
PE resources
ExifTool file metadata
UninitializedDataSize
0
Comments
This installation was built with Inno Setup.
LinkerVersion
2.25
ImageVersion
6.0
FileSubtype
0
FileVersionNumber
0.0.0.0
LanguageCode
Neutral
FileFlagsMask
0x003f
CharacterSet
Unicode
InitializedDataSize
52736
EntryPoint
0x113bc
MIMEType
application/octet-stream
TimeStamp
2013:01:30 15:21:56+01:00
FileType
Win32 EXE
PEType
PE32
SubsystemVersion
5.0
ProductVersion
2.1.0
FileDescription
CopyQ Setup
OSVersion
5.0
FileOS
Win32
Subsystem
Windows GUI
MachineType
Intel 386 or later, and compatibles
CompanyName
Lukas Holecek
CodeSize
65024
ProductName
CopyQ
ProductVersionNumber
0.0.0.0
FileTypeExtension
exe
ObjectFileType
Executable application
File identification
MD5 2a1f7a7ed4aafcd9d4a350c57c8a0ac7
SHA1 6d57d0a70a55f42241371963fa3a2808df93f045
SHA256 f2b8c636158782f1cfda772fa6c60394c2babdc4456bb217e4b49d619c86acb9
ssdeep
196608:/W3rVMNbQUYmWUzQmsfNrfgGRP0XKbCd1/mGF5rSe6e3Qt1h:+3rqN7YMQmsfyKid1/m0SBe30z
File size
8.9 MB ( 9338344 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit
| TrID |
Win32 Executable Delphi generic (45.2%) Win32 Dynamic Link Library (generic) (20.9%) Win32 Executable (generic) (14.3%) Win16/32 Executable Delphi generic (6.6%) Generic Win/DOS Executable (6.3%) |
Tags
peexe
overlay
VirusTotal metadata
First submission
2014-04-07 06:13:30 UTC ( 3 years, 1 month ago )
Last submission
2014-05-30 11:59:44 UTC ( 2 years, 12 months ago )
| File names |
24667921 24667902 copyq-2.1.0-setup.exe copyq-2.1.0-setup.exe copyq-2.1.0-setup.exe file-7050522_exe copyq-2.1.0-setup.exe f2b8c636158782f1cfda772fa6c60394c2babdc4456bb217e4b49d619c86acb9 |
Advanced heuristic and reputation engines
Symantec reputation
Suspicious.Insight
No comments.
No VirusTotal Community member has commented on this item yet, be the first one to do so!
You have not signed in. Only registered users can leave comments, sign in and have a voice!
No votes.
No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the
behaviour of the file when executed in a controlled environment. The actions
and events described were either performed by the file itself or by any other
process launched by the executed file or subjected to code injection by the
executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the
DeviceIoControl
Windows API function.