× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f40361b663037d54b437edd09f03d8b5aeb44ebfd3f245161d1917315a9fe875
File name: smona_f40361b663037d54b437edd09f03d8b5aeb44ebfd3f245161d1917315a9...
Detection ratio: 0 / 42
Analysis date: 2012-06-04 15:18:30 UTC ( 1 year, 10 months ago )
Antivirus Result Update
AVG 20120604
AhnLab-V3 20120604
AntiVir 20120604
Antiy-AVL 20120604
Avast 20120604
BitDefender 20120604
ByteHero 20120531
CAT-QuickHeal 20120604
ClamAV 20120604
Commtouch 20120604
Comodo 20120604
DrWeb 20120604
Emsisoft 20120604
F-Prot 20120604
F-Secure 20120604
Fortinet 20120603
GData 20120604
Ikarus 20120604
Jiangmin 20120604
K7AntiVirus 20120601
Kaspersky 20120604
McAfee 20120604
McAfee-GW-Edition 20120604
Microsoft 20120602
NOD32 20120604
Norman 20120604
PCTools 20120604
Panda 20120604
Rising 20120604
SUPERAntiSpyware 20120602
Sophos 20120604
Symantec 20120604
TheHacker 20120531
TotalDefense 20120604
TrendMicro 20120604
TrendMicro-HouseCall 20120604
VBA32 20120604
VIPRE 20120604
ViRobot 20120604
VirusBuster 20120604
eSafe 20120603
nProtect 20120604
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright (C) 2004-2012

Publisher Nenad Hrg SoftwareOK.de
Product Anwendung FontViewOK
Original name FontViewOK.exe
Internal name FontViewOK
File version 2, 6, 6, 0
Description FontViewOK 2.66
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-06-01 08:25:25
Entry Point 0x00011AFF
Number of sections 4
PE sections
PE imports
RegOpenKeyExA, RegCloseKey, RegEnumValueA
ImageList_SetImageCount, ImageList_ReplaceIcon, ImageList_Draw
CreateFontA, GetStockObject, GetBkColor, EnumFontsA, CreateSolidBrush, CreateFontIndirectA, GetTextMetricsA, GetTextExtentPoint32A, GetDeviceCaps, CreatePen, DeleteObject, CreateCompatibleDC, CreateCompatibleBitmap, DeleteDC, AddFontResourceA, GetObjectA, PatBlt, SelectObject
GetWindowsDirectoryA, GetCurrentThreadId, GetTempPathA, lstrcpynA, DeleteFileA, WriteFile, WideCharToMultiByte, lstrlenA, GetLastError, FormatMessageA, LocalFree, GetFileAttributesA, GetProcAddress, LoadLibraryA, FreeLibrary, LockResource, CloseHandle, ReadFile, GlobalAlloc, GetFileSize, CreateFileA, lstrcpyA, GetStartupInfoA, lstrcatA, GetVersionExA, UnmapViewOfFile, MapViewOfFile, CreateFileMappingA, GetSystemDefaultLangID, GetModuleHandleA, GetLocalTime, MulDiv
-, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
__0_Lockit@std@@QAE@XZ, __1_Lockit@std@@QAE@XZ
__p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, __p__fmode, _XcptFilter, _exit, _onexit, _setmbcp, _stricmp, __set_app_type, _acmdln, __CxxFrameHandler, _mbscmp, atoi, _mbsnbicmp, _ftol, _mbsnbcpy, _mbsstr, strncpy, _except_handler3, atof, exit, putc, getc, fread, malloc, free, _mbsicmp, vsprintf, toupper, _mbsrchr, __dllonexit, _controlfp
SHBrowseForFolderA, ShellExecuteExA, SHGetSpecialFolderLocation, SHGetPathFromIDListA, SHFileOperationA, ShellExecuteA, SHGetMalloc
GetMenuStringA, GetMenuItemInfoA, SystemParametersInfoA, LoadMenuA, CallNextHookEx, GetParent, ScreenToClient, PostMessageA, UnhookWindowsHookEx, TrackPopupMenuEx, SetWindowsHookExA, GetDesktopWindow, GetSubMenu, MessageBoxA, DrawFocusRect, CreateMenu, IsZoomed, LoadIconA, SetMenu, PtInRect, DrawTextA, FillRect, GetDlgItem, SetWindowTextA, GetWindowTextA, GetDC, ReleaseDC, OpenClipboard, EmptyClipboard, SetClipboardData, CloseClipboard, CreatePopupMenu, AppendMenuA, GetCursorPos, TrackPopupMenu, KillTimer, CopyRect, IntersectRect, GetFocus, PeekMessageA, PostQuitMessage, IsWindowVisible, GetSystemMetrics, SetRect, IsWindow, SetClassLongA, LoadCursorA, GetSysColor, GetWindowRect, SendMessageA, SetTimer, UpdateWindow, EnableWindow, SetWindowPos, RedrawWindow, GetClientRect, GetMenuItemCount
OleInitialize
ExifTool file metadata
CodeSize
77824

SubsystemVersion
4.0

InitializedDataSize
114688

ImageVersion
0.0

ProductName
Anwendung FontViewOK

FileVersionNumber
2.6.6.0

UninitializedDataSize
0

LanguageCode
German

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

OriginalFilename
FontViewOK.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
2, 6, 6, 0

TimeStamp
2012:06:01 10:25:25+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
FontViewOK

ProductVersion
2, 6, 6, 0

FileDescription
FontViewOK 2.66

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright (C) 2004-2012

MachineType
Intel 386 or later, and compatibles

CompanyName
Nenad Hrg SoftwareOK.de

FileSubtype
0

ProductVersionNumber
2.6.6.0

EntryPoint
0x11aff

ObjectFileType
Executable application

File identification
MD5 e9f2e4c11cd30703cfa084b4bfda9234
SHA1 abeeeaf6acd3fc8adb3afb8c4393b231bd90cf61
SHA256 f40361b663037d54b437edd09f03d8b5aeb44ebfd3f245161d1917315a9fe875
ssdeep
3072:6WYoEELEXFeKgC+WWqHeAGPdyrLQEOxI8QY4/cSuku16nyr:6ukHL+WWgaoXQP4/vuku1D

File size 152.0 KB ( 155648 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
Tags
armadillo

VirusTotal metadata
First submission 2012-06-04 15:18:30 UTC ( 1 year, 10 months ago )
Last submission 2012-06-04 15:18:30 UTC ( 1 year, 10 months ago )
File names smona_f40361b663037d54b437edd09f03d8b5aeb44ebfd3f245161d1917315a9fe875.bin
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!