× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f44f9a6bba0ae6d350f98cdbf2d5b09d56d9b1cf46f4cb9f50566232b32f8bae
File name: SOUNDMAN.EXE
Detection ratio: 1 / 42
Analysis date: 2010-03-28 14:14:57 UTC ( 5 years, 1 month ago ) View latest
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
ClamAV Trojan.Downloader-91280 20100328
AVG 20100328
AhnLab-V3 20100327
AntiVir 20100326
Antiy-AVL 20100326
Authentium 20100328
Avast 20100328
Avast5 20100328
BitDefender 20100328
CAT-QuickHeal 20100327
Comodo 20100328
DrWeb 20100328
F-Prot 20100327
F-Secure 20100328
Fortinet 20100327
GData 20100328
Ikarus 20100328
Jiangmin 20100328
K7AntiVirus 20100322
Kaspersky 20100328
McAfee 20100327
McAfee+Artemis 20100327
McAfee-GW-Edition 20100327
Microsoft 20100328
NOD32 20100328
Norman 20100328
PCTools 20100328
Panda 20100327
Prevx 20100328
Rising 20100328
Sophos 20100328
Sunbelt 20100326
Symantec 20100328
TheHacker 20100328
TrendMicro 20100328
VBA32 20100327
ViRobot 20100327
VirusBuster 20100327
a-squared 20100328
eSafe 20100325
eTrust-Vet 20100326
nProtect 20100328
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Developer metadata
Copyright
Copyright (c) 2004 Realtek Semiconductor Corp.

Publisher Realtek Semiconductor Corp.
Product Realtek HD Sound Manager
Original name ALSMTray.exe
Internal name ALSMTray
File version 1, 0, 0, 30
Description Realtek Sound Manager
Comments Realtek HD Audio Sound Manager
Packers identified
F-PROT embedded
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-07-21 08:14:34
Link date 9:14 AM 7/21/2006
Entry Point 0x00005485
Number of sections 5
PE sections
PE imports
SetSecurityDescriptorDacl
RegOpenKeyA
RegCloseKey
RegCreateKeyA
FreeSid
RegQueryValueExA
AddAccessAllowedAce
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegSetValueExA
InitializeAcl
RegSetKeySecurity
RegCreateKeyExA
GetLengthSid
RegOpenKeyExA
RegDeleteValueA
LineTo
DeleteDC
SetBkMode
SelectObject
GetTextExtentPoint32A
MoveToEx
CreatePen
CreateBrushIndirect
GetTextColor
GetBkMode
CreateFontIndirectA
ExtTextOutA
SetTextColor
BitBlt
SetTextAlign
CreateCompatibleDC
GetTextAlign
Rectangle
DeleteObject
HidD_FreePreparsedData
HidD_GetAttributes
HidP_GetCaps
HidD_GetHidGuid
HidD_GetPreparsedData
DeviceIoControl
HeapFree
GetStdHandle
LCMapStringW
SetHandleCount
GetSystemInfo
lstrlenA
lstrcmpiA
GetLastError
WaitForSingleObject
GetOEMCP
LCMapStringA
HeapDestroy
ExitProcess
GetStringTypeW
VirtualProtect
GetVersionExA
GetModuleFileNameA
RtlUnwind
LoadLibraryA
WinExec
FreeEnvironmentStringsA
GetStartupInfoA
GetEnvironmentStrings
CreateEventA
GetLocaleInfoA
LocalAlloc
WideCharToMultiByte
UnhandledExceptionFilter
MultiByteToWideChar
FreeEnvironmentStringsW
GetCommandLineA
WaitForMultipleObjects
GetProcessHeap
CreateMutexA
GetCPInfo
GetStringTypeA
GetModuleHandleA
lstrcmpA
InterlockedExchange
lstrcpyA
GetCurrentProcess
CloseHandle
GetACP
HeapReAlloc
CreateThread
GetProcAddress
SetEvent
LocalFree
CreateProcessA
HeapCreate
WriteFile
VirtualQuery
VirtualFree
SearchPathA
GetEnvironmentStringsW
Sleep
GetFileType
CreateFileA
HeapAlloc
VirtualAlloc
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInfo
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsA
Shell_NotifyIconA
GetMessageA
ReleaseDC
DestroyMenu
PostQuitMessage
DefWindowProcA
ShowWindow
DispatchMessageA
PostMessageA
TranslateMessage
GetWindow
CharUpperA
GetSysColor
GetDC
InsertMenuItemA
GetCursorPos
SystemParametersInfoA
CreatePopupMenu
LoadStringA
SendMessageA
GetMenuCheckMarkDimensions
RegisterClassA
CreateWindowExA
LoadCursorA
LoadIconA
TrackPopupMenu
GetDesktopWindow
LoadImageA
GetClassNameA
SetForegroundWindow
mixerGetID
mixerGetDevCapsA
mixerGetNumDevs
mixerOpen
waveInGetDevCapsA
mixerClose
waveInGetNumDevs
Number of PE resources by type
RT_BITMAP 10
RT_ICON 8
RT_GROUP_ICON 5
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 23
CHINESE TRADITIONAL 2
ExifTool file metadata
UninitializedDataSize
0

Comments
Realtek HD Audio Sound Manager

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.30

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
57344

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 2004 Realtek Semiconductor Corp.

FileVersion
1, 0, 0, 30

TimeStamp
2006:07:21 09:14:34+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
ALSMTray

SubsystemVersion
4.0

ProductVersion
1, 0, 0, 30

FileDescription
Realtek Sound Manager

OSVersion
4.0

OriginalFilename
ALSMTray.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Realtek Semiconductor Corp.

CodeSize
32768

ProductName
Realtek HD Sound Manager

ProductVersionNumber
1.0.0.30

EntryPoint
0x5485

ObjectFileType
Executable application

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Execution parents
Compressed bundles
File identification
MD5 0d034e8c4f88c5b2b0c1af3cf438cc4f
SHA1 4ec36b2ed506af0927e5a25154d4177e2a83dafb
SHA256 f44f9a6bba0ae6d350f98cdbf2d5b09d56d9b1cf46f4cb9f50566232b32f8bae
ssdeep
1536:y9+Mq0Pwokp7Zql8VYdBB9M+dN76lfan6BoYF2:y9yg2p7ZqlJMoN7kfJBo

authentihash d7ed6d9004e6099ccc6ca48a5f2da02144cd921353589e735b77bb88ba054271
imphash c028af997466fdc3ce7ac8977deba49b
File size 84.0 KB ( 86016 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2009-03-07 18:08:32 UTC ( 6 years, 1 month ago )
Last submission 2015-04-21 00:37:39 UTC ( 2 weeks ago )
File names virussign.com_3c87a69ef51d964a2b006faecf01e710.exe
file-145626_exe
10.2.35.123_C_windowsSOUNDMAN.EXE
SoundMan.exe_
Soundman.exe
smona_f44f9a6bba0ae6d350f98cdbf2d5b09d56d9b1cf46f4cb9f50566232b32f8bae.bin
SOUNDMAN.EXE
ALSMTray.exe
A86D25BE0009AA3450080158A540EB0016CE3827.exe
_restore_SoundMan.exe
ALSMTray
SoundMan.exe
soundman.ex
smona132731915102762761395
DPYGWKPBRM-770.pms.exe.SVD
soundman.exe
A86D25BE0009AA3450080158A540EB0016CE3827.EXE
SoundMan.exe.infected
SoundMan.exe.infected.000
0d034e8c4f88c5b2b0c1af3cf438cc4f
SOUNDMAN.EXE
sbs_ve_ambr_20150317165319.046_ 139511
sendvirus-aJ19As.tmp
smona132731871457459077693
f44f9a6bba0ae6d350f98cdbf2d5b09d5
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!