× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f47ba3e1f98c938e1785a5cf505103e496989e62b7869510b1063c374e836bec
File name: codedcolor-photostudio-364-jetelecharge.exe
Detection ratio: 1 / 68
Analysis date: 2018-09-26 02:37:43 UTC ( 7 months, 4 weeks ago ) View latest
Antivirus Result Update
Bkav W32.eHeur.Malware09 20180925
Ad-Aware 20180926
AegisLab 20180926
AhnLab-V3 20180925
Alibaba 20180921
ALYac 20180926
Antiy-AVL 20180926
Arcabit 20180926
Avast 20180926
Avast-Mobile 20180925
AVG 20180926
Avira (no cloud) 20180925
AVware 20180925
Babable 20180918
Baidu 20180925
BitDefender 20180926
CAT-QuickHeal 20180923
ClamAV 20180924
CMC 20180925
Comodo 20180926
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180926
Cyren 20180926
DrWeb 20180926
eGambit 20180926
Emsisoft 20180925
Endgame 20180730
ESET-NOD32 20180926
F-Prot 20180926
F-Secure 20180926
Fortinet 20180926
GData 20180926
Ikarus 20180925
Sophos ML 20180717
Jiangmin 20180926
K7AntiVirus 20180925
K7GW 20180926
Kaspersky 20180926
Kingsoft 20180926
Malwarebytes 20180926
MAX 20180926
McAfee 20180926
McAfee-GW-Edition 20180926
Microsoft 20180926
eScan 20180926
NANO-Antivirus 20180926
Palo Alto Networks (Known Signatures) 20180926
Panda 20180925
Qihoo-360 20180926
Rising 20180926
SentinelOne (Static ML) 20180925
Sophos AV 20180925
SUPERAntiSpyware 20180907
Symantec 20180925
Symantec Mobile Insight 20180924
TACHYON 20180926
Tencent 20180926
TheHacker 20180924
TotalDefense 20180925
TrendMicro 20180926
TrendMicro-HouseCall 20180925
Trustlook 20180926
VBA32 20180925
VIPRE 20180925
ViRobot 20180925
Webroot 20180926
Yandex 20180925
Zillya 20180925
ZoneAlarm by Check Point 20180925
Zoner 20180925
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Product CodedColor
File version
Description CodedColor Setup
Comments This installation was built with Inno Setup.
Packers identified
F-PROT INNO, appended
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-10-30 20:54:54
Entry Point 0x00016478
Number of sections 9
PE sections
Overlays
MD5 d34da98804e2237f48f29e5f4de0c16d
File type data
Offset 158720
Size 61490731
Entropy 8.00
PE imports
RegCloseKey
OpenProcessToken
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControls
GetLastError
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
GetSystemInfo
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetThreadLocale
VirtualProtect
GetFileAttributesW
RtlUnwind
lstrlenW
GetLocalTime
CreateProcessW
DeleteCriticalSection
GetStartupInfoA
SizeofResource
GetWindowsDirectoryW
LocalAlloc
LockResource
GetDiskFreeSpaceW
GetCommandLineW
SetErrorMode
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetCPInfo
DeleteFileW
GetProcAddress
GetDateFormatW
InterlockedCompareExchange
GetLocaleInfoW
lstrcpynW
CompareStringW
RaiseException
WideCharToMultiByte
RemoveDirectoryW
SetFilePointer
GetFullPathNameW
ReadFile
GetEnvironmentVariableW
InterlockedExchange
CreateDirectoryW
WriteFile
GetCurrentProcess
CloseHandle
FindFirstFileW
GetACP
GetModuleHandleW
SignalObjectAndWait
SetEvent
FormatMessageW
LoadLibraryW
CreateEventW
GetExitCodeProcess
GetVersion
InitializeCriticalSection
LoadResource
FindResourceW
CreateFileW
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
LeaveCriticalSection
VirtualAlloc
GetFileSize
SetLastError
ResetEvent
VariantChangeType
SafeArrayGetLBound
SafeArrayPtrOfIndex
SysAllocStringLen
VariantClear
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
SysFreeString
VariantInit
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
LoadStringW
MessageBoxA
CreateWindowExW
MsgWaitForMultipleObjects
TranslateMessage
CharUpperBuffW
CallWindowProcW
CharNextW
GetKeyboardType
ExitWindowsEx
DispatchMessageW
DestroyWindow
Number of PE resources by type
RT_ICON 6
RT_STRING 6
RT_RCDATA 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 10
NEUTRAL 9
PE resources
ExifTool file metadata
SubsystemVersion
5.0

Comments
This installation was built with Inno Setup.

InitializedDataSize
71680

ImageVersion
6.0

ProductName
CodedColor

FileVersionNumber
0.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Unicode

LinkerVersion
2.25

FileTypeExtension
exe

MIMEType
application/octet-stream

TimeStamp
2010:10:30 22:54:54+02:00

FileType
Win32 EXE

PEType
PE32

FileDescription
CodedColor Setup

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
1STEIN

CodeSize
86016

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0x16478

ObjectFileType
Executable application

File identification
MD5 7ecb39d38e024eeb01e869bbfd77cb72
SHA1 6acd655edc0ab4c74a556d0db670fe0a38476a9f
SHA256 f47ba3e1f98c938e1785a5cf505103e496989e62b7869510b1063c374e836bec
ssdeep
1572864:+BeG81z1QH6kwfS+iuXbpE06Yd/cpvVOia/KF22h:c/8h1j6+/+06YdkzOn+

authentihash 054e51d1ce5a674775a38305c1ec8fa6060d4546f9a14f9ee517532463ef099e
imphash 483f0c4259a9148c34961abbda6146c1
File size 58.8 MB ( 61649451 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Inno Setup installer (76.6%)
Win32 Executable Delphi generic (9.9%)
Win32 Dynamic Link Library (generic) (4.5%)
Win32 Executable (generic) (3.1%)
Win16/32 Executable Delphi generic (1.4%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-08-01 11:53:49 UTC ( 2 years, 9 months ago )
Last submission 2018-09-26 02:37:43 UTC ( 7 months, 4 weeks ago )
File names codedcolor-photostudio-364-jetelecharge.exe
f47ba3e1f98c938e1785a5cf505103e496989e62b7869510b1063c374e836bec
F47BA3E1F98C938E1785A5CF505103E496989E62B7869510B1063C374E836BEC.exe
codedcolorsetup_en.exe
codedcolor-photostudio-364-jetelecharge.exe
codedcolor-photostudio-364-jetelecharge.exe
903082
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!