× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fadb426b57577fff6c26a5efad0803ce9be22bf5c6a0a63e9a23e885b2b1eff1
File name: chocolatey.exe
Detection ratio: 0 / 57
Analysis date: 2015-03-31 17:32:56 UTC ( 3 years, 10 months ago )
Antivirus Result Update
Ad-Aware 20150331
AegisLab 20150331
Yandex 20150331
AhnLab-V3 20150331
Alibaba 20150331
ALYac 20150331
Antiy-AVL 20150331
Avast 20150331
AVG 20150331
Avira (no cloud) 20150404
AVware 20150331
Baidu-International 20150331
BitDefender 20150331
Bkav 20150331
ByteHero 20150331
CAT-QuickHeal 20150331
ClamAV 20150331
CMC 20150330
Comodo 20150331
Cyren 20150331
DrWeb 20150331
Emsisoft 20150331
ESET-NOD32 20150331
F-Prot 20150331
F-Secure 20150331
Fortinet 20150331
GData 20150331
Ikarus 20150331
Jiangmin 20150330
K7AntiVirus 20150331
K7GW 20150331
Kaspersky 20150331
Kingsoft 20150331
Malwarebytes 20150331
McAfee 20150331
McAfee-GW-Edition 20150331
Microsoft 20150331
eScan 20150331
NANO-Antivirus 20150331
Norman 20150331
nProtect 20150331
Panda 20150331
Qihoo-360 20150331
Rising 20150331
Sophos AV 20150331
SUPERAntiSpyware 20150331
Symantec 20150331
Tencent 20150404
TheHacker 20150330
TotalDefense 20150331
TrendMicro 20150331
TrendMicro-HouseCall 20150331
VBA32 20150331
VIPRE 20150331
ViRobot 20150331
Zillya 20150331
Zoner 20150330
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 2013-Present RealDimensions Software, LLC

Publisher RealDimensions Sofware, LLC
Product ShimGen generated shim
Original name chocolatey.exe
Internal name chocolatey.exe
File version 0.2.2.0
Description ShimGen generated shim
Comments This is a shim that points to a particular file. It was generated by ShimGen (Shim Generator). The use of shimgen must comply with its proprietary license.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-02-03 04:53:33
Entry Point 0x00004D3E
Number of sections 3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
This is a shim that points to a particular file. It was generated by ShimGen (Shim Generator). The use of shimgen must comply with its proprietary license.

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.2.2.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
7168

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
Copyright 2013-Present RealDimensions Software, LLC

FileVersion
0.2.2.0

TimeStamp
2015:02:03 05:53:33+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
chocolatey.exe

SubsystemVersion
4.0

ProductVersion
0.2.2.a14dccccc6b8230daed660c1523e4f0815535324

FileDescription
ShimGen generated shim

OSVersion
4.0

OriginalFilename
chocolatey.exe

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
RealDimensions Sofware, LLC

CodeSize
11776

ProductName
ShimGen generated shim

ProductVersionNumber
0.2.2.0

EntryPoint
0x4d3e

ObjectFileType
Executable application

AssemblyVersion
0.2.2.0

File identification
MD5 af1471f55d38c1b096410df0d8afc435
SHA1 0eb4be63c008c18578ea4a5993102c92921f1b51
SHA256 fadb426b57577fff6c26a5efad0803ce9be22bf5c6a0a63e9a23e885b2b1eff1
ssdeep
384:nTPnHpWZKWR9dsaWK0X+tSVcCLW1xbbbbGbZY4he9LL:TP/q9gaCLwxbbbbGbO4h6L

authentihash 8b8d0b574bf7fa62982b5fd247cfd240c70c3085ee253b29820831d1862045c0
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 19.0 KB ( 19456 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2015-03-31 17:32:56 UTC ( 3 years, 10 months ago )
Last submission 2015-03-31 17:32:56 UTC ( 3 years, 10 months ago )
File names chocolatey.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!