× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fe35c7884a5e8bb14218d93283dbf38392a2cc35358f13c6dbc7d4808cc5b73a
File name: 2.exe
Detection ratio: 1 / 54
Analysis date: 2016-09-08 14:17:46 UTC ( 2 years, 5 months ago ) View latest
Antivirus Result Update
Qihoo-360 HEUR/QVM10.1.0000.Malware.Gen 20160908
Ad-Aware 20160908
AegisLab 20160908
AhnLab-V3 20160907
Alibaba 20160908
ALYac 20160908
Antiy-AVL 20160908
Arcabit 20160908
Avast 20160908
AVG 20160908
Avira (no cloud) 20160908
AVware 20160908
Baidu 20160908
BitDefender 20160908
Bkav 20160908
CAT-QuickHeal 20160907
ClamAV 20160907
CMC 20160908
Comodo 20160908
Cyren 20160908
DrWeb 20160908
Emsisoft 20160908
ESET-NOD32 20160908
F-Prot 20160908
F-Secure 20160908
Fortinet 20160908
GData 20160908
Ikarus 20160908
Sophos ML 20160830
Jiangmin 20160908
K7AntiVirus 20160908
K7GW 20160908
Kaspersky 20160908
Kingsoft 20160908
Malwarebytes 20160908
McAfee 20160908
McAfee-GW-Edition 20160908
Microsoft 20160908
eScan 20160908
NANO-Antivirus 20160908
nProtect 20160908
Panda 20160907
Rising 20160908
Sophos AV 20160908
SUPERAntiSpyware 20160908
Symantec 20160908
Tencent 20160908
TheHacker 20160908
TrendMicro 20160908
TrendMicro-HouseCall 20160908
VBA32 20160907
VIPRE 20160908
ViRobot 20160908
Yandex 20160907
Zillya 20160908
Zoner 20160908
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) Locktime Softprog

Product NetLimiter 4
Original name netlimiter-4.0.15.0.exe
Internal name netlimiter-4.0.15.0
File version 4.0.15.0
Description Net Limiter 4
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-09-08 07:46:13
Entry Point 0x0000A944
Number of sections 5
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
GetAce
LookupAccountSidA
RegCreateKeyExA
SetSecurityDescriptorDacl
LookupAccountNameA
AddAccessAllowedAce
GetFileSecurityA
RegOpenKeyExA
SetFileSecurityA
GetTokenInformation
IsValidSid
GetSecurityDescriptorDacl
GetLengthSid
IsValidAcl
RegSetValueExW
FreeSid
GetCurrentHwProfileA
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegSetValueExA
InitializeAcl
AddAce
InitCommonControlsEx
ImageList_Create
Ord(17)
ImageList_ReplaceIcon
GetOpenFileNameA
GetSaveFileNameA
ChooseFontA
CreatePolygonRgn
SetMapMode
CreatePen
TextOutA
CreateFontIndirectA
GetTextMetricsA
GetObjectA
LineTo
DeleteDC
SetBkMode
ChoosePixelFormat
BitBlt
CreateDIBSection
SetTextColor
DescribePixelFormat
SelectClipPath
MoveToEx
GetStockObject
SetPixelFormat
CreateCompatibleDC
SwapBuffers
SelectObject
GetTextExtentPoint32A
SetWindowExtEx
CreateSolidBrush
SetPixelV
DeleteObject
Ellipse
gluPerspective
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
WaitForSingleObject
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
lstrcatA
FreeEnvironmentStringsW
WaitCommEvent
SetStdHandle
GetFileTime
FindNextVolumeMountPointA
GetCPInfo
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetExitCodeProcess
SetConsoleCP
InterlockedDecrement
FormatMessageA
SetLastError
GetSystemTime
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
SetFilePointer
SetUnhandledExceptionFilter
ClearCommError
TerminateProcess
WriteConsoleA
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
SetCommMask
GetProcAddress
lstrcpyA
GetUserDefaultLCID
SetCommTimeouts
GetConsoleWindow
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
lstrlenA
GetConsoleCP
LCMapStringA
GetVolumeNameForVolumeMountPointA
GetEnvironmentStringsW
lstrlenW
GetEnvironmentStrings
GetCurrentProcessId
WideCharToMultiByte
HeapSize
GetCommandLineA
RaiseException
TlsFree
GetModuleHandleA
ReadFile
SetConsoleTitleA
CloseHandle
GetACP
GetModuleHandleW
CreateProcessA
IsValidCodePage
HeapCreate
VirtualFree
Sleep
VirtualAlloc
acmFormatEnumA
acmMetrics
Ord(12)
Ord(24)
Ord(43)
Ord(75)
Ord(11)
Ord(39)
Ord(9)
Ord(31)
Ord(136)
Ord(72)
Ord(26)
Ord(41)
Ord(19)
Ord(13)
GetActiveObject
VariantChangeType
SystemTimeToVariantTime
VariantInit
SysAllocString
glFlush
glVertex2d
glClearColor
glDisable
wglCreateContext
glPopMatrix
glEnd
wglGetCurrentDC
glBegin
glCullFace
glEnable
glLightfv
glClear
glLineWidth
glRotatef
glLoadIdentity
glBlendFunc
glTranslatef
glShadeModel
glColor3f
wglMakeCurrent
glVertex3f
glViewport
glClearDepth
wglDeleteContext
glPushMatrix
glMatrixMode
glDepthFunc
glOrtho
glMaterialfv
RpcServerRegisterIfEx
RpcServerUseProtseqEpA
RpcServerListen
Ord(727)
SHGetFileInfoW
StrChrA
PathFindFileNameW
GetUserNameExA
MapWindowPoints
GetCursorInfo
GetScrollInfo
PostQuitMessage
DefWindowProcW
DrawIcon
CopyIcon
GetIconInfo
ShowWindow
DefWindowProcA
FindWindowA
FillRect
GetDesktopWindow
GetSystemMetrics
EnableMenuItem
SendMessageW
EndPaint
SetDlgItemTextA
MoveWindow
EnumChildWindows
MessageBoxA
GetWindowDC
SetWindowLongA
BeginPaint
SetActiveWindow
GetDC
RegisterClassExA
GetCursorPos
DrawTextA
GetDlgCtrlID
CreatePopupMenu
DestroyIcon
GetMenuItemRect
DrawIconEx
SendMessageA
GetClientRect
GetDlgItem
CreateDialogParamA
SetScrollPos
DeleteMenu
InvalidateRect
wsprintfA
FindWindowExA
CreateWindowExA
LoadCursorA
LoadIconA
GetMenuItemCount
CopyRect
GetWindowTextW
ValidateRect
GetSystemMenu
CreateWindowExW
ReleaseDC
GetMenuItemInfoA
GetWindowTextA
DestroyWindow
ConnectToPrinterDlg
SCardEstablishContext
SCardConnectA
SCardTransmit
SCardListReadersA
GdipDisposeImage
GdipCreateBitmapFromFile
GdipAlloc
GdipFree
GdipCloneImage
GdiplusStartup
CoInitializeEx
CoUninitialize
CoInitialize
StringFromCLSID
CoCreateGuid
RegisterDragDrop
CoCreateInstance
CoInitializeSecurity
CLSIDFromProgID
RevokeDragDrop
CoTaskMemFree
Number of PE resources by type
RT_BITMAP 10
RT_RCDATA 6
RT_ICON 5
RT_DIALOG 4
RT_GROUP_CURSOR 3
RT_STRING 3
RT_CURSOR 3
PNG 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 40
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
172544

ImageVersion
0.0

ProductName
NetLimiter 4

FileVersionNumber
4.0.15.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Net Limiter 4

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
exe

OriginalFileName
netlimiter-4.0.15.0.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.0.15.0

TimeStamp
2016:09:08 08:46:13+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
netlimiter-4.0.15.0

ProductVersion
4.0.15.0

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright (C) Locktime Softprog

MachineType
Intel 386 or later, and compatibles

CompanyName
Locktime SoftProg

CodeSize
105984

FileSubtype
0

ProductVersionNumber
4.0.15.0

EntryPoint
0xa944

ObjectFileType
Executable application

File identification
MD5 c94450ea800b4667dc9353f071861d3b
SHA1 7df7fd630be5532599b51c3bf5de8362768b15cb
SHA256 fe35c7884a5e8bb14218d93283dbf38392a2cc35358f13c6dbc7d4808cc5b73a
ssdeep
6144:ncG/MA/oNFYm4u7MJbUQyW1AeK/UIAcPBpE:d/MA/oTY67MJbUQvZG0ABe

authentihash 53fbc7a93c1fb6d4dc58efb48b0136ec7b26d002da51e13f80c60e709c9eff0b
imphash 9032cfa8588c05f7f207e2c97791e965
File size 273.0 KB ( 279552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (36.8%)
Win32 Executable MS Visual C++ (generic) (26.6%)
Win64 Executable (generic) (23.6%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Tags
peexe

VirusTotal metadata
First submission 2016-09-08 14:17:46 UTC ( 2 years, 5 months ago )
Last submission 2017-03-07 20:10:36 UTC ( 1 year, 11 months ago )
File names c94450ea800b4667dc9353f071861d3b.exe
netlimiter-4.0.15.0
ieahrhhe.exe
netlimiter-4.0.15.0.exe
fe35c7884a5e8bb14218d93283dbf38392a2cc35358f13c6dbc7d4808cc5b73a
2.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs