× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 1316931f652b3be2feb7524cfe0775c50d64a6e4180aa1bc81e05e34442c6f75
Nombre: Speed Shaman - iDexteer.EXE
Detecciones: 7 / 57
Fecha de análisis: 2015-02-27 14:04:15 UTC ( hace 4 años, 2 meses ) Ver el más reciente
Antivirus Resultado Actualización
Yandex HackTool.CheatEngine!h2lP7QG9eRI 20150226
Antiy-AVL Trojan/Win32.Tgenic 20150227
Cyren W32/CheatEngine.B!Eldorado 20150227
ESET-NOD32 a variant of Win32/HackTool.CheatEngine.AF potentially unsafe 20150227
F-Prot W32/CheatEngine.B!Eldorado 20150227
Jiangmin TrojanDropper.Injector.bhlg 20150226
Malwarebytes Hacktool.CheatEngine 20150227
Ad-Aware 20150227
AegisLab 20150227
AhnLab-V3 20150227
Alibaba 20150225
ALYac 20150227
Avast 20150227
AVG 20150227
Avira (no cloud) 20150227
AVware 20150226
Baidu-International 20150227
BitDefender 20150227
Bkav 20150227
ByteHero 20150227
CAT-QuickHeal 20150227
ClamAV 20150227
CMC 20150227
Comodo 20150227
DrWeb 20150227
Emsisoft 20150227
F-Secure 20150227
Fortinet 20150227
GData 20150227
Ikarus 20150227
K7AntiVirus 20150227
K7GW 20150227
Kaspersky 20150227
Kingsoft 20150227
McAfee 20150227
McAfee-GW-Edition 20150227
Microsoft 20150227
eScan 20150227
NANO-Antivirus 20150227
Norman 20150227
nProtect 20150227
Panda 20150227
Qihoo-360 20150227
Rising 20150227
Sophos AV 20150227
SUPERAntiSpyware 20150227
Symantec 20150227
Tencent 20150227
TheHacker 20150225
TotalDefense 20150227
TrendMicro 20150227
TrendMicro-HouseCall 20150227
VBA32 20150227
VIPRE 20150227
ViRobot 20150227
Zillya 20150226
Zoner 20150227
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-06-28 14:45:44
Entry Point 0x000015EB
Number of sections 5
PE sections
PE imports
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
SetStdHandle
SetHandleCount
LoadLibraryA
WaitForSingleObject
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
RemoveDirectoryA
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
SizeofResource
GetConsoleMode
GetLocaleInfoA
GetCurrentProcessId
GetConsoleOutputCP
WriteConsoleW
CreateDirectoryA
DeleteFileA
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetStringTypeA
GetConsoleCP
LeaveCriticalSection
LCMapStringW
SetFilePointer
GetTempPathA
WideCharToMultiByte
TlsFree
GetModuleHandleA
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
CloseHandle
GetTempFileNameA
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
HeapAlloc
TerminateProcess
GetEnvironmentStrings
CreateProcessA
LCMapStringA
WriteConsoleA
IsValidCodePage
LoadResource
VirtualFree
TlsGetValue
Sleep
GetFileType
TlsSetValue
CreateFileA
GetTickCount
GetCurrentThreadId
FindResourceA
VirtualAlloc
HeapCreate
SetLastError
InterlockedIncrement
PathRemoveFileSpecA
PathAddBackslashA
PathStripPathA
MessageBoxA
Number of PE resources by type
RT_RCDATA 2
RT_ICON 1
RT_GROUP_ICON 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 3
NEUTRAL 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2013:06:28 15:45:44+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
36352

LinkerVersion
9.0

EntryPoint
0x15eb

InitializedDataSize
4370944

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 c1e5a157705c94a4912200738d02a99e
SHA1 9c8a58eb819139c625cda723ec570490ba856cce
SHA256 1316931f652b3be2feb7524cfe0775c50d64a6e4180aa1bc81e05e34442c6f75
ssdeep
98304:K2wuqJMoakRe4OSmwOJN+BXGcbqTcDx6sDwWeVEOJsmEa:KpuLoakRe4OSC7+0Tc1DWav

authentihash c6e9c4907371f5efdc63cb9071ace752a2160e77642dafd06f0fa2dc4ac703bd
imphash 8d92fa1956a6a631c642190121740197
Tamaño del fichero 4.2 MB ( 4408320 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2015-02-27 14:04:15 UTC ( hace 4 años, 2 meses )
Last submission 2015-02-27 14:04:15 UTC ( hace 4 años, 2 meses )
Nombres Speed Shaman - iDexteer.EXE
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files
Deleted files
Created processes
Runtime DLLs