× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 365388aee7edff31750e2073f9d0c40c5665b57bedcf8c089d2ed57eb1c8d537
Nombre: CulturaGeneral
Detecciones: 0 / 68
Fecha de análisis: 2018-09-20 07:31:19 UTC ( hace 4 meses )
Antivirus Resultado Actualización
Ad-Aware 20180920
AegisLab 20180920
AhnLab-V3 20180920
Alibaba 20180713
ALYac 20180920
Antiy-AVL 20180919
Arcabit 20180920
Avast 20180920
Avast-Mobile 20180920
AVG 20180920
Avira (no cloud) 20180919
AVware 20180920
Babable 20180918
Baidu 20180914
BitDefender 20180920
Bkav 20180919
CAT-QuickHeal 20180918
ClamAV 20180920
CMC 20180919
Comodo 20180920
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180920
Cyren 20180920
DrWeb 20180920
eGambit 20180920
Emsisoft 20180920
Endgame 20180730
ESET-NOD32 20180920
F-Prot 20180920
F-Secure 20180920
Fortinet 20180920
GData 20180920
Ikarus 20180919
Sophos ML 20180717
Jiangmin 20180920
K7AntiVirus 20180920
K7GW 20180920
Kaspersky 20180920
Kingsoft 20180920
Malwarebytes 20180920
MAX 20180920
McAfee 20180920
McAfee-GW-Edition 20180920
Microsoft 20180920
eScan 20180920
NANO-Antivirus 20180920
Palo Alto Networks (Known Signatures) 20180920
Panda 20180919
Qihoo-360 20180920
Rising 20180920
SentinelOne (Static ML) 20180830
Sophos AV 20180920
SUPERAntiSpyware 20180907
Symantec 20180920
Symantec Mobile Insight 20180918
TACHYON 20180920
Tencent 20180920
TheHacker 20180918
TotalDefense 20180920
TrendMicro 20180920
TrendMicro-HouseCall 20180920
Trustlook 20180920
VBA32 20180919
VIPRE 20180920
ViRobot 20180920
Webroot 20180920
Yandex 20180919
Zillya 20180919
ZoneAlarm by Check Point 20180920
Zoner 20180919
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
C. Sánchez - 2013 www.truskylandia.com

Product Cultura general
Original name CulturaGeneral.exe
Internal name CulturaGeneral
File version 3.00
Description Cultura general
Comments Juego infantil didáctico C. Sánchez - 2013 www.truskylandia.com
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-08-08 20:08:07
Entry Point 0x000049B7
Number of sections 6
PE sections
Overlays
MD5 805b782d953c8e6677e67240e7c183f8
File type data
Offset 30208
Size 4473674
Entropy 7.96
PE imports
GetLastError
HeapFree
GetModuleFileNameW
GetVersionExW
SetEvent
HeapAlloc
GetCurrentProcess
OpenFileMappingW
OpenProcess
GetCommandLineW
MapViewOfFile
GetProcAddress
GetProcessHeap
CreateFileMappingW
GetFileSizeEx
SetEnvironmentVariableW
GetModuleHandleA
CloseHandle
DuplicateHandle
GetModuleHandleW
IsWow64Process
LoadLibraryW
UnmapViewOfFile
CreateFileW
VirtualFree
GetTickCount
VirtualAlloc
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 3
SPANISH MODERN 1
PE resources
ExifTool file metadata
PackagerVersion
16.0.475

CodeSize
20480

SubsystemVersion
5.0

Comments
Juego infantil did ctico C. S nchez - 2013 www.truskylandia.com

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.0.0.0

LanguageCode
Spanish (Modern)

FileFlagsMask
0x0000

FileDescription
Cultura general

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
20480

FileOS
Win32

EntryPoint
0x49b7

Packager
Turbo Studio 16

OriginalFileName
CulturaGeneral.exe

MIMEType
application/octet-stream

LegalCopyright
C. S nchez - 2013 www.truskylandia.com

FileVersion
3.0

TimeStamp
2018:08:08 21:08:07+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
CulturaGeneral

ProductVersion
3.0

UninitializedDataSize
0

OSVersion
5.0

VmVersion
11.8.723

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
C. S nchez - 2013 www.truskylandia.com

LegalTrademarks
C. S nchez - 2013 www.truskylandia.com

ProductName
Cultura general

ProductVersionNumber
3.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 4d41c3f7033e4052a1b0da4e23117139
SHA1 82f5b8f31ea83aa006760a7cf7f45acb8c29aef3
SHA256 365388aee7edff31750e2073f9d0c40c5665b57bedcf8c089d2ed57eb1c8d537
ssdeep
98304:RRCQmH0OyOGAqSYmZFZP+5aNKJvZjMUOstYzgkKjok:7CQmbB4kFhlK5Z8O5ok

authentihash 19d03fea076cc3265c6149365e3d4d78e4d470f2a9f778a1f5cb3f598939081c
imphash aaec64f2ad182e38096da2ef4bc28f41
Tamaño del fichero 4.3 MB ( 4503882 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe overlay

VirusTotal metadata
First submission 2018-08-27 20:50:50 UTC ( hace 4 meses, 3 semanas )
Last submission 2018-08-27 20:50:50 UTC ( hace 4 meses, 3 semanas )
Nombres CulturaGeneral.exe
CulturaGeneral
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Shell commands
Created mutexes
Opened mutexes
Opened service managers
Opened services
Hooking activity
Runtime DLLs
Additional details
The file uses the IsDebuggerPresent Windows API function in order to see whether it is being debugged.
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.
DNS requests
TCP connections