× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 365388aee7edff31750e2073f9d0c40c5665b57bedcf8c089d2ed57eb1c8d537
Nombre: CulturaGeneral.exe
Detecciones: 1 / 66
Fecha de análisis: 2018-08-27 20:50:50 UTC ( hace 2 meses, 2 semanas ) Ver el más reciente
Antivirus Resultado Actualización
Bkav W32.eHeur.Malware03 20180827
Ad-Aware 20180827
AegisLab 20180827
AhnLab-V3 20180827
Alibaba 20180713
ALYac 20180827
Antiy-AVL 20180827
Arcabit 20180827
Avast 20180827
Avast-Mobile 20180827
AVG 20180827
Avira (no cloud) 20180827
AVware 20180823
Babable 20180822
Baidu 20180827
BitDefender 20180827
CAT-QuickHeal 20180827
ClamAV 20180827
CMC 20180827
Comodo 20180827
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180827
Cyren 20180827
DrWeb 20180827
eGambit 20180827
Emsisoft 20180827
Endgame 20180730
ESET-NOD32 20180827
F-Prot 20180827
F-Secure 20180827
Fortinet 20180827
GData 20180827
Ikarus 20180827
Sophos ML 20180717
Jiangmin 20180827
K7AntiVirus 20180827
K7GW 20180827
Kaspersky 20180827
Kingsoft 20180827
Malwarebytes 20180827
MAX 20180827
McAfee 20180827
McAfee-GW-Edition 20180827
Microsoft 20180827
eScan 20180827
NANO-Antivirus 20180827
Palo Alto Networks (Known Signatures) 20180827
Panda 20180827
Qihoo-360 20180827
Rising 20180827
SentinelOne (Static ML) 20180701
Sophos AV 20180827
SUPERAntiSpyware 20180827
Symantec 20180827
Symantec Mobile Insight 20180822
TACHYON 20180827
Tencent 20180827
TheHacker 20180824
TrendMicro 20180827
TrendMicro-HouseCall 20180827
Trustlook 20180827
VBA32 20180827
VIPRE 20180827
ViRobot 20180827
Webroot 20180827
Yandex 20180827
ZoneAlarm by Check Point 20180827
Zoner 20180827
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
C. Sánchez - 2013 www.truskylandia.com

Product Cultura general
Original name CulturaGeneral.exe
Internal name CulturaGeneral
File version 3.00
Description Cultura general
Comments Juego infantil didáctico C. Sánchez - 2013 www.truskylandia.com
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-08-08 20:08:07
Entry Point 0x000049B7
Number of sections 6
PE sections
Overlays
MD5 805b782d953c8e6677e67240e7c183f8
File type data
Offset 30208
Size 4473674
Entropy 7.96
PE imports
GetLastError
HeapFree
GetModuleFileNameW
GetVersionExW
SetEvent
HeapAlloc
GetCurrentProcess
OpenFileMappingW
OpenProcess
GetCommandLineW
MapViewOfFile
GetProcAddress
GetProcessHeap
CreateFileMappingW
GetFileSizeEx
SetEnvironmentVariableW
GetModuleHandleA
CloseHandle
DuplicateHandle
GetModuleHandleW
IsWow64Process
LoadLibraryW
UnmapViewOfFile
CreateFileW
VirtualFree
GetTickCount
VirtualAlloc
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 3
SPANISH MODERN 1
PE resources
ExifTool file metadata
PackagerVersion
16.0.475

CodeSize
20480

SubsystemVersion
5.0

Comments
Juego infantil did ctico C. S nchez - 2013 www.truskylandia.com

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.0.0.0

LanguageCode
Spanish (Modern)

FileFlagsMask
0x0000

FileDescription
Cultura general

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
20480

FileOS
Win32

EntryPoint
0x49b7

Packager
Turbo Studio 16

OriginalFileName
CulturaGeneral.exe

MIMEType
application/octet-stream

LegalCopyright
C. S nchez - 2013 www.truskylandia.com

FileVersion
3.0

TimeStamp
2018:08:08 21:08:07+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
CulturaGeneral

ProductVersion
3.0

UninitializedDataSize
0

OSVersion
5.0

VmVersion
11.8.723

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
C. S nchez - 2013 www.truskylandia.com

LegalTrademarks
C. S nchez - 2013 www.truskylandia.com

ProductName
Cultura general

ProductVersionNumber
3.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 4d41c3f7033e4052a1b0da4e23117139
SHA1 82f5b8f31ea83aa006760a7cf7f45acb8c29aef3
SHA256 365388aee7edff31750e2073f9d0c40c5665b57bedcf8c089d2ed57eb1c8d537
ssdeep
98304:RRCQmH0OyOGAqSYmZFZP+5aNKJvZjMUOstYzgkKjok:7CQmbB4kFhlK5Z8O5ok

authentihash 19d03fea076cc3265c6149365e3d4d78e4d470f2a9f778a1f5cb3f598939081c
imphash aaec64f2ad182e38096da2ef4bc28f41
Tamaño del fichero 4.3 MB ( 4503882 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe overlay

VirusTotal metadata
First submission 2018-08-27 20:50:50 UTC ( hace 2 meses, 2 semanas )
Last submission 2018-08-27 20:50:50 UTC ( hace 2 meses, 2 semanas )
Nombres CulturaGeneral.exe
CulturaGeneral
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Shell commands
Created mutexes
Opened mutexes
Opened service managers
Opened services
Hooking activity
Runtime DLLs
Additional details
The file uses the IsDebuggerPresent Windows API function in order to see whether it is being debugged.
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.
DNS requests
TCP connections