× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 3f39c72c6f05f180e19d94e1ca9d5dafb1e33a81d7486d52bcbaf0ec17c6b0f3
Nombre: Setup-WhiteNoise203.exe
Detecciones: 0 / 55
Fecha de análisis: 2016-08-18 14:13:58 UTC ( hace 2 años, 5 meses ) Ver el más reciente
Antivirus Resultado Actualización
Ad-Aware 20160818
AegisLab 20160818
AhnLab-V3 20160818
Alibaba 20160818
ALYac 20160818
Antiy-AVL 20160818
Arcabit 20160818
Avast 20160818
AVG 20160818
Avira (no cloud) 20160818
AVware 20160818
Baidu 20160818
BitDefender 20160818
Bkav 20160818
CAT-QuickHeal 20160818
ClamAV 20160818
CMC 20160818
Comodo 20160818
Cyren 20160818
DrWeb 20160818
Emsisoft 20160818
ESET-NOD32 20160818
F-Prot 20160818
F-Secure 20160818
Fortinet 20160818
GData 20160818
Ikarus 20160818
Jiangmin 20160818
K7AntiVirus 20160818
K7GW 20160818
Kaspersky 20160818
Kingsoft 20160818
Malwarebytes 20160818
McAfee 20160818
McAfee-GW-Edition 20160818
Microsoft 20160818
eScan 20160818
NANO-Antivirus 20160818
nProtect 20160817
Panda 20160818
Qihoo-360 20160818
Rising 20160818
Sophos AV 20160818
SUPERAntiSpyware 20160818
Symantec 20160818
Tencent 20160818
TheHacker 20160817
TrendMicro 20160818
TrendMicro-HouseCall 20160818
VBA32 20160818
VIPRE 20160818
ViRobot 20160818
Yandex 20160817
Zillya 20160817
Zoner 20160818
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Product WhiteNoise
File version
Description WhiteNoise Setup
Comments This installation was built with Inno Setup.
Packers identified
F-PROT INNO, CAB, qp
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-04-06 14:39:04
Entry Point 0x000117DC
Number of sections 8
PE sections
Overlays
MD5 dae2babb945f0d542cac8f741234fee1
File type data
Offset 121344
Size 9434609
Entropy 8.00
PE imports
RegCloseKey
OpenProcessToken
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControls
GetLastError
GetStdHandle
GetUserDefaultLangID
GetSystemInfo
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetThreadLocale
VirtualProtect
GetFileAttributesW
RtlUnwind
lstrlenW
GetExitCodeProcess
CreateProcessW
GetStartupInfoA
SizeofResource
GetWindowsDirectoryW
LocalAlloc
LockResource
GetDiskFreeSpaceW
GetCommandLineW
SetErrorMode
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetCPInfo
DeleteFileW
GetProcAddress
InterlockedCompareExchange
GetLocaleInfoW
lstrcpynW
RaiseException
WideCharToMultiByte
RemoveDirectoryW
SetFilePointer
GetSystemDirectoryW
GetFullPathNameW
ReadFile
GetEnvironmentVariableW
InterlockedExchange
CreateDirectoryW
WriteFile
GetCurrentProcess
CloseHandle
FindFirstFileW
GetACP
GetModuleHandleW
SignalObjectAndWait
SetEvent
FormatMessageW
LoadLibraryW
CreateEventW
GetVersion
LoadResource
FindResourceW
CreateFileW
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
VirtualAlloc
GetFileSize
SetLastError
ResetEvent
SysReAllocStringLen
SysFreeString
SysAllocStringLen
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
LoadStringW
MessageBoxA
CreateWindowExW
MsgWaitForMultipleObjects
TranslateMessage
CharUpperBuffW
CallWindowProcW
CharNextW
GetKeyboardType
ExitWindowsEx
DispatchMessageW
DestroyWindow
Number of PE resources by type
RT_STRING 6
RT_ICON 4
RT_RCDATA 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 9
ENGLISH US 4
DUTCH 4
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
53760

EntryPoint
0x117dc

MIMEType
application/octet-stream

TimeStamp
2016:04:06 15:39:04+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

FileDescription
WhiteNoise Setup

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
ProtegeTuDescanso

CodeSize
66560

ProductName
WhiteNoise

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 f7c5098f3cfcf89f143d8cda59d0f31f
SHA1 f75e7a9e3d404fb4cfd7a2d5946595fe248865d2
SHA256 3f39c72c6f05f180e19d94e1ca9d5dafb1e33a81d7486d52bcbaf0ec17c6b0f3
ssdeep
196608:jEjqy6TdtKedzdrlkyb9q2SMXgdlrN5v2UDGW3AjFGY91Rn6aqLxj:IhSgUdxhUrGwjv2OxCFGY9iaq9j

authentihash cbb93c7da9b6562c15217f09d36fa8602f81331b14bc46351d89e7e60a770dc6
imphash 20dd26497880c05caed9305b3c8b9109
Tamaño del fichero 9.1 MB ( 9555953 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Delphi generic (45.2%)
Win32 Dynamic Link Library (generic) (20.9%)
Win32 Executable (generic) (14.3%)
Win16/32 Executable Delphi generic (6.6%)
Generic Win/DOS Executable (6.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-08-18 14:13:58 UTC ( hace 2 años, 5 meses )
Last submission 2017-05-16 03:27:39 UTC ( hace 1 año, 8 meses )
Nombres Setup-WhiteNoise203.exe
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Created mutexes
Runtime DLLs