× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 4436c083fd6e90da5732ba180559dacbe36c2ad127f94d8d1e0f787082d6713f
Nombre: soft.exe
Detecciones: 13 / 47
Fecha de análisis: 2013-06-12 17:26:22 UTC ( hace 5 años, 11 meses ) Ver el más reciente
Antivirus Resultado Actualización
AhnLab-V3 Trojan/Win32.Zbot 20130612
AVG BackDoor.Generic17.RCD 20130612
BitDefender Trojan.GenericKD.1042881 20130612
Emsisoft Trojan.GenericKD.1042881 (B) 20130612
ESET-NOD32 a variant of Win32/Injector.AHXW 20130612
F-Secure Trojan.GenericKD.1042881 20130612
Fortinet W32/Injector.AHS!tr 20130612
GData Trojan.GenericKD.1042881 20130612
Jiangmin Trojan/Generic.ahyou 20130612
Kaspersky Trojan-Spy.Win32.Zbot.mdgw 20130612
Malwarebytes Trojan.Agent 20130612
eScan Trojan.GenericKD.1042881 20130612
nProtect Trojan.GenericKD.1042881 20130612
Yandex 20130612
AntiVir 20130612
Antiy-AVL 20130612
Avast 20130612
ByteHero 20130612
CAT-QuickHeal 20130612
ClamAV 20130612
Commtouch 20130612
Comodo 20130612
DrWeb 20130612
eSafe 20130610
F-Prot 20130612
Ikarus 20130612
K7AntiVirus 20130612
K7GW 20130612
Kingsoft 20130506
McAfee 20130612
McAfee-GW-Edition 20130612
Microsoft 20130612
NANO-Antivirus 20130612
Norman 20130612
Panda 20130612
PCTools 20130521
Rising 20130607
Sophos AV 20130612
SUPERAntiSpyware 20130612
Symantec 20130612
TheHacker 20130611
TotalDefense 20130612
TrendMicro 20130612
TrendMicro-HouseCall 20130612
VBA32 20130612
VIPRE 20130612
ViRobot 20130612
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2012. PremiumSoft CyberTech Ltd.

Publisher PremiumSoft CyberTech Ltd.
Product Navicat for MySQL
Original name navicat.exe
Internal name navicat.exe
File version 10.0.11.0
Description Navicat for MySQL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-06-08 11:06:37
Entry Point 0x000019A0
Number of sections 5
PE sections
Overlays
MD5 a645fb307e457d8c2ad923b5d8116866
File type data
Offset 344576
Size 1024
Entropy 7.82
PE imports
GetCurrentProcess
TerminateProcess
GetModuleFileNameW
CreateFileW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
LoadAcceleratorsA
GetMessageA
CreateWindowExA
LoadCursorA
LoadIconA
LoadStringA
DispatchMessageA
EndPaint
EndDialog
BeginPaint
TranslateMessage
DefWindowProcA
TranslateAcceleratorA
PostQuitMessage
DialogBoxParamA
ShowWindow
DestroyWindow
UpdateWindow
RegisterClassExA
Number of PE resources by type
RT_DIALOG 3
RT_ICON 1
RT_VXD 1
RT_MANIFEST 1
RT_STRING 1
RT_MENU 1
RT_ACCELERATOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
CHINESE SIMPLIFIED 4
NEUTRAL 3
BASQUE DEFAULT 2
CHINESE SINGAPORE 1
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
327168

ImageVersion
0.0

ProductName
Navicat for MySQL

FileVersionNumber
10.0.11.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Navicat for MySQL

CharacterSet
Windows, Latin1

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
navicat.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
10.0.11.0

TimeStamp
2013:06:08 12:06:37+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
navicat.exe

ProductVersion
10.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright (c) 2012. PremiumSoft CyberTech Ltd.

MachineType
Intel 386 or later, and compatibles

CompanyName
PremiumSoft CyberTech Ltd.

CodeSize
16384

FileSubtype
0

ProductVersionNumber
10.0.11.0

EntryPoint
0x19a0

ObjectFileType
Executable application

Overlay parents
Compressed bundles
File identification
MD5 2a703478963c4092c7ac064989aaf532
SHA1 a5c5d92331c864ccc46397c9d8938242e66b6ec9
SHA256 4436c083fd6e90da5732ba180559dacbe36c2ad127f94d8d1e0f787082d6713f
ssdeep
6144:n0XidsrkXkauRnXgWZEyiXYxtymT7jMjMP/Irmom:nYimKkauRnXVXOmTU1m7

authentihash c164e2b310b65d95ce8dcee1c5f1b356e84d7dfad5ceac7334648ba2cc9d01c1
imphash bf901c8bd66a7fe297d5e5f167df18ec
Tamaño del fichero 337.5 KB ( 345600 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe overlay

VirusTotal metadata
First submission 2013-06-12 17:26:22 UTC ( hace 5 años, 11 meses )
Last submission 2013-06-13 16:17:09 UTC ( hace 5 años, 11 meses )
Nombres navicat.exe
soft.exe
2A703478963C4092C7AC064989AAF532.vir
file-5582951_ViR
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files