× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 67537951bba5cf126fcc8ff1e1c58a3a9ff52ba02de697e8a9df942c9d6e4814
Nombre: Flappy Bird V2 by Esteban2305.exe
Detecciones: 1 / 66
Fecha de análisis: 2018-02-16 05:48:05 UTC ( hace 1 año, 1 mes )
Antivirus Resultado Actualización
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9644 20180208
Ad-Aware 20180216
AegisLab 20180216
AhnLab-V3 20180215
Alibaba 20180209
ALYac 20180216
Antiy-AVL 20180216
Arcabit 20180216
Avast 20180216
Avast-Mobile 20180215
AVG 20180216
Avira (no cloud) 20180215
AVware 20180216
BitDefender 20180216
Bkav 20180212
CAT-QuickHeal 20180215
ClamAV 20180216
CMC 20180216
Comodo 20180216
CrowdStrike Falcon (ML) 20170201
Cybereason None
Cylance 20180216
Cyren 20180216
DrWeb 20180216
eGambit 20180216
Emsisoft 20180216
Endgame 20180214
ESET-NOD32 20180216
F-Prot 20180216
F-Secure 20180216
Fortinet 20180216
GData 20180216
Ikarus 20180215
Sophos ML 20180121
Jiangmin 20180216
K7AntiVirus 20180215
K7GW 20180216
Kaspersky 20180216
Kingsoft 20180216
Malwarebytes 20180216
MAX 20180216
McAfee 20180216
McAfee-GW-Edition 20180216
Microsoft 20180216
eScan 20180216
NANO-Antivirus 20180216
nProtect 20180216
Palo Alto Networks (Known Signatures) 20180216
Panda 20180215
Qihoo-360 20180216
Rising 20180216
SentinelOne (Static ML) 20180115
Sophos AV 20180216
SUPERAntiSpyware 20180216
Symantec 20180216
Symantec Mobile Insight 20180215
Tencent 20180216
TheHacker 20180213
TrendMicro 20180216
TrendMicro-HouseCall 20180216
Trustlook 20180216
VBA32 20180215
VIPRE 20180216
ViRobot 20180216
Webroot 20180216
WhiteArmor 20180205
Yandex 20180214
Zillya 20180215
ZoneAlarm by Check Point 20180216
Zoner 20180216
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
www.estebanforgione.tk

Original name Flappy Bird by Esteban2305.exe
Internal name ams_launch
File version 2.0.0.0
Comments Created with AutoPlay Media Studio (www.indigorose.com)
Packers identified
F-PROT UPX, ZIP
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-03-14 17:28:55
Entry Point 0x0002CBBC
Number of sections 4
PE sections
Overlays
MD5 432d0493fc7aa9020cb3c87300e1ba3e
File type data
Offset 604160
Size 4881795
Entropy 8.00
PE imports
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegQueryValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyA
GetFileTitleA
SetMapMode
SaveDC
TextOutA
GetClipBox
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetTextColor
GetObjectA
CreateBitmap
RectVisible
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
ExtTextOutA
PtVisible
ScaleViewportExtEx
SelectObject
SetWindowExtEx
SetViewportExtEx
Escape
SetBkColor
DeleteObject
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
GetFileAttributesA
GetDriveTypeA
lstrcmpW
GetExitCodeProcess
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
GetTempPathA
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
EnumResourceLanguagesA
HeapReAlloc
GetStringTypeW
SetFileAttributesA
FreeLibrary
LocalFree
MoveFileA
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
SetLastError
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
GetVolumeInformationA
LoadLibraryExA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
SetFilePointer
GlobalAddAtomA
SetUnhandledExceptionFilter
ConvertDefaultLocale
MulDiv
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
SetCurrentDirectoryA
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
UnlockFile
GetFileSize
GlobalDeleteAtom
CreateDirectoryA
DeleteFileA
GetFullPathNameA
GetProcAddress
GetProcessHeap
CompareStringW
GetFileSizeEx
GlobalReAlloc
lstrcmpA
FindFirstFileA
GetDiskFreeSpaceA
CompareStringA
CreateFileMappingA
FindNextFileA
DuplicateHandle
GlobalLock
GetTimeZoneInformation
GlobalFindAtomA
GetFileType
SetVolumeLabelA
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LocalReAlloc
SystemTimeToFileTime
LCMapStringW
UnmapViewOfFile
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GlobalGetAtomNameA
GetEnvironmentStringsW
GlobalUnlock
LockFile
RemoveDirectoryA
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
SetFileTime
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
GlobalFlags
CloseHandle
GetACP
GetModuleHandleW
FreeResource
SizeofResource
CreateProcessA
WideCharToMultiByte
IsValidCodePage
HeapCreate
lstrcpyA
VirtualFree
Sleep
FindResourceA
VirtualAlloc
VariantChangeType
VariantInit
VariantClear
SHFileOperationA
PathFindFileNameA
PathFindExtensionA
PathIsUNCA
PathStripToRootA
SetFocus
GetForegroundWindow
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
GetMessagePos
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
GrayStringA
GetMessageTime
SetActiveWindow
GetDC
GetCursorPos
DrawTextA
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
GetNextDlgTabItem
CallNextHookEx
GetTopWindow
MsgWaitForMultipleObjects
GetActiveWindow
GetWindowTextA
DestroyWindow
GetMessageA
GetParent
UpdateWindow
SetPropA
GetMenuState
GetClassInfoExA
ShowWindow
GetPropA
GetDesktopWindow
CharToOemBuffA
EnableWindow
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
GetWindowPlacement
OemToCharBuffA
IsIconic
RegisterClassA
TabbedTextOutA
GetWindowLongA
CreateWindowExA
CopyRect
GetSysColorBrush
PtInRect
IsDialogMessageA
MapWindowPoints
BeginPaint
RegisterWindowMessageA
DefWindowProcA
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
GetWindowRect
PostMessageA
DrawIcon
SetWindowLongA
RemovePropA
SetWindowTextA
CheckMenuItem
GetSubMenu
GetLastActivePopup
GetDlgItem
GetMenuCheckMarkDimensions
ClientToScreen
GetClassLongA
CreateDialogIndirectParamA
LoadCursorA
LoadIconA
SetWindowsHookExA
GetMenuItemCount
ValidateRect
GetMenuItemID
SetForegroundWindow
ReleaseDC
EndDialog
GetCapture
DrawTextExA
GetWindowThreadProcessId
SetMenu
MessageBoxA
AdjustWindowRectEx
GetSysColor
GetKeyState
SystemParametersInfoA
IsWindowVisible
WinHelpA
wsprintfA
CallWindowProcA
GetClassNameA
GetFocus
ModifyMenuA
UnhookWindowsHookEx
SetCursor
OpenPrinterA
DocumentPropertiesA
ClosePrinter
Number of PE resources by type
RT_CURSOR 16
RT_GROUP_CURSOR 15
RT_ICON 14
RT_STRING 13
RT_DIALOG 3
RT_BITMAP 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 66
PE resources
ExifTool file metadata
LegalTrademarks
By Esteban Forgione

UninitializedDataSize
0

Comments
Created with AutoPlay Media Studio (www.indigorose.com)

InitializedDataSize
343552

ImageVersion
0.0

FileVersionNumber
2.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
ASCII

LinkerVersion
9.0

EntryPoint
0x2cbbc

OriginalFileName
Flappy Bird by Esteban2305.exe

MIMEType
application/octet-stream

LegalCopyright
www.estebanforgione.tk

FileVersion
2.0.0.0

TimeStamp
2016:03:14 18:28:55+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
ams_launch

ProductVersion
2.0.0.0

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
259584

FileSubtype
0

ProductVersionNumber
2.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 02204b9d4d531917c829bcc42a6ac4d2
SHA1 55ecab71bf4d490fe45d0f6323fa1fadcabee076
SHA256 67537951bba5cf126fcc8ff1e1c58a3a9ff52ba02de697e8a9df942c9d6e4814
ssdeep
98304:EmY+G+u/pKn1oWNehc+UX+F0pPbQM2EhGaqfrOuO8KBYPFbxJ4iS+2Pj:EmY+jCpKn1vNehJUX+F06aqfWvYu9+27

authentihash 4cf25fd632a90ae9cfa9b06219f58a9c97b3513f8a1fea3330a4ded25883020e
imphash 230363beee3a16b40f8fefab5ba42a93
Tamaño del fichero 5.2 MB ( 5485955 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (46.6%)
Win64 Executable (generic) (29.9%)
Windows screen saver (14.1%)
Win32 Executable (generic) (4.8%)
Generic Win/DOS Executable (2.1%)
Tags
peexe upx overlay

VirusTotal metadata
First submission 2018-02-16 05:30:20 UTC ( hace 1 año, 1 mes )
Last submission 2018-02-16 05:48:05 UTC ( hace 1 año, 1 mes )
Nombres Flappy Bird by Esteban2305.exe
67537951bba5cf126fcc8ff1e1c58a3a9ff52ba02de697e8a9df942c9d6e4814.file
Flappy Bird V2 by Esteban2305.exe
ams_launch
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Created mutexes
Opened service managers
Opened services
Hooking activity
Runtime DLLs
Additional details
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.