| SHA256: | 712b06428260f8016a20aa03ce011c97414a6334c2095f9eebaf7559296711c6 |
| Nombre: | Abecedario.exe |
| Detecciones: | 1 / 56 |
| Fecha de análisis: | 2015-08-20 13:12:44 UTC ( hace 2 años, 1 mes ) |
| Antivirus | Resultado | Actualización |
|---|---|---|
| Antiy-AVL | Trojan[Backdoor]/Win32.DarkKomet | 20150820 |
| Ad-Aware | 20150820 | |
| AegisLab | 20150820 | |
| Yandex | 20150819 | |
| AhnLab-V3 | 20150820 | |
| Alibaba | 20150820 | |
| ALYac | 20150820 | |
| Arcabit | 20150820 | |
| Avast | 20150820 | |
| AVG | 20150820 | |
| Avira (no cloud) | 20150820 | |
| AVware | 20150820 | |
| Baidu-International | 20150820 | |
| BitDefender | 20150820 | |
| Bkav | 20150820 | |
| ByteHero | 20150820 | |
| CAT-QuickHeal | 20150819 | |
| ClamAV | 20150820 | |
| CMC | 20150819 | |
| Comodo | 20150820 | |
| Cyren | 20150820 | |
| DrWeb | 20150820 | |
| Emsisoft | 20150820 | |
| ESET-NOD32 | 20150820 | |
| F-Prot | 20150820 | |
| F-Secure | 20150820 | |
| Fortinet | 20150820 | |
| GData | 20150820 | |
| Ikarus | 20150820 | |
| Jiangmin | 20150819 | |
| K7AntiVirus | 20150820 | |
| K7GW | 20150820 | |
| Kaspersky | 20150820 | |
| Kingsoft | 20150820 | |
| Malwarebytes | 20150820 | |
| McAfee | 20150820 | |
| McAfee-GW-Edition | 20150820 | |
| Microsoft | 20150820 | |
| eScan | 20150820 | |
| NANO-Antivirus | 20150820 | |
| nProtect | 20150820 | |
| Panda | 20150820 | |
| Qihoo-360 | 20150820 | |
| Rising | 20150817 | |
| Sophos AV | 20150820 | |
| SUPERAntiSpyware | 20150820 | |
| Symantec | 20150819 | |
| Tencent | 20150820 | |
| TheHacker | 20150820 | |
| TrendMicro | 20150820 | |
| TrendMicro-HouseCall | 20150820 | |
| VBA32 | 20150820 | |
| VIPRE | 20150820 | |
| ViRobot | 20150820 | |
| Zillya | 20150820 | |
| Zoner | 20150820 |
The file being studied is a Portable Executable file!
More specifically, it is a Win32 EXE
file
for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
C. Sánchez - 2006 www.truskylandia.com
Publisher C. Sánchez - 2006 www.truskylandia.com
Product El abecedario
Original name Abecedario.exe
Internal name Abecedario
File version 1.00
Description Juego infantil didáctico
Comments Juego infantil didáctico. C. Sánchez - 2006 www.truskylandia.com
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-08-13 17:41:02
Entry Point 0x000049B7
Number of sections 6
PE sections
Overlays
MD5 018aff06d0a06139a1529b8cfaf53b44
File type data
Offset 25088
Size 9752091
Entropy 7.99
PE imports
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 3
SPANISH MODERN 1
PE resources
ExifTool file metadata
PackagerVersion
12.0.340
CodeSize
20480
SubsystemVersion
5.0
Comments
Juego infantil did ctico. C. S nchez - 2006 www.truskylandia.com
InitializedDataSize
16384
ImageVersion
0.0
ProductName
El abecedario
FileVersionNumber
1.0.0.0
UninitializedDataSize
0
LanguageCode
Spanish (Modern)
FileFlagsMask
0x0000
VmVersion
11.7.19
CharacterSet
Unicode
LinkerVersion
9.0
FileTypeExtension
exe
Packager
Spoon Studio 12
OriginalFileName
Abecedario.exe
MIMEType
application/octet-stream
Subsystem
Windows GUI
FileVersion
1.0
TimeStamp
2015:08:13 18:41:02+01:00
FileType
Win32 EXE
PEType
PE32
InternalName
Abecedario
ProductVersion
1.0
FileDescription
Juego infantil did ctico
OSVersion
5.0
FileOS
Win32
LegalCopyright
C. S nchez - 2006 www.truskylandia.com
MachineType
Intel 386 or later, and compatibles
CompanyName
C. S nchez - 2006 www.truskylandia.com
LegalTrademarks
C. S nchez - 2006 www.truskylandia.com
FileSubtype
0
ProductVersionNumber
1.0.0.0
EntryPoint
0x49b7
ObjectFileType
Executable application
File identification
MD5 632617e938555ecc4a7f00ea79462b58
SHA1 bf29353bffa65da23e9cb430a0be931664b15577
SHA256 712b06428260f8016a20aa03ce011c97414a6334c2095f9eebaf7559296711c6
ssdeep
196608:Jiw0sA0sp8J1QqE+ffeIS6YIGrCCAig4pkRbKFpnn8C:AsOdgf2IvgAitpkRq8C
Tamaño del fichero
9.3 MB ( 9777179 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit
| TrID |
Win32 Dynamic Link Library (generic) (38.3%) Win32 Executable (generic) (26.2%) Win16/32 Executable Delphi generic (12.0%) Generic Win/DOS Executable (11.6%) DOS Executable Generic (11.6%) |
Tags
peexe
overlay
VirusTotal metadata
First submission
2015-08-20 13:12:44 UTC ( hace 2 años, 1 mes )
Last submission
2015-08-20 13:12:44 UTC ( hace 2 años, 1 mes )
| Nombres |
Abecedario Abecedario.exe |
No hay comentarios.
Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!
No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.
No hay votos.
Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the
behaviour of the file when executed in a controlled environment. The actions
and events described were either performed by the file itself or by any other
process launched by the executed file or subjected to code injection by the
executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Shell commands
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Hooking activity
Runtime DLLs
Additional details
The file uses the
IsDebuggerPresent Windows API function in order to see whether it is being debugged.
The file installs an application-defined hook procedure into a hook chain. You
would install a hook procedure to monitor the system for certain types of
events. These events are associated either with a specific thread or with all
threads in the same desktop as the calling thread. This is done making use of
the
SetWindowsHook Windows API function.