× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 712b06428260f8016a20aa03ce011c97414a6334c2095f9eebaf7559296711c6
Nombre: Abecedario.exe
Detecciones: 1 / 56
Fecha de análisis: 2015-08-20 13:12:44 UTC ( hace 1 año, 8 meses )
Antivirus Resultado Actualización
Antiy-AVL Trojan[Backdoor]/Win32.DarkKomet 20150820
Ad-Aware 20150820
AegisLab 20150820
Yandex 20150819
AhnLab-V3 20150820
Alibaba 20150820
ALYac 20150820
Arcabit 20150820
Avast 20150820
AVG 20150820
Avira (no cloud) 20150820
AVware 20150820
Baidu-International 20150820
BitDefender 20150820
Bkav 20150820
ByteHero 20150820
CAT-QuickHeal 20150819
ClamAV 20150820
CMC 20150819
Comodo 20150820
Cyren 20150820
DrWeb 20150820
Emsisoft 20150820
ESET-NOD32 20150820
F-Prot 20150820
F-Secure 20150820
Fortinet 20150820
GData 20150820
Ikarus 20150820
Jiangmin 20150819
K7AntiVirus 20150820
K7GW 20150820
Kaspersky 20150820
Kingsoft 20150820
Malwarebytes 20150820
McAfee 20150820
McAfee-GW-Edition 20150820
Microsoft 20150820
eScan 20150820
NANO-Antivirus 20150820
nProtect 20150820
Panda 20150820
Qihoo-360 20150820
Rising 20150817
Sophos 20150820
SUPERAntiSpyware 20150820
Symantec 20150819
Tencent 20150820
TheHacker 20150820
TrendMicro 20150820
TrendMicro-HouseCall 20150820
VBA32 20150820
VIPRE 20150820
ViRobot 20150820
Zillya 20150820
Zoner 20150820
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
C. Sánchez - 2006 www.truskylandia.com

Publisher C. Sánchez - 2006 www.truskylandia.com
Product El abecedario
Original name Abecedario.exe
Internal name Abecedario
File version 1.00
Description Juego infantil didáctico
Comments Juego infantil didáctico. C. Sánchez - 2006 www.truskylandia.com
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-08-13 17:41:02
Entry Point 0x000049B7
Number of sections 6
PE sections
Overlays
MD5 018aff06d0a06139a1529b8cfaf53b44
File type data
Offset 25088
Size 9752091
Entropy 7.99
PE imports
GetLastError
HeapFree
GetModuleFileNameW
GetVersionExW
SetEvent
HeapAlloc
GetCurrentProcess
OpenFileMappingW
OpenProcess
GetCommandLineW
MapViewOfFile
GetProcAddress
GetProcessHeap
CreateFileMappingW
GetFileSizeEx
SetEnvironmentVariableW
GetModuleHandleA
CloseHandle
DuplicateHandle
IsWow64Process
LoadLibraryW
UnmapViewOfFile
CreateFileW
VirtualFree
GetTickCount
VirtualAlloc
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 3
SPANISH MODERN 1
PE resources
ExifTool file metadata
PackagerVersion
12.0.340

CodeSize
20480

SubsystemVersion
5.0

Comments
Juego infantil did ctico. C. S nchez - 2006 www.truskylandia.com

InitializedDataSize
16384

ImageVersion
0.0

ProductName
El abecedario

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Spanish (Modern)

FileFlagsMask
0x0000

VmVersion
11.7.19

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
exe

Packager
Spoon Studio 12

OriginalFileName
Abecedario.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0

TimeStamp
2015:08:13 18:41:02+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Abecedario

ProductVersion
1.0

FileDescription
Juego infantil did ctico

OSVersion
5.0

FileOS
Win32

LegalCopyright
C. S nchez - 2006 www.truskylandia.com

MachineType
Intel 386 or later, and compatibles

CompanyName
C. S nchez - 2006 www.truskylandia.com

LegalTrademarks
C. S nchez - 2006 www.truskylandia.com

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x49b7

ObjectFileType
Executable application

File identification
MD5 632617e938555ecc4a7f00ea79462b58
SHA1 bf29353bffa65da23e9cb430a0be931664b15577
SHA256 712b06428260f8016a20aa03ce011c97414a6334c2095f9eebaf7559296711c6
ssdeep
196608:Jiw0sA0sp8J1QqE+ffeIS6YIGrCCAig4pkRbKFpnn8C:AsOdgf2IvgAitpkRq8C

authentihash 2dd2ea3a08847499ff40119aa9bbda8b560e71b32840657b5d257d10caccbbfe
imphash 08da5ec80406581b76eae64d14e4f631
Tamaño del fichero 9.3 MB ( 9777179 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-08-20 13:12:44 UTC ( hace 1 año, 8 meses )
Last submission 2015-08-20 13:12:44 UTC ( hace 1 año, 8 meses )
Nombres Abecedario
Abecedario.exe
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Shell commands
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Hooking activity
Runtime DLLs
Additional details
The file uses the IsDebuggerPresent Windows API function in order to see whether it is being debugged.
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.
HTTP requests
DNS requests
TCP connections