× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: ddb4adf5dff5656673bf90e37ff397cb0736c68225ae8f4d17ee17f83c723994
Nombre: MobaLiveCD_v2.1.exe
Detecciones: 0 / 51
Fecha de análisis: 2014-04-20 05:36:37 UTC ( hace 3 días, 17 horas )
Probablemente inofensivo Todo indica que este archivo es seguro.
Antivirus Resultado Actualización
AVG 20140419
Ad-Aware 20140420
AegisLab 20140420
Agnitum 20140419
AhnLab-V3 20140419
AntiVir 20140419
Antiy-AVL 20140420
Avast 20140420
Baidu-International 20140419
BitDefender 20140420
Bkav 20140418
ByteHero 20140420
CAT-QuickHeal 20140418
CMC 20140417
ClamAV 20140420
Commtouch 20140420
Comodo 20140420
DrWeb 20140420
ESET-NOD32 20140419
Emsisoft 20140420
F-Prot 20140420
F-Secure 20140420
Fortinet 20140419
GData 20140420
Ikarus 20140420
Jiangmin 20140420
K7AntiVirus 20140418
K7GW 20140418
Kaspersky 20140420
Kingsoft 20140420
Malwarebytes 20140420
McAfee 20140420
McAfee-GW-Edition 20140420
MicroWorld-eScan 20140420
Microsoft 20140420
NANO-Antivirus 20140420
Norman 20140420
Panda 20140419
Qihoo-360 20140420
Rising 20140419
SUPERAntiSpyware 20140419
Sophos 20140420
Symantec 20140420
TheHacker 20140419
TotalDefense 20140419
TrendMicro 20140420
TrendMicro-HouseCall 20140420
VBA32 20140418
VIPRE 20140420
ViRobot 20140419
nProtect 20140418
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
mobatek.net

Publisher Mobatek
Product MobaLiveCD
Original name MobaLiveCD
Internal name MobaLiveCD
File version 2.0
Description LiveCD emulation
Comments Free software (GPL license)
Packers identified
F-PROT UPX
PEiD UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Link date 11:22 PM 6/19/1992
Entry Point 0x00449C20
Number of sections 3
PE sections
PE imports
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
ImageList_Add
GetSaveFileNameA
SaveDC
WNetGetConnectionA
GradientFill
CoInitialize
VariantCopy
SHGetMalloc
VerQueryValueA
Number of PE resources by type
EXEFILE 47
RT_STRING 29
RT_BITMAP 22
RT_RCDATA 10
RT_GROUP_CURSOR 9
RT_CURSOR 9
RT_ICON 5
RT_DIALOG 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 66
FRENCH 53
ENGLISH NEUTRAL 7
GERMAN 4
RUSSIAN 3
ENGLISH US 1
ExifTool file metadata
CodeSize
1556480

SubsystemVersion
4.0

Comments
Free software (GPL license)

LinkerVersion
2.25

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
LiveCD emulation

CharacterSet
Windows, Latin1

InitializedDataSize
45056

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
mobatek.net

FileVersion
2.0

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MobaLiveCD

FileAccessDate
2014:04:20 06:36:53+01:00

ProductVersion
2.0

UninitializedDataSize
2936832

OSVersion
4.0

FileCreateDate
2014:04:20 06:36:53+01:00

OriginalFilename
MobaLiveCD

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Mobatek

LegalTrademarks
mobatek.net

ProductName
MobaLiveCD

ProductVersionNumber
2.0.0.0

EntryPoint
0x449c20

ObjectFileType
Executable application

File identification
MD5 2b6637697de9274eed353fc9244ca575
SHA1 e7a6ca60d13019f7d87f42f4618d8b232e92d0cd
SHA256 ddb4adf5dff5656673bf90e37ff397cb0736c68225ae8f4d17ee17f83c723994
ssdeep
24576:fCEyfdSNMdV+54yudlHW5OKJzipqkZF+9V5F37R/moxUEYcccDDPicbDBO:6Eyfdl8tudE5O43NumqiPicbDBO

imphash 4310e014f0c49587cf0faeb0c2385fb7
Tamaño del fichero 1.5 MB ( 1601024 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (41.1%)
Win32 EXE Yoda's Crypter (35.7%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Win16/32 Executable Delphi generic (2.7%)
Tags
via-tor peexe mz upx software-collection

VirusTotal metadata
First submission 2009-09-02 15:05:38 UTC ( hace 4 años, 7 meses )
Last submission 2014-04-20 05:36:37 UTC ( hace 3 días, 17 horas )
Nombres e7a6ca60d13019f7d87f42f4618d8b232e92d0cd
file
smona127449435193756735081
781619-MobaLiveCD_v2.1.exe
MobaLiveCD_v2.1.exe
MobaLiveCD_v2.1 (testUSB).exe
smona131572549030742240628
smona_ddb4adf5dff5656673bf90e37ff397cb0736c68225ae8f4d17ee17f83c723994.bin
MobaLiveCD
MobaLiveCD_v2.1.exe
MobaLiveCD_v2.1[1].exe
smona131263307520389678815
C385BD430010AEC06E6B18CF65EF6600D099C8DA.exe
MobaLiveCD_v2.1-virustotal-symant
MobaLiveCD_v2.1.exe
8851015
MobaLiveCD_v2.1.exe
MobaLiveCD v2.1.exe
MobaLiveCD-v21.exe
MobaLiveCD_2.1.exe
MobaLiveCD_v2.1.exe
smona131573239568258040842
output.8851015.txt
file-3112619_exe
MobaLiveCD_v2.1-virustotal-ok-jot
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/index.php?s=pua&lang=en .

No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!