× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: f845c4b674de79c8c528d15f6f0ab2ba4c471a58a214943b31ae7cf17ed4165b
Nombre: AP+NX406EV2.0.1.8 .exe
Detecciones: 9 / 56
Fecha de análisis: 2017-01-07 01:56:49 UTC ( hace 7 meses, 2 semanas )
Antivirus Resultado Actualización
Antiy-AVL Trojan/Win32.AGeneric 20170107
AVG Generic38.AGCZ 20170107
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9740 20170106
Sophos ML trojan.win32.dorv.a!rfn 20161216
Jiangmin PSWTool.NetPass.dp 20170106
K7AntiVirus Unwanted-Program ( 004f9a671 ) 20170106
K7GW Unwanted-Program ( 004f9a671 ) 20170107
Qihoo-360 QVM41.1.Malware.Gen 20170107
Rising Malware.Generic!WiFrbDTHthD@5 (thunder) 20170107
Ad-Aware 20170107
AegisLab 20170107
AhnLab-V3 20170106
Alibaba 20170107
ALYac 20170107
Arcabit 20170107
Avast 20170107
Avira (no cloud) 20170106
AVware 20170107
BitDefender 20170107
Bkav 20170106
CAT-QuickHeal 20170106
ClamAV 20170106
CMC 20170106
Comodo 20170106
CrowdStrike Falcon (ML) 20161024
Cyren 20170107
DrWeb 20170107
Emsisoft 20170107
ESET-NOD32 20170106
F-Prot 20170107
F-Secure 20170107
Fortinet 20170107
GData 20170107
Ikarus 20170106
Kaspersky 20170107
Kingsoft 20170107
Malwarebytes 20170107
McAfee 20170107
McAfee-GW-Edition 20170107
Microsoft 20170106
eScan 20170107
NANO-Antivirus 20170106
nProtect 20170107
Panda 20170106
Sophos AV 20170107
SUPERAntiSpyware 20170107
Symantec 20170107
Tencent 20170107
TheHacker 20170104
TrendMicro 20170107
TrendMicro-HouseCall 20170107
Trustlook 20170107
VBA32 20170106
VIPRE 20170107
ViRobot 20170106
WhiteArmor 20161221
Yandex 20170106
Zillya 20170104
Zoner 20170107
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Eduardo Armas | @ApostolWario http://nx406e.tk/

Product AP+NX406Ev2 by ApostolWario
Internal name AP+NX406Ev2 by ApostolWario
File version 2,0,1,8
Description Asistente de Particionado para el NX406E by @ApostolWario.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-12-29 09:28:39
Entry Point 0x00001000
Number of sections 5
PE sections
PE imports
InitCommonControlsEx
GetObjectA
DeleteDC
SelectObject
GetTextExtentPoint32A
GetStockObject
CreateBitmap
SetPixel
CreateSolidBrush
GetDIBits
GetObjectType
BitBlt
SetBkColor
CreateDIBSection
CreateCompatibleDC
DeleteObject
SetTextColor
GetNativeSystemInfo
GetEnvironmentVariableA
HeapFree
EnterCriticalSection
HeapCreate
FreeLibrary
HeapDestroy
HeapAlloc
TlsAlloc
GetVersionExA
LoadLibraryA
RemoveDirectoryA
GetShortPathNameA
DeleteCriticalSection
GetCurrentProcess
SizeofResource
GetCurrentDirectoryA
GetCurrentProcessId
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
MultiByteToWideChar
HeapSize
GetCommandLineA
GetProcAddress
SetFilePointer
GetTempPathA
WideCharToMultiByte
GetModuleHandleA
ReadFile
SetUnhandledExceptionFilter
WriteFile
CloseHandle
GetTempFileNameA
GetSystemDirectoryA
HeapReAlloc
SetEnvironmentVariableA
SetFileAttributesA
GetExitCodeProcess
TerminateProcess
GetModuleFileNameA
InitializeCriticalSection
LoadResource
SetCurrentDirectoryA
Sleep
CreateFileA
ExitProcess
GetCurrentThreadId
FindResourceA
GetFileSize
SetLastError
LeaveCriticalSection
strncmp
malloc
strstr
tolower
fabs
memmove
memset
fclose
memcpy
_stricmp
floor
strcpy
sprintf
_strnicmp
free
ceil
strlen
strcmp
strncpy
RevokeDragDrop
CoTaskMemFree
CoInitialize
ShellExecuteExA
PathRemoveArgsA
PathAddBackslashA
PathQuoteSpacesA
PathGetArgsA
PathUnquoteSpacesA
PathRenameExtensionA
SetFocus
RedrawWindow
GetForegroundWindow
GetParent
ReleaseDC
SetPropA
FillRect
EnumWindows
RegisterWindowMessageA
DefWindowProcA
ShowWindow
GetSystemMetrics
GetPropA
SetWindowPos
GetWindowThreadProcessId
CharLowerA
GetWindowRect
DispatchMessageA
EnableWindow
PostMessageA
EnumChildWindows
MessageBoxA
PeekMessageA
SetWindowLongA
AdjustWindowRectEx
TranslateMessage
IsWindowEnabled
GetWindow
GetSysColor
SetActiveWindow
GetDC
GetKeyState
DrawTextA
RemovePropA
DefFrameProcA
DestroyIcon
UnregisterClassA
IsWindowVisible
SendMessageA
GetClientRect
CreateWindowExA
RegisterClassA
SetRect
GetWindowLongA
GetWindowTextLengthA
CharUpperA
LoadCursorA
LoadIconA
GetMessageA
GetActiveWindow
DestroyAcceleratorTable
GetSysColorBrush
CallWindowProcA
GetClassNameA
GetFocus
MsgWaitForMultipleObjects
TranslateAcceleratorA
GetWindowTextA
CreateAcceleratorTableA
IsChild
DestroyWindow
timeBeginPeriod
Number of PE resources by type
RT_ICON 5
RT_RCDATA 5
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 13
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
2.5

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.0.1.8

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
21434368

EntryPoint
0x1000

MIMEType
application/octet-stream

LegalCopyright
Eduardo Armas | @ApostolWario http://nx406e.tk/

FileVersion
2,0,1,8

TimeStamp
2016:12:29 10:28:39+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
AP+NX406Ev2 by ApostolWario

ProductVersion
2.0.0.0

FileDescription
Asistente de Particionado para el NX406E by @ApostolWario.

OSVersion
4.0

FileOS
Windows 16-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Apostol Wario 2017

CodeSize
58368

ProductName
AP+NX406Ev2 by ApostolWario

ProductVersionNumber
2.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 466b151b1731fe7462e57c7e79ac7328
SHA1 cee79005dd90bd888c3b0e2ff87929b958dfd8b2
SHA256 f845c4b674de79c8c528d15f6f0ab2ba4c471a58a214943b31ae7cf17ed4165b
ssdeep
393216:h8dZ0Zy/pnYvJJo4VrkxEjIPQMxwpEnkiHsLHqNhq3T5Ml6qPQp49H:WjN2JyQkyOQLStFg3KPxt

authentihash b5474d89911045d5f26b451b51ada17ca275c4ab1016407c88ec1456edcd1d2f
imphash 484ccce96115e0df270eb260991439ca
Tamaño del fichero 20.5 MB ( 21493760 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (24.4%)
Win64 Executable (generic) (21.6%)
UPX compressed Win32 Executable (21.2%)
Win32 EXE Yoda's Crypter (20.8%)
Win32 Dynamic Link Library (generic) (5.1%)
Tags
peexe

VirusTotal metadata
First submission 2017-01-07 01:56:49 UTC ( hace 7 meses, 2 semanas )
Last submission 2017-01-07 01:56:49 UTC ( hace 7 meses, 2 semanas )
Nombres AP+NX406EV2.0.1.8 .exe
AP+NX406Ev2 by ApostolWario
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!