× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 2596fbb8534a45416fc307c0cda7b93cdbe01f671da7c4d7da8519d0ba688a9e
Nom du fichier : PS3 Flash Tool.exe
Ratio de détection : 0 / 56
Date d'analyse : 2015-09-03 13:24:07 UTC (il y a 1 an, 11 mois)
Antivirus Résultat Mise à jour
Ad-Aware 20150903
AegisLab 20150903
Yandex 20150901
AhnLab-V3 20150903
Alibaba 20150902
ALYac 20150903
Antiy-AVL 20150903
Arcabit 20150903
Avast 20150903
AVG 20150903
Avira (no cloud) 20150903
AVware 20150901
Baidu-International 20150903
BitDefender 20150903
Bkav 20150903
ByteHero 20150903
CAT-QuickHeal 20150903
ClamAV 20150903
CMC 20150902
Comodo 20150903
Cyren 20150903
DrWeb 20150903
Emsisoft 20150903
ESET-NOD32 20150903
F-Prot 20150903
F-Secure 20150903
Fortinet 20150903
GData 20150903
Ikarus 20150903
Jiangmin 20150902
K7AntiVirus 20150903
K7GW 20150903
Kaspersky 20150903
Kingsoft 20150903
Malwarebytes 20150903
McAfee 20150903
McAfee-GW-Edition 20150903
Microsoft 20150903
eScan 20150903
NANO-Antivirus 20150903
nProtect 20150903
Panda 20150903
Qihoo-360 20150903
Rising 20150902
Sophos AV 20150903
SUPERAntiSpyware 20150903
Symantec 20150902
Tencent 20150903
TheHacker 20150903
TrendMicro 20150903
TrendMicro-HouseCall 20150903
VBA32 20150903
VIPRE 20150903
ViRobot 20150903
Zillya 20150903
Zoner 20150903
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1970-01-03 06:36:48
Entry Point 0x00E39050
Number of sections 3
PE sections
PE imports
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
_ZN4QDirD1Ev
_ZN5QIconC1Ev
_ZN7QDialogD2Ev
CommandLineToArgvW
_Unwind_Resume
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
1970:01:03 07:36:48+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
11866112

LinkerVersion
2.24

FileTypeExtension
exe

InitializedDataSize
12288

SubsystemVersion
4.0

EntryPoint
0xe39050

OSVersion
4.0

ImageVersion
1.0

UninitializedDataSize
3047424

Compressed bundles
File identification
MD5 bce504badde4f733fa353a9b82e6b046
SHA1 f820ee9e037bace75453405e0e4a0d93046c9580
SHA256 2596fbb8534a45416fc307c0cda7b93cdbe01f671da7c4d7da8519d0ba688a9e
ssdeep
196608:dr6VqveL38GhjGVjxQl1weGyFSyLYbdxYPf1rdf8oGTV7oZnTRnJG+ugUI0htREw:dr9veL38cjQ6lCoFSVbCFGUntnU+yXxd

authentihash ac6838405bedc9b6d38c95d73bf4f385462c793b8bd32377dd051510f926a330
imphash 0f038366e6ac48d6625140e0d63da56a
File size 11.3 MB ( 11874304 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 EXE Yoda's Crypter (63.7%)
Win32 Dynamic Link Library (generic) (15.7%)
Win32 Executable (generic) (10.8%)
Generic Win/DOS Executable (4.8%)
DOS Executable Generic (4.7%)
Tags
peexe upx

VirusTotal metadata
First submission 2015-09-03 13:24:07 UTC (il y a 1 an, 11 mois)
Last submission 2015-09-03 13:24:07 UTC (il y a 1 an, 11 mois)
Noms du fichier PS3 Flash Tool.exe
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !