× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 29cbb5553c804ec75d8fd642c80ef2e7b9f93544231c8cfe4b84a4d56fa70cd4
Nom du fichier : GW2TacO.exe
Ratio de détection : 0 / 67
Date d'analyse : 2018-11-01 12:43:37 UTC (il y a 1 mois, 1 semaine) Voir les derniers
Antivirus Résultat Mise à jour
Ad-Aware 20181101
AegisLab 20181101
AhnLab-V3 20181101
Alibaba 20180921
ALYac 20181101
Antiy-AVL 20181101
Arcabit 20181101
Avast 20181101
Avast-Mobile 20181101
AVG 20181101
Avira (no cloud) 20181101
Babable 20180918
Baidu 20181101
BitDefender 20181101
Bkav 20181101
CAT-QuickHeal 20181031
ClamAV 20181101
CMC 20181101
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181101
Cyren 20181101
DrWeb 20181101
eGambit 20181101
Emsisoft 20181101
Endgame 20180730
ESET-NOD32 20181101
F-Prot 20181101
F-Secure 20181101
Fortinet 20181101
GData 20181101
Ikarus 20181101
Sophos ML 20180717
Jiangmin 20181101
K7AntiVirus 20181101
K7GW 20181101
Kaspersky 20181101
Kingsoft 20181101
Malwarebytes 20181101
MAX 20181101
McAfee 20181101
McAfee-GW-Edition 20181101
Microsoft 20181101
eScan 20181101
NANO-Antivirus 20181101
Palo Alto Networks (Known Signatures) 20181101
Panda 20181101
Qihoo-360 20181101
Rising 20181101
SentinelOne (Static ML) 20181011
Sophos AV 20181101
SUPERAntiSpyware 20181031
Symantec 20181031
Symantec Mobile Insight 20181030
TACHYON 20181101
Tencent 20181101
TheHacker 20181031
TrendMicro 20181101
TrendMicro-HouseCall 20181101
Trustlook 20181101
VBA32 20181101
VIPRE 20181101
ViRobot 20181101
Webroot 20181101
Yandex 20181101
Zillya 20181101
ZoneAlarm by Check Point 20181101
Zoner 20181101
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-02-18 20:31:40
Entry Point 0x000B1364
Number of sections 5
PE sections
PE imports
RegSetKeyValueA
GetSidSubAuthorityCount
RegOpenKeyA
RegCloseKey
OpenProcessToken
GetSidSubAuthority
RegCreateKeyExA
GetTokenInformation
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
GetDeviceCaps
DeleteDC
SetBkMode
GetStockObject
GetDIBits
SelectObject
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
GetStdHandle
GetDriveTypeW
InterlockedPopEntrySList
WaitForSingleObject
SignalObjectAndWait
CreateTimerQueue
GetProcessId
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
LocalAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsW
InitializeSListHead
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
WriteFile
GetTimeZoneInformation
GetSystemTimeAsFileTime
SetThreadAffinityMask
GetThreadTimes
HeapReAlloc
GetStringTypeW
QueryDepthSList
GetFullPathNameA
FreeLibrary
LocalFree
GetThreadPriority
InterlockedPushEntrySList
InitializeCriticalSection
OutputDebugStringW
FindClose
TlsGetValue
FormatMessageA
EncodePointer
OutputDebugStringA
FreeLibraryAndExitThread
SetLastError
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
RaiseException
SetThreadPriority
EnumSystemLocalesW
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
DeleteTimerQueueTimer
RegisterWaitForSingleObject
CreateThread
RtlCaptureStackBackTrace
InterlockedFlushSList
GetExitCodeThread
CreateSemaphoreW
MulDiv
IsProcessorFeaturePresent
ExitThread
DecodePointer
SetEnvironmentVariableA
TerminateProcess
SetUnhandledExceptionFilter
GetModuleHandleExW
GlobalAlloc
ChangeTimerQueueTimer
SetEndOfFile
GetCurrentThreadId
SetCurrentDirectoryA
WriteConsoleW
CreateToolhelp32Snapshot
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
OpenProcess
LoadLibraryW
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
Process32Next
GetFileSize
Process32First
CreateDirectoryA
GetStartupInfoW
GetCPInfo
DeleteFileW
GetProcAddress
GetProcessHeap
CreateFileMappingW
CompareStringW
FindFirstFileA
CreateTimerQueueTimer
FindNextFileA
IsValidLocale
DuplicateHandle
GetUserDefaultLCID
ReadConsoleW
GetProcessAffinityMask
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
IsValidCodePage
LCMapStringW
lstrlenA
GlobalFree
GetConsoleCP
UnregisterWaitEx
GetEnvironmentStringsW
GlobalUnlock
WaitForSingleObjectEx
SwitchToThread
UnregisterWait
GetCurrentProcessId
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
GetTickCount64
QueryPerformanceFrequency
ReleaseSemaphore
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GlobalLock
GetModuleHandleW
GetLogicalProcessorInformation
GetNumaHighestNodeNumber
GetCurrentDirectoryW
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
OleLoadPicture
ShellExecuteA
SetFocus
GetMessageA
MapVirtualKeyA
GetForegroundWindow
EmptyClipboard
SetLayeredWindowAttributes
FindWindowA
DefWindowProcA
ShowWindow
ChangeWindowMessageFilterEx
SetWindowPos
GetWindowThreadProcessId
GetSystemMetrics
SetWindowLongA
SetCapture
DispatchMessageA
ScreenToClient
UnhookWindowsHookEx
SetWindowPlacement
PostMessageA
ReleaseCapture
MessageBoxA
PeekMessageA
GetClipboardData
TranslateMessage
GetWindow
GetDC
GetKeyState
GetCursorPos
ReleaseDC
SystemParametersInfoA
SetWindowTextA
SetClipboardData
GetWindowPlacement
SendMessageA
CloseClipboard
GetClientRect
SetCursor
ClientToScreen
CallNextHookEx
GetWindowLongA
CreateWindowExA
LoadCursorA
LoadIconA
SetWindowsHookExA
FillRect
RegisterClassA
AdjustWindowRect
SetForegroundWindow
DestroyWindow
PostThreadMessageA
OpenClipboard
WinHttpConnect
WinHttpReadData
WinHttpCloseHandle
WinHttpQueryDataAvailable
WinHttpReceiveResponse
WinHttpOpen
WinHttpOpenRequest
WinHttpSendRequest
timeGetTime
listen
getsockopt
WSACleanup
socket
inet_addr
send
ioctlsocket
WSAStartup
gethostbyname
select
ntohs
accept
shutdown
bind
closesocket
inet_ntoa
htons
recv
WSAGetLastError
connect
D3D11CreateDeviceAndSwapChain
SymGetLineFromAddr
StackWalk
SymSetOptions
SymInitialize
SymFunctionTableAccess
SymGetModuleBase
DwmExtendFrameIntoClientArea
CoCreateGuid
CoUninitialize
CreateStreamOnHGlobal
URLOpenBlockingStreamA
PE exports
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 3
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:02:18 20:31:40+00:00

FileType
Win32 EXE

PEType
PE32

CodeSize
1531392

LinkerVersion
12.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0xb1364

InitializedDataSize
473088

SubsystemVersion
6.0

ImageVersion
0.0

OSVersion
6.0

UninitializedDataSize
0

File identification
MD5 8f73246ba67f266873ef31c3b3357832
SHA1 e5b040356d3bcb479c47330389fd797b44d92d42
SHA256 29cbb5553c804ec75d8fd642c80ef2e7b9f93544231c8cfe4b84a4d56fa70cd4
ssdeep
24576:ylq9XtZwxhr7WZKUCDUvocXpPUNV3eD3UZJsE4HT9s6j7WMei7htHbiTh6tWzQdD:nwneF4ikXsHt8nz6bpdSM

authentihash dcf0ad58f83489b645b03f5b0a95051c221ca4c14d72fb8fdee0c9f04533fa02
imphash 1acf2613c262274c9ef739854644ca9f
File size 1.9 MB ( 1971712 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.7%)
Win32 Executable (generic) (10.0%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-02-18 21:28:26 UTC (il y a 9 mois, 3 semaines)
Last submission 2018-11-01 12:43:37 UTC (il y a 1 mois, 1 semaine)
Noms du fichier GW2TacO.exe
GW2TacO.exe
GW2TacO.exe
GW2TacO.exe
GW2TacO.exe
GW2TacO.exe
GW2TacO.exe
GW2TacO.exe
GW2TacO.exe
GW2TacO.exe
GW2TacO.exe
GW2TacO.exe
GW2TacO.exe
flareFile
GW2TacO.exe
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !