× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 2a8eaa50b4c7c8b75f317fce2a3bc344109923ab65d91de6a6d571e829cbb68a
Nom du fichier : dump
Ratio de détection : 16 / 56
Date d'analyse : 2015-01-02 15:37:33 UTC (il y a 4 ans, 2 mois) Voir les derniers
Antivirus Résultat Mise à jour
Ad-Aware Gen:Variant.Zusy.119978 20150102
ALYac Gen:Variant.Zusy.119978 20150102
Antiy-AVL Trojan[Dropper]/Win32.Goodkit 20150102
Avast Win32:Malware-gen 20150102
AVG Crypt3.BMAL 20150102
BitDefender Gen:Variant.Zusy.119978 20150102
DrWeb Trojan.Siggen.65341 20150102
Emsisoft Gen:Variant.Zusy.119978 (B) 20150102
ESET-NOD32 a variant of Win32/Kryptik.CTLS 20150102
F-Secure Gen:Variant.Zusy.119978 20150102
GData Gen:Variant.Zusy.119978 20150102
K7AntiVirus Unwanted-Program ( 004a8e8a1 ) 20150102
K7GW Trojan ( 044444441 ) 20150102
Kaspersky HEUR:Trojan.Win32.Generic 20150102
eScan Gen:Variant.Zusy.119978 20150102
NANO-Antivirus Trojan.Win32.Goodkit.dkpwbw 20150102
AegisLab 20150102
Yandex 20150101
AhnLab-V3 20150102
Avira (no cloud) 20150102
AVware 20150102
Baidu-International 20150102
Bkav 20141230
ByteHero 20150102
CAT-QuickHeal 20150102
ClamAV 20150102
CMC 20150102
Comodo 20150102
Cyren 20150102
F-Prot 20150102
Fortinet 20150102
Ikarus 20150102
Jiangmin 20150101
Kingsoft 20150102
Malwarebytes 20150102
McAfee 20150102
McAfee-GW-Edition 20150102
Microsoft 20150102
Norman 20150102
nProtect 20150102
Panda 20150102
Qihoo-360 20150102
Rising 20141231
Sophos AV 20150102
SUPERAntiSpyware 20150102
Symantec 20150102
Tencent 20150102
TheHacker 20141229
TotalDefense 20150102
TrendMicro 20150102
TrendMicro-HouseCall 20150102
VBA32 20141231
VIPRE 20150102
ViRobot 20150102
Zillya 20150101
Zoner 20141228
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2007 - 2014 Nir Sofer

Product HashMyFiles
Original name HashMyFiles.exe
Internal name HashMyFiles
File version 2.10
Description HashMyFiles
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-12-18 12:26:56
Entry Point 0x00006E91
Number of sections 5
PE sections
Overlays
MD5 a61695c91211743fd158f729c356c059
File type binary Computer Graphics Metafile
Offset 285184
Size 3632
Entropy 6.57
PE imports
LsaQueryInformationPolicy
LsaFreeMemory
RegCloseKey
RegQueryValueExA
RegOpenKeyExW
LsaNtStatusToWinError
RegQueryValueExW
ImageList_Create
EnumFontFamiliesA
GetStockObject
GetRegionData
ImmGetContext
ImmGetOpenStatus
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
ReadFile
SetHandleCount
FileTimeToSystemTime
GetModuleFileNameW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
GetFileSize
RtlUnwind
IsProcessorFeaturePresent
GetCommandLineA
HeapAlloc
GetCurrentProcess
FileTimeToLocalFileTime
GetConsoleMode
DecodePointer
LocalAlloc
WideCharToMultiByte
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
Sleep
GetProcAddress
DeleteCriticalSection
GetSystemInfo
EncodePointer
GetStartupInfoW
SetStdHandle
MapViewOfFile
GetModuleHandleA
RaiseException
InitializeCriticalSection
GetCPInfo
LoadLibraryW
TlsFree
SetFilePointer
UnmapViewOfFile
FindFirstFileA
HeapSetInformation
SetUnhandledExceptionFilter
WriteFile
CloseHandle
GetSystemTimeAsFileTime
CreateFileMappingA
FindNextFileA
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
GetFileAttributesA
LocalFree
TerminateProcess
IsValidCodePage
HeapCreate
SetLastError
CreateFileW
FindClose
TlsGetValue
FlushViewOfFile
GetFileType
TlsSetValue
CreateFileA
ExitProcess
GetCurrentThreadId
LeaveCriticalSection
GetCurrentProcessId
WriteConsoleW
InterlockedIncrement
GradientFill
NetLocalGroupEnum
NetSessionEnum
NetApiBufferFree
StrNCatA
AcquireCredentialsHandleA
MapWindowPoints
SendNotifyMessageA
GetForegroundWindow
RedrawWindow
SetMenuDefaultItem
LoadMenuA
GetShellWindow
KillTimer
DestroyMenu
PostQuitMessage
DefWindowProcA
ShowWindow
MessageBeep
SetClassLongA
SetWindowPos
GetWindowRect
TileWindows
MessageBoxA
LoadIconW
GetDC
GetCursorPos
SetSysColors
SetWindowTextA
CheckMenuItem
GetMenu
RegisterClassW
IsWindowVisible
SendMessageA
GetClientRect
CreateWindowExA
GetDlgItem
SystemParametersInfoW
EnableMenuItem
DeleteMenu
InvalidateRect
GetSubMenu
SetTimer
TrackPopupMenu
LoadCursorW
GetClassNameA
IsThemeActive
EnableTheming
Number of PE resources by type
RT_ICON 8
RT_GROUP_CURSOR 5
RT_RCDATA 4
RT_BITMAP 4
RT_CURSOR 4
RT_STRING 3
RT_GROUP_ICON 2
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 32
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.10.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
HashMyFiles

ImageFileCharacteristics
Executable, No symbols, Large address aware, 32-bit

CharacterSet
Unicode

InitializedDataSize
224768

EntryPoint
0x6e91

OriginalFileName
HashMyFiles.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2007 - 2014 Nir Sofer

FileVersion
2.1

TimeStamp
2014:12:18 13:26:56+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
HashMyFiles

ProductVersion
2.1

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
NirSoft

CodeSize
68608

ProductName
HashMyFiles

ProductVersionNumber
2.10.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 62c406de015248973a1d0b9c50867f82
SHA1 a1862e412dc72d4539ab6a1a1e4f95f815016501
SHA256 2a8eaa50b4c7c8b75f317fce2a3bc344109923ab65d91de6a6d571e829cbb68a
ssdeep
6144:68UhWaWWCrUMPnaXsYgl/qrYHa9jgXrSK0xQB0emf49Boq2Q0YE:68UWXrUMPnZl/qrYsgbmxQB0emMjE

authentihash a18ffd19bc7c257827089897c5cd2f78df98aeb4aa12c0292cc879df0322bc99
imphash 5bad3fa62cf682e860d65af569fceae2
File size 282.0 KB ( 288816 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-01-02 15:36:40 UTC (il y a 4 ans, 2 mois)
Last submission 2015-01-02 15:37:33 UTC (il y a 4 ans, 2 mois)
Noms du fichier HashMyFiles
dump
HashMyFiles.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !