× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 89dacb27a64916a51f4280f7552913e54b8d9e6d7f0775b4fc93a57d04b2033c
Nom du fichier : So Smooth Shutdown.exe
Ratio de détection : 1 / 55
Date d'analyse : 2016-08-31 13:04:18 UTC (il y a 11 mois) Voir les derniers
Antivirus Résultat Mise à jour
Qihoo-360 HEUR/QVM03.0.0000.Malware.Gen 20160831
Ad-Aware 20160831
AegisLab 20160831
AhnLab-V3 20160831
Alibaba 20160831
ALYac 20160831
Antiy-AVL 20160831
Arcabit 20160831
Avast 20160831
AVG 20160831
Avira (no cloud) 20160831
AVware 20160831
Baidu 20160831
BitDefender 20160831
CAT-QuickHeal 20160831
ClamAV 20160831
CMC 20160830
Comodo 20160831
CrowdStrike Falcon (ML) 20160725
Cyren 20160831
DrWeb 20160831
Emsisoft 20160831
ESET-NOD32 20160831
F-Prot 20160831
F-Secure 20160831
Fortinet 20160831
GData 20160831
Ikarus 20160831
Sophos ML 20160830
Jiangmin 20160831
K7AntiVirus 20160831
K7GW 20160831
Kaspersky 20160831
Kingsoft 20160831
Malwarebytes 20160831
McAfee 20160831
McAfee-GW-Edition 20160831
Microsoft 20160831
eScan 20160831
NANO-Antivirus 20160831
nProtect 20160831
Panda 20160831
Rising 20160831
Sophos AV 20160831
SUPERAntiSpyware 20160831
Symantec 20160831
Tencent 20160831
TheHacker 20160829
TrendMicro 20160831
TrendMicro-HouseCall 20160831
VBA32 20160831
VIPRE 20160831
ViRobot 20160831
Yandex 20160830
Zillya 20160831
Zoner 20160831
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2015

Product WindowsFormsApplication1
Original name So Smooth Shutdown.exe
Internal name So Smooth Shutdown.exe
File version 1.0.0.0
Description WindowsFormsApplication1
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-08-31 12:57:59
Entry Point 0x0004CFF6
Number of sections 3
.NET details
Module Version ID 0ab72cda-6d56-4628-a420-4734b11ae7b6
TypeLib ID cd358a49-ed10-4edd-b778-6985828e095c
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 9
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 11
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.0

LinkerVersion
48.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
241664

EntryPoint
0x4cff6

OriginalFileName
So Smooth Shutdown.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2015

FileVersion
1.0.0.0

TimeStamp
2016:08:31 13:57:59+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
So Smooth Shutdown.exe

ProductVersion
1.0.0.0

FileDescription
WindowsFormsApplication1

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
307200

ProductName
WindowsFormsApplication1

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 476eeffaf82b8027cc4c8f4d6ebc5c60
SHA1 b34d15c54f99fe8e9d189ad2508d18a88315a368
SHA256 89dacb27a64916a51f4280f7552913e54b8d9e6d7f0775b4fc93a57d04b2033c
ssdeep
12288:+02DSIOzKozvMkVBqI8N2DSIOzKzzvMkVSC:mzOzAI8SzOzc

authentihash a1eb2b509554e8dc373c3502318385f17ed396eaa3ffdc49cff5b8efbc1f187b
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 536.5 KB ( 549376 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-08-31 13:04:18 UTC (il y a 11 mois)
Last submission 2016-08-31 13:04:18 UTC (il y a 11 mois)
Noms du fichier So Smooth Shutdown.exe
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !