× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 984fb9e856c1a0cb2e500b41709a0a067fa1739bac0e3410ece581a80e90db3b
Nom du fichier : Skype 4.2.0.187_AW.exe
Ratio de détection : 0 / 44
Date d'analyse : 2013-02-17 10:33:44 UTC (il y a 4 ans, 3 mois)
Antivirus Résultat Mise à jour
Yandex 20130216
AhnLab-V3 20130217
AntiVir 20130217
Antiy-AVL 20130216
Avast 20130217
AVG 20130216
BitDefender 20130217
ByteHero 20130215
CAT-QuickHeal 20130215
ClamAV 20130217
Commtouch 20130216
Comodo 20130217
DrWeb 20130214
Emsisoft 20130217
eSafe 20130211
ESET-NOD32 20130217
F-Prot 20130216
F-Secure 20130217
Fortinet 20130217
GData 20130217
Ikarus 20130217
Jiangmin 20130217
K7AntiVirus 20130216
Kaspersky 20130217
Kingsoft 20130204
Malwarebytes 20130217
Microsoft 20130217
eScan 20130217
NANO-Antivirus 20130217
Norman 20130215
nProtect 20130217
Panda 20130217
PCTools 20130217
Rising 20130205
Sophos 20130217
SUPERAntiSpyware 20130217
Symantec 20130217
TheHacker 20130215
TotalDefense 20130215
TrendMicro 20130217
TrendMicro-HouseCall 20130217
VBA32 20130215
VIPRE 20130217
ViRobot 20130216
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT RAR, UPX_LZMA
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-03-02 07:40:24
Entry Point 0x0000B4B5
Number of sections 5
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
OpenProcessToken
RegSetValueExW
RegOpenKeyExW
SetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
SetFileSecurityA
RegQueryValueExW
Ord(17)
InitCommonControlsEx
GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW
GetDeviceCaps
DeleteDC
SelectObject
StretchBlt
GetObjectW
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
SetFilePointer
GetSystemTime
GetLastError
HeapFree
GetStdHandle
SystemTimeToFileTime
ReadFile
FileTimeToSystemTime
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
FindNextFileA
CompareStringW
HeapAlloc
SetFileTime
IsDBCSLeadByte
GetCommandLineW
GetFileAttributesW
GetCurrentProcess
FileTimeToLocalFileTime
MoveFileW
OpenFileMappingW
SetFileAttributesA
GetDateFormatW
CreateDirectoryA
DeleteFileA
GetCPInfo
ExitProcess
MultiByteToWideChar
SetEnvironmentVariableW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CreateFileMappingW
GetTimeFormatW
WriteFile
SetFileAttributesW
DosDateTimeToFileTime
CloseHandle
WideCharToMultiByte
MapViewOfFile
MoveFileExW
ExpandEnvironmentStringsW
FindNextFileW
SetEndOfFile
GetFileAttributesA
GetTempPathW
FindFirstFileA
FindFirstFileW
HeapReAlloc
GetModuleHandleW
GetFullPathNameA
GetCurrentDirectoryW
LoadLibraryW
SetCurrentDirectoryW
UnmapViewOfFile
FindResourceW
CreateFileW
GlobalAlloc
LocalFileTimeToFileTime
FindClose
Sleep
GetFileType
GetFullPathNameW
CreateFileA
GetTickCount
GetLocaleInfoW
GetNumberFormatW
SetLastError
CompareStringA
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
SHAutoComplete
SetFocus
MapWindowPoints
GetParent
UpdateWindow
EndDialog
LoadBitmapW
DefWindowProcW
CopyRect
GetWindowTextW
GetMessageW
ShowWindow
GetSystemMetrics
SetWindowPos
wvsprintfW
CharToOemBuffA
SetWindowLongW
IsWindow
SendMessageW
GetWindowRect
RegisterClassExW
CharUpperW
DialogBoxParamW
CharToOemBuffW
wvsprintfA
SendDlgItemMessageW
GetDlgItemTextW
PostMessageW
GetSysColor
SetDlgItemTextW
GetDC
ReleaseDC
DestroyIcon
TranslateMessage
IsWindowVisible
LoadStringW
SetWindowTextW
GetDlgItem
GetWindow
MessageBoxW
DispatchMessageW
GetClassNameW
PeekMessageW
CharUpperA
OemToCharA
EnableWindow
GetClientRect
WaitForInputIdle
OemToCharBuffA
LoadCursorW
LoadIconW
FindWindowExW
CreateWindowExW
GetWindowLongW
SetForegroundWindow
DestroyWindow
CharToOemA
CreateStreamOnHGlobal
OleUninitialize
CoCreateInstance
OleInitialize
CLSIDFromString
Number of PE resources by type
RT_DIALOG 6
RT_ICON 5
RT_STRING 5
RT_MANIFEST 1
RT_BITMAP 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 13
NEUTRAL DEFAULT 6
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2011:03:02 07:40:24+00:00

FileType
Win32 EXE

PEType
PE32

CodeSize
72192

LinkerVersion
9.0

EntryPoint
0xb4b5

InitializedDataSize
308736

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 fe963c5773e205f5f75b285783ddcf52
SHA1 a301b5206a780479cd7dac6201ec0eca25beb9a3
SHA256 984fb9e856c1a0cb2e500b41709a0a067fa1739bac0e3410ece581a80e90db3b
ssdeep
393216:GEdFJkaB8ZEDyNPk2+HyQLj/9nqXDrmYaU2xIuzL5y0N1HGtpPDCA:GEdgaB1yNsp/9cmYMxIuzlywICA

File size 18.4 MB ( 19242638 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
Tags
peexe

VirusTotal metadata
First submission 2013-02-17 10:33:44 UTC (il y a 4 ans, 3 mois)
Last submission 2013-02-17 10:33:44 UTC (il y a 4 ans, 3 mois)
Noms du fichier Skype 4.2.0.187_AW.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !