× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 9bca8e24aa80e4fca74a6e105f1bb6917bd71451c88ccb5c7ba28e90cb6671cd
Nom du fichier : 5_.payload
Ratio de détection : 9 / 45
Date d'analyse : 2013-08-24 07:01:48 UTC (il y a 4 ans, 11 mois) Voir les derniers
Antivirus Résultat Mise à jour
AntiVir BDS/ZeroAccess.Gen7 20130824
Fortinet W32/LockScreen.LOL!tr 20130824
Kaspersky UDS:DangerousObject.Multi.Generic 20130824
Malwarebytes Trojan.Downloader.ED 20130824
McAfee ZeroAccess-FBR!A89A6DB9C948 20130824
Microsoft Trojan:Win32/Sirefef.P 20130824
Panda Suspicious file 20130823
Sophos AV Mal/Generic-S 20130824
Symantec Suspicious.Cloud.5 20130824
Yandex 20130823
AhnLab-V3 20130823
Antiy-AVL 20130824
Avast 20130824
AVG 20130823
BitDefender 20130824
ByteHero 20130814
CAT-QuickHeal 20130823
ClamAV 20130824
Commtouch 20130824
Comodo 20130824
DrWeb 20130824
Emsisoft 20130824
ESET-NOD32 20130823
F-Prot 20130824
GData 20130824
Ikarus 20130824
Jiangmin 20130824
K7AntiVirus 20130823
K7GW 20130823
Kingsoft 20130723
McAfee-GW-Edition 20130823
eScan 20130824
NANO-Antivirus 20130824
Norman 20130823
nProtect 20130823
PCTools 20130823
Rising 20130823
SUPERAntiSpyware 20130824
TheHacker 20130823
TotalDefense 20130823
TrendMicro 20130824
TrendMicro-HouseCall 20130824
VBA32 20130822
VIPRE 20130824
ViRobot 20130824
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Publisher RegNow.com
Internal name RegNow Download Manager
File version 1.0.0
Description RegNow Download Manager
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-08-23 11:39:35
Entry Point 0x00004790
Number of sections 5
PE sections
PE imports
RegOpenKeyExA
GetTextMetricsW
TextOutW
CreateFontIndirectW
PatBlt
CreatePen
CreateICW
CombineRgn
GetPixel
GetDeviceCaps
LineTo
DeleteDC
SetPixel
BitBlt
SetTextColor
GetTextExtentPoint32W
MoveToEx
GetStockObject
CreateCompatibleDC
StretchBlt
CreateRectRgn
SelectObject
CreateCompatibleBitmap
CreateSolidBrush
SetBkColor
DeleteObject
SetRectRgn
GetLastError
lstrcatA
lstrlenA
SetEvent
QueryPerformanceCounter
GetTickCount
GetVersionExA
GetModuleFileNameA
GetComputerNameA
GetCurrentProcess
LoadLibraryExA
SetConsoleCtrlHandler
GetCurrentProcessId
AddAtomA
OpenProcess
CreateFileA
UnhandledExceptionFilter
MultiByteToWideChar
GetStartupInfoW
GetProcAddress
GetProcessHeap
WideCharToMultiByte
GetModuleHandleA
SetUnhandledExceptionFilter
lstrcpyA
CompareStringA
GetSystemTimeAsFileTime
lstrcpynA
GetSystemDirectoryA
FreeLibrary
TerminateProcess
CreateProcessA
CreateEventA
InterlockedDecrement
Sleep
CloseHandle
GetCurrentThreadId
OpenEventA
VirtualAlloc
SetCurrentDirectoryA
GetOEMCP
InterlockedIncrement
SetFocus
GetForegroundWindow
SystemParametersInfoA
EndDialog
LoadBitmapW
GetMessageW
DefWindowProcW
CharNextA
KillTimer
DestroyMenu
PostQuitMessage
DefWindowProcA
ShowWindow
MessageBeep
SetWindowPos
RemoveMenu
GetDesktopWindow
GetSystemMetrics
EnableMenuItem
MessageBoxW
GetMenu
GetWindowRect
DispatchMessageA
EndPaint
UpdateWindow
SetCapture
ReleaseCapture
DialogBoxParamW
PeekMessageA
GetWindowDC
TranslateMessage
BeginPaint
PostMessageW
GetSysColor
GetDlgItemInt
GetDC
CreateWindowExW
GetCursorPos
ReleaseDC
LoadMenuA
LoadAcceleratorsW
SendMessageW
LoadStringA
RegisterClassW
WinHelpW
LoadStringW
SetWindowTextW
CreateWindowExA
GetDlgItem
DrawMenuBar
SystemParametersInfoW
LoadIconW
IsIconic
RegisterClassA
InvalidateRect
GetSubMenu
SetTimer
LoadIconA
DestroyWindow
FlashWindow
ShowCursor
DestroyIcon
GetClientRect
TrackPopupMenuEx
SetDlgItemInt
LoadCursorW
wsprintfA
DispatchMessageW
MsgWaitForMultipleObjects
wsprintfW
SetForegroundWindow
TranslateAcceleratorW
SetCursor
_cexit
__p__fmode
_c_exit
_except_handler3
_exit
__p__commode
__initenv
_controlfp
exit
_XcptFilter
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__set_app_type
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
SubsystemVersion
5.0

InitializedDataSize
184320

ImageVersion
0.0

FileVersionNumber
1.0.7.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
9.0

MIMEType
application/octet-stream

FileVersion
1.0.0

TimeStamp
2013:08:23 12:39:35+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
RegNow Download Manager

FileDescription
RegNow Download Manager

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
RegNow.com

CodeSize
4608

FileSubtype
0

ProductVersionNumber
1.0.7.1

EntryPoint
0x4790

ObjectFileType
Executable application

File identification
MD5 a89a6db9c9487453466cafa9613c743a
SHA1 9e77707350b4b0e8a565dca3523e9379d5111840
SHA256 9bca8e24aa80e4fca74a6e105f1bb6917bd71451c88ccb5c7ba28e90cb6671cd
ssdeep
3072:H6X5dnIZZPkkYWszDsFH9Sdh6QAdg0iaMs1CH2FT0fW3A2bC:HW7GZ/szoFH9+V87wf

File size 196.5 KB ( 201216 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.1%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2013-08-24 07:01:48 UTC (il y a 4 ans, 11 mois)
Last submission 2013-08-26 23:07:49 UTC (il y a 4 ans, 11 mois)
Noms du fichier jhxnAM_.xltm
5_.payload
RegNow Download Manager
googleupdate.exe
e1283479bab91527a657742178305d7feed6d411
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !