× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: acd1eb390e96774ff92cdff472eacf58498a69e22e7e51463fcd1e9afedf5e2f
Nom du fichier : PS3_ISO_TOOLS V2.1.exe
Ratio de détection : 5 / 65
Date d'analyse : 2017-07-31 03:49:19 UTC (il y a 1 an, 4 mois)
Antivirus Résultat Mise à jour
McAfee Artemis!F58D0C6C7173 20170731
McAfee-GW-Edition BehavesLike.Win32.Dropper.dh 20170731
Rising Trojan.Injector!1.9DEE (cloud:U1mBJXJ49dD) 20170731
TotalDefense Win32/Inject.C!generic 20170730
TrendMicro-HouseCall Suspicious_GEN.F47V0516 20170731
Ad-Aware 20170731
AegisLab 20170731
AhnLab-V3 20170730
Alibaba 20170731
ALYac 20170731
Antiy-AVL 20170731
Arcabit 20170731
Avast 20170731
AVG 20170731
Avira (no cloud) 20170730
AVware 20170731
Baidu 20170728
BitDefender 20170731
Bkav 20170729
CAT-QuickHeal 20170729
ClamAV 20170731
CMC 20170730
Comodo 20170731
CrowdStrike Falcon (ML) 20170710
Cylance 20170731
Cyren 20170731
DrWeb 20170731
Emsisoft 20170731
Endgame 20170721
ESET-NOD32 20170731
F-Prot 20170731
F-Secure 20170731
Fortinet 20170731
GData 20170731
Ikarus 20170730
Sophos ML 20170607
Jiangmin 20170731
K7AntiVirus 20170730
K7GW 20170731
Kaspersky 20170731
Kingsoft 20170731
Malwarebytes 20170731
MAX 20170731
Microsoft 20170730
eScan 20170731
NANO-Antivirus 20170731
nProtect 20170731
Palo Alto Networks (Known Signatures) 20170731
Panda 20170730
Qihoo-360 20170731
SentinelOne (Static ML) 20170718
Sophos AV 20170731
SUPERAntiSpyware 20170730
Symantec 20170730
Symantec Mobile Insight 20170730
Tencent 20170731
TheHacker 20170730
TrendMicro 20170731
Trustlook 20170731
VBA32 20170728
VIPRE 20170731
ViRobot 20170730
Webroot 20170731
WhiteArmor 20170730
Yandex 20170728
Zillya 20170728
ZoneAlarm by Check Point 20170731
Zoner 20170731
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-12-15 10:20:05
Entry Point 0x00001000
Number of sections 5
PE sections
PE imports
InitCommonControlsEx
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_Create
ImageList_ReplaceIcon
ImageList_Add
GetOpenFileNameA
GetSaveFileNameA
GetObjectA
CreateDCA
CreateFontA
GetDeviceCaps
DeleteDC
DeleteObject
BitBlt
GetStockObject
CreateBitmap
StretchBlt
SetPixel
CreateSolidBrush
GetDIBits
SetDIBits
SelectObject
SetBkColor
CreateDIBSection
CreateCompatibleDC
GetObjectType
CreateCompatibleBitmap
SetTextColor
PeekNamedPipe
GetLastError
HeapFree
GetStdHandle
EnterCriticalSection
GetFileAttributesA
GlobalFree
WaitForSingleObject
FreeLibrary
MulDiv
HeapDestroy
HeapAlloc
TlsAlloc
GetVersionExA
LoadLibraryA
CreatePipe
GetCurrentProcess
GetVolumeInformationA
GetCurrentDirectoryA
GetCurrentProcessId
ReleaseSemaphore
CreateDirectoryA
DeleteFileA
WideCharToMultiByte
TlsGetValue
GetProcAddress
GetCurrentThread
SetFilePointer
CreateSemaphoreA
CreateThread
TlsFree
GetModuleHandleA
DeleteCriticalSection
ReadFile
WriteFile
FindFirstFileA
CloseHandle
FindNextFileA
TerminateProcess
DuplicateHandle
HeapReAlloc
WaitForMultipleObjects
SetFileAttributesA
GetDriveTypeA
MoveFileA
GetDiskFreeSpaceExA
CreateProcessA
InitializeCriticalSection
HeapCreate
GlobalAlloc
FindClose
CopyFileA
Sleep
TlsSetValue
CreateFileA
ExitProcess
GetCurrentThreadId
GetFileSize
SetLastError
LeaveCriticalSection
strncmp
malloc
sscanf
memset
fclose
strcat
fprintf
_setjmp3
strlen
strncpy
fabs
floor
fseek
ftell
_strdup
sprintf
exit
__p__iob
fread
longjmp
free
ceil
getenv
memcpy
strstr
memmove
_isnan
strcpy
_strnicmp
strcmp
RevokeDragDrop
CoTaskMemFree
CoInitialize
ShellExecuteExA
PathMatchSpecA
MapWindowPoints
RedrawWindow
TranslateAcceleratorA
GetForegroundWindow
GetParent
UpdateWindow
SetPropA
SetCapture
BeginPaint
DrawStateA
EnumWindows
SetFocus
MoveWindow
LoadImageA
ShowWindow
DefWindowProcA
GetIconInfo
GetSystemMetrics
GetPropA
SetWindowPos
GetWindowThreadProcessId
CreateIconFromResourceEx
CharLowerA
GetWindowRect
DispatchMessageA
EnableWindow
GetActiveWindow
PostMessageA
ReleaseCapture
EnumChildWindows
RegisterWindowMessageA
MessageBoxA
PeekMessageA
SetWindowLongA
AdjustWindowRectEx
TranslateMessage
IsWindowEnabled
GetWindow
GetSysColor
SetActiveWindow
GetKeyState
GetCursorPos
SystemParametersInfoA
RemovePropA
SetWindowTextA
DefFrameProcA
DestroyIcon
UnregisterClassA
IsWindowVisible
IsZoomed
SendMessageA
GetClientRect
SetCursorPos
SetCursor
IsIconic
ScreenToClient
InvalidateRect
GetWindowLongA
GetWindowTextLengthA
CreateWindowExA
LoadCursorA
LoadIconA
GetMessageA
FillRect
RegisterClassA
DestroyAcceleratorTable
GetSysColorBrush
CreateIconFromResource
CallWindowProcA
GetClassNameA
GetFocus
MsgWaitForMultipleObjects
EndPaint
GetWindowTextA
CreateAcceleratorTableA
IsChild
DestroyWindow
timeEndPeriod
timeBeginPeriod
Number of PE resources by type
RT_ICON 2
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2014:12:15 11:20:05+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
189440

LinkerVersion
2.5

FileTypeExtension
exe

InitializedDataSize
33280

SubsystemVersion
4.0

EntryPoint
0x1000

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 f58d0c6c717364da0e2ca026a8e53f4f
SHA1 bf0091f02b5a2190e8a25a390246fbf0a7d486f0
SHA256 acd1eb390e96774ff92cdff472eacf58498a69e22e7e51463fcd1e9afedf5e2f
ssdeep
6144:WWYIzEM/FYBNn4C4RyL+FSxZp52QnBfQrWddw4iR:WrI8yyCFSxXB+Wddm

authentihash 6c05a3db7e8204edf9bb74adf0c7961060af06b2daf4d644660d43fe91da9c79
imphash 099c6692fe82a95f3247c13d2e04fd9d
File size 216.5 KB ( 221696 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ 5.0 (44.3%)
Win32 Executable MS Visual C++ (generic) (22.8%)
Win64 Executable (generic) (20.2%)
Win32 Dynamic Link Library (generic) (4.8%)
Win32 Executable (generic) (3.2%)
Tags
peexe

VirusTotal metadata
First submission 2014-12-17 10:02:21 UTC (il y a 3 ans, 11 mois)
Last submission 2017-07-31 03:49:19 UTC (il y a 1 an, 4 mois)
Noms du fichier PS3_ISO_TOOLS V2.1.exe
PS3_ISO_TOOLS V2.1.exe
PS3_ISO_TOOLS V2.1.exe
file-7870496_exe
PS3_ISO_TOOLS V2.1.exe
PS3_ISO_TOOLS V2.1.exe
ps3_iso_tools v2.1.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
dll-injection

Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.