× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: af98b6e34d59a17d3ed611b80da63f814b4a1a54c6f96aee0cb337ce62e0da98
Nom du fichier : PPC+2.5.0.1%20FINAL.exe
Ratio de détection : 1 / 65
Date d'analyse : 2017-09-03 11:40:05 UTC (il y a 1 an, 3 mois)
Antivirus Résultat Mise à jour
WhiteArmor Malware.HighConfidence 20170829
Ad-Aware 20170903
AegisLab 20170903
AhnLab-V3 20170903
Alibaba 20170901
ALYac 20170903
Antiy-AVL 20170903
Arcabit 20170903
Avast 20170903
AVG 20170903
Avira (no cloud) 20170903
AVware 20170903
Baidu 20170831
BitDefender 20170903
Bkav 20170901
CAT-QuickHeal 20170902
ClamAV 20170903
CMC 20170902
Comodo 20170903
CrowdStrike Falcon (ML) 20170804
Cylance 20170903
Cyren 20170903
DrWeb 20170903
Emsisoft 20170903
Endgame 20170821
ESET-NOD32 20170903
F-Prot 20170903
F-Secure 20170903
Fortinet 20170903
GData 20170903
Ikarus 20170903
Sophos ML 20170822
Jiangmin 20170902
K7AntiVirus 20170903
K7GW 20170903
Kaspersky 20170903
Kingsoft 20170903
Malwarebytes 20170903
MAX 20170903
McAfee 20170903
McAfee-GW-Edition 20170903
Microsoft 20170903
eScan 20170903
NANO-Antivirus 20170903
nProtect 20170903
Palo Alto Networks (Known Signatures) 20170903
Panda 20170903
Qihoo-360 20170903
Rising 20170901
SentinelOne (Static ML) 20170806
Sophos AV 20170903
SUPERAntiSpyware 20170903
Symantec 20170902
Symantec Mobile Insight 20170901
Tencent 20170903
TheHacker 20170828
TotalDefense 20170903
TrendMicro 20170903
TrendMicro-HouseCall 20170903
Trustlook 20170903
VBA32 20170901
VIPRE 20170903
ViRobot 20170902
Webroot 20170903
Yandex 20170901
Zillya 20170902
ZoneAlarm by Check Point 20170903
Zoner 20170903
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1985-2009 Adobe Systems, Inc.

Product Director 11.5
Original name Projector.exe
Internal name Projector
File version 11.5r593
Description Adobe Projector
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-03-15 05:29:46
Entry Point 0x00004576
Number of sections 4
PE sections
Overlays
MD5 3cfc47ca4cc5b4060662407b76386aa6
File type data
Offset 376832
Size 7058394
Entropy 7.22
PE imports
RegCloseKey
OpenProcessToken
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueW
DeleteDC
SelectObject
CreatePalette
SelectPalette
UnrealizeObject
GetObjectW
BitBlt
CreateCompatibleDC
DeleteObject
RealizePalette
GetStdHandle
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
GetStringTypeA
InterlockedExchange
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
InitializeCriticalSection
FindClose
TlsGetValue
SetLastError
GetModuleFileNameW
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
UnhandledExceptionFilter
MultiByteToWideChar
GetModuleHandleA
CreateThread
GetSystemDirectoryW
TerminateProcess
SetCurrentDirectoryW
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
DeleteFileA
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
RemoveDirectoryW
_lcreat
FindNextFileW
FindFirstFileW
GlobalLock
CreateFileW
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GetSystemInfo
GlobalFree
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
VirtualQuery
CreateProcessW
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
GetSystemDefaultLangID
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
HeapCreate
WriteFile
VirtualFree
VirtualAlloc
UpdateWindow
BeginPaint
DefWindowProcW
GetMessageW
PostQuitMessage
ShowWindow
SetWindowLongW
MessageBoxW
GetWindowRect
EndPaint
AdjustWindowRectEx
TranslateMessage
GetDC
ReleaseDC
RegisterClassW
LoadStringW
DispatchMessageW
InvalidateRect
LoadImageW
PostThreadMessageW
GetDesktopWindow
LoadCursorW
CreateWindowExW
GetWindowLongW
ExitWindowsEx
DestroyWindow
Number of PE resources by type
RT_ICON 12
RT_STRING 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
NEUTRAL 3
PE resources
ExifTool file metadata
LegalTrademarks
Director is a registered trademark and Shockwave(tm) is a trademark of Adobe Systems, Inc.

SubsystemVersion
4.0

LinkerVersion
7.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
11.5.0.593

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Adobe Projector

CharacterSet
Unicode

InitializedDataSize
331776

EntryPoint
0x4576

OriginalFileName
Projector.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 1985-2009 Adobe Systems, Inc.

FileVersion
11.5r593

TimeStamp
2009:03:15 06:29:46+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Projector

ProductVersion
11.5

UninitializedDataSize
0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Adobe Systems, Inc.

CodeSize
40960

ProductName
Director 11.5

ProductVersionNumber
11.5.0.593

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 9a4541109566f9eaf3e8a5658ecdc0fb
SHA1 c27485b91f8757e68e76f3d60176c7167724077f
SHA256 af98b6e34d59a17d3ed611b80da63f814b4a1a54c6f96aee0cb337ce62e0da98
ssdeep
98304:2pM6IsOTPW+mewy+KenxOB888Jbv087p2RPwu0AoUm+tucNXX1:2pMqOTO+JwyKnxOBs0kw70AoZ+tXb

authentihash acd3ba9961042486a0d91611b12a9a047eace040e32f52cd3c69f30d08dd31b4
imphash ab71d01d3658763fb87af9bba83d4596
File size 7.1 MB ( 7435226 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Windows ActiveX control (57.0%)
Win32 EXE PECompact compressed (generic) (20.3%)
Win32 Executable MS Visual C++ (generic) (15.2%)
Win32 Dynamic Link Library (generic) (3.2%)
Win32 Executable (generic) (2.2%)
Tags
peexe overlay

VirusTotal metadata
First submission 2014-09-12 13:11:36 UTC (il y a 4 ans, 3 mois)
Last submission 2017-09-03 11:40:05 UTC (il y a 1 an, 3 mois)
Noms du fichier PPC 2.5.0.1 FINAL.exe
Projector.exe
Projector
PPC+2.5.0.1%20FINAL.exe
file-7450953_exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Opened mutexes
Searched windows
Runtime DLLs
Additional details
The file uses the IsDebuggerPresent Windows API function in order to see whether it is being debugged.
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.