× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: e5c5229ed191f337a4317bfdf64b26b643efa8e1d74338106a91686a3b028dd5
Nom du fichier : test2.exe
Ratio de détection : 26 / 46
Date d'analyse : 2013-02-24 22:00:32 UTC (il y a 1 an, 1 mois) Voir les derniers
Antivirus Résultat Mise à jour
AVG Win32/Heur 20130224
AntiVir TR/Crypt.EPACK.Gen2 20130224
Avast Win32:SwPatch [Wrm] 20130224
BitDefender Gen:Trojan.Heur.TP.Ir0@bmTywGai 20130224
ByteHero Trojan.Win32.Heur.Gen 20130221
Commtouch W32/Swrort.B.gen!Eldorado 20130224
Comodo TrojWare.Win32.Rozena.A 20130224
DrWeb Trojan.Swrort.1 20130224
ESET-NOD32 a variant of Win32/Rozena.DK 20130224
Emsisoft Gen:Trojan.Heur.TP.Ir0@bmTywGai (B) 20130224
F-Prot W32/Swrort.B.gen!Eldorado 20130224
F-Secure Gen:Trojan.Heur.TP.Ir0@bmTywGai 20130224
Fortinet W32/Swrort.C!tr 20130224
GData Gen:Trojan.Heur.TP.Ir0@bmTywGai 20130224
Ikarus Trojan.Win32.Genome 20130224
K7AntiVirus Riskware 20130222
Kaspersky HEUR:Trojan.Win32.Generic 20130224
McAfee Swrort.d 20130224
McAfee-GW-Edition Swrort.d 20130224
MicroWorld-eScan Gen:Trojan.Heur.TP.Ir0@bmTywGai 20130224
Microsoft Trojan:Win32/Swrort.A 20130224
NANO-Antivirus Virus.Win32.Gen.ccmw 20130224
Norman Swrort.S 20130224
Rising Hack.Swrort!22DC 20130205
Sophos Mal/EncPk-ACE 20130224
VIPRE Trojan.Win32.Swrort.B (v) 20130224
Agnitum 20130224
AhnLab-V3 20130224
Antiy-AVL 20130224
CAT-QuickHeal 20130223
ClamAV 20130224
Jiangmin 20130224
Kingsoft 20130204
Malwarebytes 20130224
PCTools 20130219
Panda 20130224
SUPERAntiSpyware 20130224
Symantec 20130224
TheHacker 20130224
TotalDefense 20130224
TrendMicro 20130224
TrendMicro-HouseCall 20130224
VBA32 20130222
ViRobot 20130224
eSafe 20130211
nProtect 20130224
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyleft 1998-2006 by Don HO

Publisher Don HO don.h@free.fr
Product Notepad__
Original name Notepad__.exe
Internal name npp.exe
File version 6.12
Description Notepad__ : a free (GNU) source code editor
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-03-25 23:13:43
Entry Point 0x0002D40A
Number of sections 4
PE sections
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
IsTextUnicode
RegQueryValueExW
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_Destroy
ImageList_AddMasked
ImageList_Draw
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_DragMove
ImageList_Create
Ord(17)
ImageList_Add
ImageList_SetIconSize
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_EndDrag
GetTextMetricsW
CreateFontIndirectW
PatBlt
CreatePen
SaveDC
GetROP2
GetPixel
Rectangle
GetDeviceCaps
LineTo
DeleteDC
RestoreDC
SetBkMode
EndDoc
CreateSolidBrush
StartPage
DeleteObject
GetObjectW
BitBlt
CreateHatchBrush
OffsetWindowOrgEx
CreatePatternBrush
SelectObject
ExtTextOutW
CreateBitmap
MoveToEx
EnumFontFamiliesExW
GetStockObject
SetTextAlign
SetROP2
CreateCompatibleDC
CreateFontW
SetBrushOrgEx
EndPage
GetTextExtentPoint32W
SetWindowOrgEx
DPtoLP
SetTextColor
SetBkColor
GetTextExtentPointW
StartDocW
CreateCompatibleBitmap
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
WaitForSingleObject
GetDriveTypeA
HeapDestroy
GetFileAttributesW
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
lstrcatW
GetLocaleInfoW
SetStdHandle
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
InitializeCriticalSection
LoadResource
FindClose
InterlockedDecrement
MoveFileW
SetFileAttributesW
SetLastError
CopyFileW
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
lstrcmpiW
EnumSystemLocalesA
GetUserDefaultLCID
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetModuleHandleA
GetFullPathNameW
CreateThread
SetUnhandledExceptionFilter
CreateMutexW
MulDiv
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
SetCurrentDirectoryW
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
LoadLibraryW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
LocalLock
GlobalSize
GetStartupInfoA
GetDateFormatA
GetEnvironmentStrings
GetDateFormatW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
GetTimeFormatW
lstrcpyW
ExpandEnvironmentStringsW
FindNextFileW
GetTimeFormatA
FindFirstFileW
IsValidLocale
lstrcmpW
GlobalLock
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LocalUnlock
LeaveCriticalSection
GetLastError
LCMapStringW
GetSystemInfo
GlobalFree
GetConsoleCP
FindResourceW
LCMapStringA
CompareStringW
GetEnvironmentStringsW
GlobalUnlock
lstrlenW
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
InterlockedCompareExchange
lstrcpynW
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetLongPathNameW
WideCharToMultiByte
IsValidCodePage
HeapCreate
GetTempPathW
VirtualFree
Sleep
VirtualAlloc
CompareStringA
DragQueryFileW
SHBrowseForFolderW
Shell_NotifyIconW
ShellExecuteW
SHGetPathFromIDListW
DragQueryPoint
SHGetSpecialFolderLocation
SHGetMalloc
DragFinish
PathStripPathW
PathMatchSpecW
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
PathRemoveExtensionW
PathAppendW
PathFindExtensionW
PathAddExtensionW
PathIsRelativeW
PathIsDirectoryW
PathCompactPathExW
RedrawWindow
LoadBitmapW
DestroyMenu
PostQuitMessage
SetWindowPos
SetScrollPos
IsWindow
ClientToScreen
WindowFromPoint
SetMenuItemInfoW
DispatchMessageW
ChangeClipboardChain
GetCursorPos
ReleaseDC
GetDlgCtrlID
GetMenu
GetMenuStringW
GetClientRect
ToAscii
SetCaretPos
DrawTextW
GetScrollPos
CallNextHookEx
IsClipboardFormatAvailable
LoadImageW
GetKeyboardState
GetActiveWindow
ShowCursor
GetWindowTextW
RegisterClipboardFormatW
LockWindowUpdate
ShowCaret
ScrollWindow
PtInRect
EnableWindow
GetMessageA
GetParent
UpdateWindow
ShowScrollBar
GetMenuState
CreateCaret
GetMessageW
ShowWindow
DrawFrameControl
GetDesktopWindow
PeekMessageW
InsertMenuItemW
SetWindowPlacement
CharUpperW
GetClipboardData
TranslateMessage
GetDlgItemTextW
DestroyCaret
GetDlgItemInt
SetClipboardData
CreateCursor
SetParent
RegisterClassW
IsZoomed
GetWindowPlacement
LoadStringW
DrawMenuBar
EnableMenuItem
DrawFocusRect
GetDCEx
IsDialogMessageW
FillRect
CreateAcceleratorTableW
DeferWindowPos
IsWindowUnicode
RealChildWindowFromPoint
CreateWindowExW
GetWindowLongW
DestroyWindow
IsChild
IsDialogMessageA
MapWindowPoints
RegisterWindowMessageW
GetMonitorInfoW
IsIconic
DrawEdge
BeginPaint
DefWindowProcW
DrawIcon
CheckMenuRadioItem
SetClipboardViewer
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
DrawTextExW
CharLowerW
SetWindowLongA
SendDlgItemMessageW
PostMessageW
CreateDialogParamW
CreatePopupMenu
CheckMenuItem
GetSubMenu
DrawIconEx
SetWindowTextW
CreateMenu
GetDlgItem
ScreenToClient
TrackPopupMenu
DialogBoxIndirectParamW
GetMenuItemCount
DestroyAcceleratorTable
SetDlgItemInt
SetWindowsHookExW
LoadCursorW
LoadIconW
GetMenuItemID
InsertMenuW
SetForegroundWindow
SetFocus
OpenClipboard
EmptyClipboard
EndPaint
CreateDialogIndirectParamW
GetScrollRange
EndDialog
HideCaret
FindWindowW
GetCapture
MessageBeep
LoadMenuW
RemoveMenu
BeginDeferWindowPos
MessageBoxW
SendMessageW
RegisterClassExW
UnhookWindowsHookEx
MoveWindow
DialogBoxParamW
MessageBoxA
AppendMenuW
DestroyCursor
mouse_event
GetSysColor
SetDlgItemTextW
SetScrollInfo
GetKeyState
EndDeferWindowPos
DestroyIcon
IsWindowVisible
SystemParametersInfoW
GetDC
FrameRect
DeleteMenu
InvalidateRect
CallWindowProcW
GetClassNameW
ModifyMenuW
MonitorFromWindow
DragDetect
CallWindowProcA
GetFocus
wsprintfW
CloseClipboard
SetCursor
SetMenu
TranslateAcceleratorW
GetSaveFileNameW
PrintDlgW
GetOpenFileNameW
ChooseColorW
CoUninitialize
CoInitialize
Number of PE resources by type
RT_ICON 121
RT_GROUP_ICON 75
RT_DIALOG 41
RT_BITMAP 41
RT_GROUP_CURSOR 4
RT_CURSOR 4
RT_MENU 3
RT_MANIFEST 1
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 292
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
6.1.2.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
724992

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Copyleft 1998-2006 by Don HO

FileVersion
6.12

TimeStamp
2012:03:26 00:13:43+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
npp.exe

ProductVersion
6.12

FileDescription
Notepad++ : a free (GNU) source code editor

OSVersion
4.0

OriginalFilename
Notepad++.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Don HO don.h@free.fr

CodeSize
880640

ProductName
Notepad++

ProductVersionNumber
6.1.2.0

EntryPoint
0x2d40a

ObjectFileType
Executable application

File identification
MD5 04c5e04531333a8f5821e2ccd26c74af
SHA1 051d0e94a287087bf1f6c9e34b8f5df20b22fa37
SHA256 e5c5229ed191f337a4317bfdf64b26b643efa8e1d74338106a91686a3b028dd5
ssdeep
24576:D1K/EVzZJb7ak0GyMLtvpGLwXGBJWG+DrSm5GLyC5ClRGVywYdi:DU/wqkNGBBgNrJ5GL+RGbYdi

File size 1.5 MB ( 1609728 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (42.6%)
Win32 Executable MS Visual C++ (generic) (37.3%)
Win32 Executable Generic (8.4%)
Win32 Dynamic Link Library (generic) (7.5%)
Generic Win/DOS Executable (1.9%)
Tags
peexe

VirusTotal metadata
First submission 2013-02-24 22:00:32 UTC (il y a 1 an, 1 mois)
Last submission 2013-03-01 11:46:42 UTC (il y a 1 an, 1 mois)
Noms du fichier npp.exe
04c5e04531333a8f5821e2ccd26c74af
Notepad__.exe
test2.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !