× Kolačići su onemogućeni. Ovo web-mesto zahtijeva kolačiće kako bi normalno funkcioniralo
SHA256: 3b62d12a59486adf905bb1418ff38c4b73883ad834adfb7a07cd6038461b4fc3
Ime datoteke: unsafediscx_v143.exe
Omjer otkrivanja: 21 / 65
Datum analize: 2017-09-26 18:01:35 UTC (prije 6 mjeseci, 3 tjedna)
Antivirus Rezultat Ažuriranje
AegisLab Agent3.Aamk.Gen!c 20170926
Avast FileRepMalware 20170926
AVG FileRepMalware 20170926
AVware Trojan.Win32.Generic!BT 20170926
ClamAV Win.Trojan.776160-1 20170926
Cylance Unsafe 20170926
Cyren W32/Risk.XMLF-6437 20170926
DrWeb Trojan.Siggen4.41721 20170926
F-Prot W32/MalwareF.NPVQ 20170926
Fortinet W32/Malware_fam.NB 20170926
GData Win32.Trojan.Agent.MYOJ0A 20170926
McAfee Generic.dx!bu 20170926
McAfee-GW-Edition Generic.dx!bu 20170926
NANO-Antivirus Trojan.Win32.TrjGen.duupws 20170926
Panda Trj/CI.A 20170926
Rising Malware.Undefined!8.C (CLOUD) 20170926
Sophos AV Mal/Generic-S 20170926
Symantec Trojan.ADH 20170926
VIPRE Trojan.Win32.Generic!BT 20170926
ViRobot Spyware.Agent.244221 20170926
Webroot W32.Malware.Gen 20170926
Ad-Aware 20170926
AhnLab-V3 20170926
Alibaba 20170911
ALYac 20170926
Antiy-AVL 20170926
Arcabit 20170926
Avast-Mobile 20170926
Avira (no cloud) 20170926
Baidu 20170926
BitDefender 20170926
CAT-QuickHeal 20170926
CMC 20170926
Comodo 20170926
CrowdStrike Falcon (ML) 20170804
Emsisoft 20170926
Endgame 20170821
ESET-NOD32 20170926
F-Secure 20170926
Ikarus 20170926
Sophos ML 20170914
Jiangmin 20170926
K7AntiVirus 20170926
K7GW 20170926
Kaspersky 20170926
Kingsoft 20170926
Malwarebytes 20170926
MAX 20170926
Microsoft 20170925
eScan 20170926
nProtect 20170926
Palo Alto Networks (Known Signatures) 20170926
Qihoo-360 20170926
SentinelOne (Static ML) 20170806
SUPERAntiSpyware 20170926
Symantec Mobile Insight 20170926
Tencent 20170926
TheHacker 20170925
TotalDefense 20170926
TrendMicro 20170926
TrendMicro-HouseCall 20170926
Trustlook 20170926
VBA32 20170926
WhiteArmor 20170829
Yandex 20170908
Zillya 20170926
ZoneAlarm by Check Point 20170926
Zoner 20170926
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
Command NSIS, NSIS
F-PROT NSIS, appended, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-10-17 21:19:57
Entry Point 0x00004168
Number of sections 4
PE sections
Overlays
MD5 04f8f96c9040c2a05d9a11cd2f3bb1b6
File type data
Offset 37888
Size 206333
Entropy 8.00
PE imports
RegDeleteKeyA
RegCloseKey
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyA
RegCreateKeyA
ImageList_Create
Ord(17)
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
SetBkMode
CreateFontA
CreateBrushIndirect
CreateFontIndirectA
CreateSolidBrush
SelectObject
SetBkColor
DeleteObject
SetTextColor
SetFilePointer
GetUserDefaultLangID
ReadFile
LoadLibraryA
CreateFileMappingA
GetFileAttributesA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
CopyFileA
ExitProcess
SetFileTime
GlobalUnlock
GetModuleFileNameA
RemoveDirectoryA
GetShortPathNameA
GetCurrentProcess
CompareFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileSize
lstrcatA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
MultiByteToWideChar
GetCommandLineA
GlobalLock
SetFileAttributesA
lstrlenA
GetTempPathA
lstrcmpiA
CreateThread
MapViewOfFile
GetModuleHandleA
FindFirstFileA
lstrcpyA
CloseHandle
GetTempFileNameA
lstrcpynA
FindNextFileA
GetSystemDirectoryA
GetDiskFreeSpaceA
ExpandEnvironmentStringsA
GetFullPathNameA
FreeLibrary
MoveFileA
CreateProcessA
GetEnvironmentVariableA
UnmapViewOfFile
WriteFile
GlobalAlloc
SearchPathA
FindClose
Sleep
SetEndOfFile
CreateFileA
GetTickCount
GetVersion
GetProcAddress
MulDiv
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SHFileOperationA
SetFocus
CharPrevA
GetMessagePos
EmptyClipboard
GetWindowTextA
EndDialog
BeginPaint
DefWindowProcA
PostQuitMessage
CreatePopupMenu
GetClassInfoA
SetClassLongA
LoadBitmapA
SetWindowPos
GetSystemMetrics
IsWindow
AppendMenuA
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
LoadImageA
GetDlgItemTextA
MapWindowPoints
MessageBoxA
PeekMessageA
CloseClipboard
DialogBoxParamA
GetSysColor
GetDC
SetWindowLongA
DrawTextA
SystemParametersInfoA
SetWindowTextA
wsprintfA
ShowWindow
SetClipboardData
FindWindowExA
SendMessageA
IsWindowEnabled
GetClientRect
CreateWindowExA
GetDlgItem
CreateDialogParamA
ScreenToClient
SetRect
GetWindowLongA
SendMessageTimeoutA
SetTimer
LoadCursorA
LoadIconA
TrackPopupMenu
FillRect
RegisterClassA
OpenClipboard
CharNextA
GetDesktopWindow
CallWindowProcA
EndPaint
SetForegroundWindow
DestroyWindow
ExitWindowsEx
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
OleUninitialize
CoCreateInstance
OleInitialize
Number of PE resources by type
RT_DIALOG 7
RT_BITMAP 1
RT_GROUP_ICON 1
RT_MANIFEST 1
RT_ICON 1
Number of PE resources by language
ENGLISH US 11
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2002:10:17 22:19:57+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
24576

LinkerVersion
6.0

EntryPoint
0x4168

InitializedDataSize
154112

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 433241f9a1741c041f7cc4b76e0ad35d
SHA1 f208dafbaae11b8f3f9f268f1b456ca73a12f8f7
SHA256 3b62d12a59486adf905bb1418ff38c4b73883ad834adfb7a07cd6038461b4fc3
ssdeep
6144:RlNGFS0EQfHA5KFrJoivkllrK+4k5UcxOiqjThJZxN:R/Gk0EQfH3rJoi8llxBJOiYrxN

authentihash 71117cab6ea3a194ce486934f1c3d759baf54487227ef3aa632941e442b26c8e
imphash 7aa5ef58e6bcc81511f7ed6026ff8a22
File size 238.5 KB ( 244221 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID NSIS - Nullsoft Scriptable Install System (91.9%)
Win32 Executable MS Visual C++ (generic) (3.3%)
Win64 Executable (generic) (3.0%)
Win32 Dynamic Link Library (generic) (0.7%)
Win32 Executable (generic) (0.4%)
Tags
nsis peexe overlay

VirusTotal metadata
First submission 2006-06-07 18:52:33 UTC (prije 11 godine, 10 mjeseci)
Last submission 2017-09-26 18:01:35 UTC (prije 6 mjeseci, 3 tjedna)
Imena datoteka output.1237026.txt
UnSafeDisc.exe
1266352042.unsafediscx_v143.exe
unsafediscx_v143.exe
unsafediscx_v143.exe
1237026
smona_3b62d12a59486adf905bb1418ff38c4b73883ad834adfb7a07cd6038461b4fc3.bin
unsafediscx_v143.exe
unsafediscx_v143.exe
smona131625236038006997824
f208dafbaae11b8f3f9f268f1b456ca73a12f8f7.bin
3b62d12a59486adf905bb1418ff38c4b73883ad834adfb7a07cd6038461b4fc3
file-2979419_exe
unSafeDiscX 1.43.exe
unsafediscx_v143.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R047C0EH515.

Nema komentara.. Nijedan član zajednice VirusTotala još nije prokomentirao ovu stavku. Budite prvi koji će to napraviti!

Ostavite komentar…

?
Postavi komentar

Niste prijavljeni. Samo registrirani korisnici mogu ostavljati komentare. Otvorite račun i razglasite se!

Nema glasova.. Još nitko nije glasovao za ovu stavku. Budite prvi koji će to napraviti!