× Kolačići su onemogućeni. Ovo web-mesto zahtijeva kolačiće kako bi normalno funkcioniralo
SHA256: 3cd7dcb5845916164815f31a9a9d3b030ff2f708c7e604462a1c576c639f1479
Ime datoteke: antycheat.exe
Omjer otkrivanja: 0 / 67
Datum analize: 2018-09-13 14:26:58 UTC (prije 8 mjeseci, 2 tjedna) Pogledaj posljednje
Antivirus Rezultat Ažuriranje
Ad-Aware 20180913
AegisLab 20180913
AhnLab-V3 20180913
Alibaba 20180713
ALYac 20180913
Antiy-AVL 20180913
Arcabit 20180913
Avast 20180913
Avast-Mobile 20180913
AVG 20180913
Avira (no cloud) 20180913
AVware 20180913
Babable 20180907
Baidu 20180912
BitDefender 20180913
Bkav 20180912
CAT-QuickHeal 20180912
ClamAV 20180913
CMC 20180913
Comodo 20180913
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180913
Cyren 20180913
DrWeb 20180913
eGambit 20180913
Emsisoft 20180913
Endgame 20180730
ESET-NOD32 20180913
F-Prot 20180913
F-Secure 20180913
Fortinet 20180913
GData 20180913
Ikarus 20180913
Sophos ML 20180717
Jiangmin 20180912
K7AntiVirus 20180913
K7GW 20180913
Kaspersky 20180913
Kingsoft 20180913
Malwarebytes 20180913
MAX 20180913
McAfee 20180913
McAfee-GW-Edition 20180913
Microsoft 20180913
eScan 20180913
NANO-Antivirus 20180913
Palo Alto Networks (Known Signatures) 20180913
Panda 20180913
Qihoo-360 20180913
Rising 20180913
SentinelOne (Static ML) 20180830
Sophos AV 20180913
SUPERAntiSpyware 20180907
Symantec 20180912
Symantec Mobile Insight 20180911
TACHYON 20180913
Tencent 20180913
TheHacker 20180913
TrendMicro 20180913
TrendMicro-HouseCall 20180913
Trustlook 20180913
VBA32 20180913
VIPRE 20180913
ViRobot 20180913
Webroot 20180913
Yandex 20180912
Zillya 20180912
ZoneAlarm by Check Point 20180913
Zoner 20180913
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(C) Lubenica98

Product eFlame
Description eFlame
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-09-11 10:15:20
Entry Point 0x000014C0
Number of sections 8
PE sections
PE imports
SelectObject
CreateFontA
GetStockObject
DeleteDC
SetBkMode
GetStdHandle
ReleaseMutex
GetFileAttributesA
WaitForSingleObject
GetHandleInformation
GetFileAttributesW
CreatePipe
GetCurrentProcess
GetFileInformationByHandle
GetThreadContext
GetFileTime
IsDBCSLeadByteEx
WideCharToMultiByte
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GetThreadPriority
LocalFree
ResumeThread
InitializeCriticalSection
FindClose
InterlockedDecrement
FormatMessageA
SetFileAttributesW
GetEnvironmentVariableW
SetLastError
DeviceIoControl
CopyFileW
RemoveDirectoryW
TryEnterCriticalSection
GetModuleFileNameA
SetThreadPriority
CreateDirectoryExW
AllocConsole
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
SetFilePointerEx
SetProcessAffinityMask
CreateMutexA
GetModuleHandleA
GetFullPathNameW
InterlockedExchangeAdd
CreateSemaphoreA
CreateThread
MoveFileExW
DeleteCriticalSection
SetUnhandledExceptionFilter
SetHandleInformation
SetThreadContext
TerminateProcess
SetCurrentDirectoryW
VirtualQuery
LocalFileTimeToFileTime
FindAtomA
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
AreFileApisANSI
EnterCriticalSection
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetStartupInfoA
GetWindowsDirectoryW
AddAtomA
CreateDirectoryA
CreateDirectoryW
DeleteFileW
GetProcAddress
SetCriticalSectionSpinCount
GetModuleFileNameW
FindNextFileW
ResetEvent
FindFirstFileW
DuplicateHandle
WaitForMultipleObjects
GetProcessAffinityMask
CreateFileW
CreateEventA
TlsSetValue
CreateFileA
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
GetAtomNameA
GetCurrentDirectoryW
GetCurrentProcessId
GetDiskFreeSpaceExW
SetFileTime
GetCurrentDirectoryA
GetCurrentThread
SuspendThread
ReleaseSemaphore
SetFilePointer
ReadFile
CloseHandle
GetModuleHandleW
GetFileAttributesExW
CreateProcessA
Sleep
GetMessageA
UpdateWindow
BeginPaint
PostQuitMessage
DefWindowProcA
ShowWindow
SetWindowPos
GetSystemMetrics
MessageBoxW
DispatchMessageA
EndPaint
MessageBoxA
TranslateMessage
GetDC
RegisterClassExA
DrawTextA
SendMessageA
SetWindowTextW
InvalidateRect
wsprintfA
CreateWindowExA
LoadCursorA
LoadIconA
GetClientRect
CreateWindowExW
DestroyWindow
InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
socket
recv
inet_addr
send
WSACleanup
WSAStartup
gethostbyname
connect
inet_ntoa
htons
closesocket
WSAGetLastError
__lconv_init
wcsftime
getc
fclose
_snwprintf
fflush
_fmode
fputc
_wgetenv
strtod
fwrite
fputs
_setjmp
iswctype
wcscoll
__dllonexit
_wfopen
_write
strcoll
memcpy
strstr
memmove
signal
remove
strcmp
memchr
strncmp
memset
strcat
putwc
wcscpy
__pioinfo
strchr
clock
fgetpos
fsetpos
exit
sprintf
mbstowcs
_acmdln
free
ungetc
_fstati64
__getmainargs
ungetwc
_lseeki64
_vsnprintf
_read
wcsxfrm
strcpy
__mb_cur_max
_initterm
strftime
_iob
setlocale
realloc
strxfrm
__doserrno
_open_osfhandle
calloc
printf
fopen
strncpy
_cexit
raise
system
_onexit
wcslen
putc
memcmp
__setusermatherr
_isctype
_pctype
getenv
atoi
vfprintf
localeconv
strerror
isspace
_beginthreadex
_strnicmp
_setmode
malloc
fread
abort
fprintf
getwc
towupper
strlen
_endthreadex
_amsg_exit
_fdopen
_errno
_lock
__initenv
towlower
_fileno
longjmp
tolower
_unlock
fwprintf
_exit
_filelengthi64
_ftime
setvbuf
__set_app_type
Number of PE resources by type
RT_ICON 6
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 8
PE resources
ExifTool file metadata
UninitializedDataSize
30720

LinkerVersion
2.25

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
eFlame

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit, No debug

CharacterSet
Windows, Latin1

InitializedDataSize
967168

EntryPoint
0x14c0

MIMEType
application/octet-stream

LegalCopyright
(C) Lubenica98

TimeStamp
2018:09:11 10:15:20+00:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Unknown (0)

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
780800

ProductName
eFlame

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 1f43234c53ac80efe56c9b752e592beb
SHA1 32715fd97bca4bff3e0d7d836e6644b15bf84efc
SHA256 3cd7dcb5845916164815f31a9a9d3b030ff2f708c7e604462a1c576c639f1479
ssdeep
24576:MVOqRwS5c39cvQK5pUl5YCNYbv9cr7nyF4BnRiZe:kRwf3un5Q6v90Ly

authentihash 249de51791e349144681d1479d3334c96802da789d84c5cf80fbc3f40be42f86
imphash 523863e49f4054373d6aa35f41691e65
File size 945.5 KB ( 968192 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-13 14:26:58 UTC (prije 8 mjeseci, 2 tjedna)
Last submission 2018-09-13 14:26:58 UTC (prije 8 mjeseci, 2 tjedna)
Imena datoteka antycheat.exe
Nema komentara.. Nijedan član zajednice VirusTotala još nije prokomentirao ovu stavku. Budite prvi koji će to napraviti!

Ostavite komentar…

?
Postavi komentar

Niste prijavljeni. Samo registrirani korisnici mogu ostavljati komentare. Otvorite račun i razglasite se!

Nema glasova.. Još nitko nije glasovao za ovu stavku. Budite prvi koji će to napraviti!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections