× Sütik letiltva! Az oldal helyes működéséhez engedélyezni kell a sütiket.
SHA256: 51eb066105ef6cf079937f11ad1f7e1fb094850c35129a218ceaf4039f633e2a
Fájl neve: EmailSendProc.exe
Észlelési arány: 1 / 67
Elemzés ideje: 2017-11-14 16:57:43 UTC ( 1 hónap ezelőtt ) Legfrissebb megtekintése
Vírusirtó Eredmény Utolsó frissítés
Cylance Unsafe 20171114
Ad-Aware 20171114
AegisLab 20171114
AhnLab-V3 20171114
Alibaba 20170911
ALYac 20171114
Antiy-AVL 20171114
Arcabit 20171114
Avast 20171114
Avast-Mobile 20171114
AVG 20171114
Avira (no cloud) 20171114
AVware 20171114
Baidu 20171114
BitDefender 20171114
Bkav 20171114
CAT-QuickHeal 20171114
ClamAV 20171114
CMC 20171109
Comodo 20171114
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cyren 20171114
DrWeb 20171114
eGambit 20171114
Emsisoft 20171114
Endgame 20171024
ESET-NOD32 20171114
F-Prot 20171114
F-Secure 20171114
Fortinet 20171114
GData 20171114
Ikarus 20171114
Sophos ML 20170914
Jiangmin 20171114
K7AntiVirus 20171114
K7GW 20171114
Kaspersky 20171114
Kingsoft 20171114
Malwarebytes 20171114
MAX 20171114
McAfee 20171114
McAfee-GW-Edition 20171114
Microsoft 20171114
eScan 20171114
NANO-Antivirus 20171114
nProtect 20171114
Palo Alto Networks (Known Signatures) 20171114
Panda 20171114
Qihoo-360 20171114
Rising 20171114
SentinelOne (Static ML) 20171113
Sophos AV 20171114
SUPERAntiSpyware 20171114
Symantec 20171114
Symantec Mobile Insight 20171114
Tencent 20171114
TheHacker 20171112
TrendMicro 20171114
TrendMicro-HouseCall 20171114
Trustlook 20171114
VBA32 20171114
VIPRE 20171114
ViRobot 20171114
Webroot 20171114
WhiteArmor 20171104
Yandex 20171113
Zillya 20171114
ZoneAlarm by Check Point 20171114
Zoner 20171114
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Lat-Ton

Product Memory History Tool - Email sending module
Original name EmailSend.exe
Internal name EmailSend
File version 1.1.0.0
Description Email sending module
Comments All rights reserved
Packers identified
F-PROT UPX
PEiD UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00139E40
Number of sections 3
PE sections
PE imports
VirtualProtect
LoadLibraryA
ExitProcess
GetProcAddress
RegCloseKey
ImageList_Add
SaveDC
VariantCopy
VerQueryValueA
Number of PE resources by type
RT_STRING 23
RT_ICON 12
RT_BITMAP 11
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_RCDATA 4
RT_DIALOG 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 29
ENGLISH US 25
HUNGARIAN DEFAULT 14
PE resources
ExifTool file metadata
LegalTrademarks
Lat-Ton

SubsystemVersion
4.0

Comments
All rights reserved

LinkerVersion
2.25

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.1.0.0

LanguageCode
Hungarian

FileFlagsMask
0x003f

FileDescription
Email sending module

CharacterSet
Windows, Latin2 (Eastern European)

InitializedDataSize
57344

EntryPoint
0x139e40

OriginalFileName
EmailSend.exe

MIMEType
application/octet-stream

LegalCopyright
Lat-Ton

FileVersion
1.1.0.0

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
EmailSend

ProductVersion
1.1.0.0

UninitializedDataSize
970752

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Lat-Ton

CodeSize
315392

ProductName
Memory History Tool - Email sending module

ProductVersionNumber
1.1.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 06b8c51c1be19218186e8a339ea8e75c
SHA1 1ed5016cafd8116c1d262dec5dc13632be69899a
SHA256 51eb066105ef6cf079937f11ad1f7e1fb094850c35129a218ceaf4039f633e2a
ssdeep
6144:1RtKPbvuGSWByJa/yGuiIU2XC06WZ8oPXFP4g3qyq3JiH:IvR/UyEy0jDPVP4g3qTiH

authentihash 62697c8bda42d440b8d957ace1b4c8e59282efcb31fabac1c18ba92475396085
imphash 4e951e86436c76d700c0d4b4eb177a14
Fájl méret 360.0 KB ( 368640 bytes )
Fájl típus Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (61.1%)
Win32 Dynamic Link Library (generic) (14.8%)
Win32 Executable (generic) (10.1%)
Win16/32 Executable Delphi generic (4.6%)
Generic Win/DOS Executable (4.5%)
Tags
peexe upx

VirusTotal metadata
First submission 2017-11-14 16:57:43 UTC ( 1 hónap ezelőtt )
Last submission 2017-11-14 16:57:43 UTC ( 1 hónap ezelőtt )
Fájl nevek EmailSend
EmailSendProc.exe
EmailSend.exe
EmailSendProc.exe
Nincsenek hozzászólások. Még egy VirusTotal felhasználó sem írt bejegyzést ehhez, legyél te az első!

Hozzászólás írása...

?
Hozzászólás elküldése

Nem vagy bejelentkezve. Csak regisztrált felhasználók írhatnak hozzászólást, jelentkezz be és oszd meg a véleményed!

Nincsenek szavazatok. Még senki nem szavazott, legyél te az első!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Runtime DLLs
UDP communications