× Sütik letiltva! Az oldal helyes működéséhez engedélyezni kell a sütiket.
SHA256: 8fdff52a7430dba14fb97239c7fe414710991f16da269374e0936a1385f3a318
Fájl neve: hiddeninput.exe
Észlelési arány: 0 / 56
Elemzés ideje: 2016-10-13 16:58:19 UTC ( 6 hónap, 1 hét ezelőtt ) Legfrissebb megtekintése
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Vírusirtó Eredmény Utolsó frissítés
Ad-Aware 20161013
AegisLab 20161013
AhnLab-V3 20161013
Alibaba 20161013
ALYac 20161013
Antiy-AVL 20161013
Arcabit 20161013
Avast 20161013
AVG 20161013
Avira (no cloud) 20161013
AVware 20161013
Baidu 20161013
BitDefender 20161013
Bkav 20161013
CAT-QuickHeal 20161013
ClamAV 20161013
CMC 20161013
Comodo 20161013
CrowdStrike Falcon (ML) 20160725
Cyren 20161013
DrWeb 20161013
Emsisoft 20161013
ESET-NOD32 20161013
F-Prot 20161013
F-Secure 20161013
Fortinet 20161013
GData 20161013
Ikarus 20161013
Invincea 20160928
Jiangmin 20161013
K7AntiVirus 20161013
K7GW 20161013
Kaspersky 20161013
Kingsoft 20161013
Malwarebytes 20161013
McAfee 20161013
McAfee-GW-Edition 20161013
Microsoft 20161013
eScan 20161013
NANO-Antivirus 20161013
nProtect 20161013
Panda 20161013
Qihoo-360 20161013
Rising 20161013
Sophos 20161013
SUPERAntiSpyware 20161013
Symantec 20161013
Tencent 20161013
TheHacker 20161011
TrendMicro 20161013
TrendMicro-HouseCall 20161013
VBA32 20161013
VIPRE 20161013
ViRobot 20161013
Yandex 20161013
Zillya 20161013
Zoner 20161013
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Jordi Boggiano - 2012

Product Hidden Input
Original name hiddeninput.exe
Internal name hiddeninput
File version 1, 0, 0, 0
Description Reads from stdin without leaking info to the terminal and outputs back to stdout
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-03-25 16:54:04
Entry Point 0x00001338
Number of sections 5
PE sections
PE imports
GetCurrentProcess
TerminateProcess
GetStdHandle
SetUnhandledExceptionFilter
GetConsoleMode
GetCurrentProcessId
SetConsoleMode
InterlockedExchange
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
GetTickCount
GetSystemTimeAsFileTime
Sleep
GetCurrentThreadId
InterlockedCompareExchange
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
__p__fmode
__dllonexit
_controlfp_s
_invoke_watson
_cexit
?terminate@@YAXXZ
_lock
__p__commode
_onexit
__initenv
_encode_pointer
_XcptFilter
exit
__setusermatherr
_initterm_e
_crt_debugger_hook
_amsg_exit
_unlock
_adjust_fdiv
__CxxFrameHandler3
_except_handler4_common
__getmainargs
_exit
_decode_pointer
_configthreadlocale
_initterm
__set_app_type
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

InitializedDataSize
5632

ImageVersion
0.0

ProductName
Hidden Input

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
exe

OriginalFileName
hiddeninput.exe

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
1, 0, 0, 0

TimeStamp
2012:03:25 17:54:04+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
hiddeninput

ProductVersion
1, 0, 0, 0

FileDescription
Reads from stdin without leaking info to the terminal and outputs back to stdout

OSVersion
5.0

FileOS
Win32

LegalCopyright
Jordi Boggiano - 2012

MachineType
Intel 386 or later, and compatibles

CodeSize
2560

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x1338

ObjectFileType
Executable application

CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
Execution parents
Compressed bundles
File identification
MD5 3613d8d83b78ce3561680a447eb6a24a
SHA1 995eb0e883c7adebcfadd29100d810cb7f882bcd
SHA256 8fdff52a7430dba14fb97239c7fe414710991f16da269374e0936a1385f3a318
ssdeep
192:6w0dQeZ/V+m2y6AYY2zv5p2kGg23rCuEjJJREq/eN/mHPAj:Wu0kmOVtV2

authentihash 25dabf0f10baa40e86846ab433dac875b436d042f236a2af19bf1d375e1cb953
imphash 0fc09ca2bd356182f843bacca91b7fa5
Fájl méret 9.0 KB ( 9216 bytes )
Fájl típus Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.4%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2013-04-26 02:20:29 UTC ( 3 év, 12 hónap ezelőtt )
Last submission 2017-04-10 09:52:59 UTC ( 1 hét, 5 nap ezelőtt )
Fájl nevek svn-6b7fbb52
12829dbc-ea2e-1af7-540e-534708a778ca_1d283439869bf80
hiddeninput.exe.1416262576_1
hiddeninput.exe
cgi2-black-hiddeninput.exe
995eb0e883c7adebcfadd29100d810cb7f882bcd.svn-base
hiddeninput.exe
hiddeninput.exe
hiddeninput.exe
hiddeninput.exe
svn-6b7e434b
hiddeninput.exe
svn-e0d14099
3b401f21-452f-f26a-9a86-08ce28d30d8e_1d20a2272ef0472
hiddeninput.exe
hiddeninput.exe
svn-e0d3b0a0
hiddeninput.exe
svn-cea15413
cgi19-sipler3-hiddeninput.exe
svn-cea2cc1a
356fbae6a80078f026dce7fa80acf983d018bf8a
hiddeninput.exe
hiddeninput
hiddeninput.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Nincsenek hozzászólások. Még egy VirusTotal felhasználó sem írt bejegyzést ehhez, legyél te az első!

Hozzászólás írása...

?
Hozzászólás elküldése

Nem vagy bejelentkezve. Csak regisztrált felhasználók írhatnak hozzászólást, jelentkezz be és oszd meg a véleményed!

Nincsenek szavazatok. Még senki nem szavazott, legyél te az első!