× Sütik letiltva! Az oldal helyes működéséhez engedélyezni kell a sütiket.
SHA256: adac61b3afceb0b5d4cce794fc5b5aaf866a3b958bf79c454d90f1f5dc17f0b2
Fájl neve: MemHistoryFree.exe
Észlelési arány: 1 / 67
Elemzés ideje: 2017-11-14 17:02:41 UTC ( 3 hét, 6 nap ezelőtt ) Legfrissebb megtekintése
Vírusirtó Eredmény Utolsó frissítés
Cylance Unsafe 20171114
Ad-Aware 20171114
AegisLab 20171114
AhnLab-V3 20171114
Alibaba 20170911
ALYac 20171114
Antiy-AVL 20171114
Arcabit 20171114
Avast 20171114
Avast-Mobile 20171114
AVG 20171114
Avira (no cloud) 20171114
AVware 20171114
Baidu 20171114
BitDefender 20171114
Bkav 20171114
CAT-QuickHeal 20171114
ClamAV 20171114
CMC 20171109
Comodo 20171114
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cyren 20171114
DrWeb 20171114
eGambit 20171114
Emsisoft 20171114
Endgame 20171024
ESET-NOD32 20171114
F-Prot 20171114
F-Secure 20171114
Fortinet 20171114
GData 20171114
Ikarus 20171114
Sophos ML 20170914
Jiangmin 20171114
K7AntiVirus 20171114
K7GW 20171114
Kaspersky 20171114
Kingsoft 20171114
Malwarebytes 20171114
MAX 20171114
McAfee 20171114
McAfee-GW-Edition 20171114
Microsoft 20171114
eScan 20171114
NANO-Antivirus 20171114
nProtect 20171114
Palo Alto Networks (Known Signatures) 20171114
Panda 20171114
Qihoo-360 20171114
Rising 20171114
SentinelOne (Static ML) 20171113
Sophos AV 20171114
SUPERAntiSpyware 20171114
Symantec 20171114
Symantec Mobile Insight 20171114
Tencent 20171114
TheHacker 20171112
TrendMicro 20171114
TrendMicro-HouseCall 20171114
Trustlook 20171114
VBA32 20171114
VIPRE 20171114
ViRobot 20171114
Webroot 20171114
WhiteArmor 20171104
Yandex 20171113
Zillya 20171114
ZoneAlarm by Check Point 20171114
Zoner 20171114
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright© 2017 - Thomas Petro

Product Memory History Tool
Original name MemHistory.exe
Internal name Memory History Tool
File version 2.7.2.6
Description Memory History Tool Application
Comments Developer: Thomas Petro - tamas.petro82@gmail.com - www.lattonsoft.hu
Packers identified
F-PROT UPX
PEiD UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00DDCE10
Number of sections 3
PE sections
PE imports
VirtualProtect
LoadLibraryA
ExitProcess
GetProcAddress
RegCloseKey
ImageList_Add
SaveDC
CoInitialize
VariantCopy
ExtractIconA
VerQueryValueA
sndPlaySoundA
Number of PE resources by type
RT_RCDATA 21
RT_STRING 20
RT_ICON 12
RT_BITMAP 11
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_DIALOG 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 43
ENGLISH US 25
HUNGARIAN DEFAULT 14
PE resources
ExifTool file metadata
LegalTrademarks
Lat-Ton, Lattonsoft, MemHistory

SubsystemVersion
4.0

Comments
Developer: Thomas Petro - tamas.petro82@gmail.com - www.lattonsoft.hu

LinkerVersion
2.25

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.7.2.6

LanguageCode
Hungarian

FileFlagsMask
0x003f

FileDescription
Memory History Tool Application

CharacterSet
Windows, Latin2 (Eastern European)

InitializedDataSize
36864

EntryPoint
0xddce10

OriginalFileName
MemHistory.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2017 - Thomas Petro

FileVersion
2.7.2.6

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Memory History Tool

ProductVersion
v2

UninitializedDataSize
13983744

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Lat-Ton Limited Partnership

CodeSize
552960

ProductName
Memory History Tool

ProductVersionNumber
2.7.2.6

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 c25a32ccf92680a35b74027afa594b88
SHA1 862353018c57f7eb01a761743995f72b33522d3a
SHA256 adac61b3afceb0b5d4cce794fc5b5aaf866a3b958bf79c454d90f1f5dc17f0b2
ssdeep
12288:gmGwQcVB7FZeYYs08ZawTXg0OaRDLeQB:PQcVBWYXTXg0OJM

authentihash 505a13409d2170fa5d30a58c2748bf61b03a736c27adca3c1525243924abadae
imphash ff8575f3a4e030a22ae6f2dd546595ad
Fájl méret 573.5 KB ( 587264 bytes )
Fájl típus Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (61.1%)
Win32 Dynamic Link Library (generic) (14.8%)
Win32 Executable (generic) (10.1%)
Win16/32 Executable Delphi generic (4.6%)
Generic Win/DOS Executable (4.5%)
Tags
peexe upx

VirusTotal metadata
First submission 2017-11-14 17:02:41 UTC ( 3 hét, 6 nap ezelőtt )
Last submission 2017-11-17 07:41:08 UTC ( 3 hét, 3 nap ezelőtt )
Fájl nevek Memory History Tool
MemHistoryFree.exe
MemHistory.exe
MemHistoryFree.exe
862353018c57f7eb01a761743995f72b33522d3a
MemHistoryFree.exe
Nincsenek hozzászólások. Még egy VirusTotal felhasználó sem írt bejegyzést ehhez, legyél te az első!

Hozzászólás írása...

?
Hozzászólás elküldése

Nem vagy bejelentkezve. Csak regisztrált felhasználók írhatnak hozzászólást, jelentkezz be és oszd meg a véleményed!

Nincsenek szavazatok. Még senki nem szavazott, legyél te az első!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Runtime DLLs
UDP communications