× I cookies sono disabilitati! Questo sito richiede i cookies abilitati per funzionare correttamente
SHA256: 4c4933665a96805943aba5f4c660fed571516b4ffdb2c2f55489af6d8d4a7437
Nome del file: 7ZSfxMod
Rapporto rilevamento: 8 / 57
Data analisi: 2015-03-03 17:04:14 UTC ( 1 anno, 11 mesi fa )
Antivirus Risultato Aggiornamento
Avast Win32:GenMalicious-AMZ [Trj] 20150303
Avira (no cloud) TR/Rogue.htrt 20150303
GData Win32.Trojan.Agent.G9ZDF5 20150303
McAfee Artemis!ABF56BDC8281 20150303
McAfee-GW-Edition Artemis 20150303
Qihoo-360 Win32/Trojan.ca1 20150303
Symantec WS.Reputation.1 20150303
TrendMicro-HouseCall Suspicious_GEN.F47V0210 20150303
ALYac 20150303
AVG 20150303
AVware 20150303
Ad-Aware 20150303
AegisLab 20150303
Yandex 20150228
AhnLab-V3 20150303
Alibaba 20150303
Antiy-AVL 20150303
Baidu-International 20150303
BitDefender 20150303
Bkav 20150303
ByteHero 20150303
CAT-QuickHeal 20150303
CMC 20150301
ClamAV 20150303
Comodo 20150303
Cyren 20150303
DrWeb 20150303
ESET-NOD32 20150303
Emsisoft 20150303
F-Prot 20150303
F-Secure 20150303
Fortinet 20150303
Ikarus 20150303
Jiangmin 20150302
K7AntiVirus 20150303
K7GW 20150303
Kaspersky 20150303
Kingsoft 20150303
Malwarebytes 20150303
eScan 20150303
Microsoft 20150303
NANO-Antivirus 20150303
Norman 20150303
Panda 20150303
Rising 20150303
SUPERAntiSpyware 20150303
Sophos 20150303
Tencent 20150303
TheHacker 20150303
TotalDefense 20150303
TrendMicro 20150303
VBA32 20150303
VIPRE 20150303
ViRobot 20150303
Zillya 20150303
Zoner 20150303
nProtect 20150303
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2005-2012 Oleg N. Scherbakov

Publisher Oleg N. Scherbakov
Product 7-Zip SFX
Original name 7ZSfxMod_x86.exe
Internal name 7ZSfxMod
File version 1.5.0.2712
Description 7z Setup SFX (x86)
Packers identified
F-PROT 7Z, UPX
PEiD UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-12-30 08:49:43
Entry Point 0x0002B450
Number of sections 3
PE sections
PE imports
DeleteDC
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
OleLoadPicture
SHGetMalloc
CoInitialize
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
RUSSIAN 2
ENGLISH US 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.5.0.2712

UninitializedDataSize
114688

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
61440

FileOS
Windows NT 32-bit

PrivateBuild
December 30, 2012

MIMEType
application/octet-stream

LegalCopyright
Copyright 2005-2012 Oleg N. Scherbakov

FileVersion
1.5.0.2712

TimeStamp
2012:12:30 09:49:43+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
7ZSfxMod

ProductVersion
1.5.0.2712

FileDescription
7z Setup SFX (x86)

OSVersion
4.0

OriginalFilename
7ZSfxMod_x86.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Oleg N. Scherbakov

CodeSize
61440

ProductName
7-Zip SFX

ProductVersionNumber
1.5.0.2712

EntryPoint
0x2b450

ObjectFileType
Executable application

File identification
MD5 abf56bdc82818fa8bf8209549852316e
SHA1 cda691187c01ad15b55597271eaf99ef37cc92e8
SHA256 4c4933665a96805943aba5f4c660fed571516b4ffdb2c2f55489af6d8d4a7437
ssdeep
12288:PdgXdsxZoMRxaks/+6vYRLURfeMY/3DzEgB2167LA7yQVQL:VUdsHtRwkKrvgUsHvvEgBK63AuQVG

authentihash 55fe71c6cf4c768221b4825c9975314e2e4be5dbd01d902ef4771c1b139dda12
imphash b9aae71f12ba258e48a651bbd50fa7f5
File size 503.3 KB ( 515377 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
Tags
peexe upx

VirusTotal metadata
First submission 2015-02-10 17:03:35 UTC ( 2 anni fa )
Last submission 2015-02-13 16:22:17 UTC ( 2 anni fa )
Nomi dei files 7ZSfxMod
7ZSfxMod_x86.exe
FlashUpdater.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Nessun commento. Nessun membro della Comunità di VirusTotal ha commentato questo item, sii il primo a farlo!

Lascia il tuo commento...

?
Posta commento

Non ti sei ancora collegato. Solo gli utenti registrati possono commentare, collegati ed esprimi il tuo giudizio!

Nessun voto. Nessuno ha ancora votato questo item, sii il primo a farlo!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.