× I cookies sono disabilitati! Questo sito richiede i cookies abilitati per funzionare correttamente
SHA256: 890df093e90e2b12ba2cc6dba0910adb163d3402c286886671162224df37e19f
Nome del file: WinSetupFromUSB-1-6.exe
Rapporto rilevamento: 4 / 52
Data analisi: 2016-07-21 14:13:08 UTC ( 2 anni, 7 mesi fa ) Leggli gli ultimi
Antivirus Risultato Aggiornamento
AegisLab Backdoor.W32.Asper.lwJD 20160721
Baidu Win32.Trojan.WisdomEyes.151026.9950.9981 20160721
ClamAV Win.Trojan.Fujacks-439 20160721
Jiangmin Backdoor/WinUOJ.cqg 20160721
Ad-Aware 20160721
AhnLab-V3 20160721
Alibaba 20160721
ALYac 20160721
Antiy-AVL 20160721
Arcabit 20160721
Avast 20160721
AVG 20160721
Avira (no cloud) 20160721
AVware 20160721
BitDefender 20160721
Bkav 20160721
CAT-QuickHeal 20160721
CMC 20160715
Comodo 20160721
Cyren 20160721
DrWeb 20160721
Emsisoft 20160721
ESET-NOD32 20160721
F-Prot 20160721
F-Secure 20160721
Fortinet 20160721
GData 20160721
Ikarus 20160721
K7AntiVirus 20160721
K7GW 20160721
Kaspersky 20160721
Kingsoft 20160721
Malwarebytes 20160721
McAfee 20160721
McAfee-GW-Edition 20160721
Microsoft 20160721
eScan 20160721
NANO-Antivirus 20160721
nProtect 20160721
Panda 20160721
Qihoo-360 20160721
Sophos AV 20160721
SUPERAntiSpyware 20160721
Symantec 20160721
Tencent 20160721
TheHacker 20160720
TrendMicro 20160721
TrendMicro-HouseCall 20160721
VBA32 20160721
VIPRE 20160721
ViRobot 20160721
Zillya 20160720
Zoner 20160721
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 1999-2012 Igor Pavlov

Product 7-Zip
Original name 7z.sfx.exe
Internal name 7z.sfx
File version 9.30 alpha
Description 7z SFX
Packers identified
F-PROT Unicode, NSIS, appended, UPX_LZMA, Aspack, PECompact, UTF-8, UPX, 7Z, PecBundle
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-10-26 11:03:35
Entry Point 0x0001DC22
Number of sections 5
PE sections
Overlays
MD5 f756db3058fdd029e7f1c8223de3c059
File type data
Offset 162816
Size 24760989
Entropy 8.00
PE imports
GetLastError
GetStdHandle
EnterCriticalSection
FileTimeToSystemTime
lstrlenA
RemoveDirectoryW
WaitForSingleObject
SetEvent
GetTickCount
SetFileTime
SetFileAttributesW
GetVersionExA
RemoveDirectoryA
GetCommandLineW
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoA
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetFileSize
lstrcatA
CreateDirectoryA
DeleteFileA
GetCurrentDirectoryA
FormatMessageW
MultiByteToWideChar
GetFileInformationByHandle
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
FormatMessageA
GetFullPathNameA
GetModuleFileNameW
GetModuleHandleA
GetFullPathNameW
CloseHandle
WideCharToMultiByte
SetFileAttributesA
SetFilePointer
ReadFile
WriteFile
GetCurrentProcess
FindFirstFileA
ResetEvent
FindFirstFileW
GetModuleHandleW
SetPriorityClass
LocalFree
MoveFileA
InitializeCriticalSection
CreateFileW
VirtualFree
CreateEventA
FindClose
Sleep
MoveFileW
SetEndOfFile
CreateFileA
GetProcAddress
VirtualAlloc
SetLastError
LeaveCriticalSection
_purecall
__p__fmode
malloc
__CxxFrameHandler
??1type_info@@UAE@XZ
memset
__dllonexit
strlen
_except_handler3
?terminate@@YAXXZ
_onexit
wcslen
exit
_XcptFilter
memcmp
__setusermatherr
__p__commode
_acmdln
_CxxThrowException
_adjust_fdiv
free
__getmainargs
_exit
memmove
memcpy
_beginthreadex
_initterm
_controlfp
__set_app_type
SysAllocStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
SysAllocString
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
GetParent
MapDialogRect
EndDialog
CharUpperW
KillTimer
ShowWindow
MessageBoxW
GetWindowRect
SetDlgItemTextA
PostMessageA
MoveWindow
DialogBoxParamW
SetWindowLongA
DialogBoxParamA
CharUpperA
CheckDlgButton
LoadStringA
SystemParametersInfoA
SetWindowTextA
SendMessageW
GetWindowLongA
SendMessageA
LoadStringW
SetWindowTextW
GetDlgItem
ScreenToClient
InvalidateRect
wsprintfA
GetWindowTextLengthA
SetTimer
LoadCursorA
LoadIconA
IsDlgButtonChecked
GetWindowTextW
GetWindowTextLengthW
GetWindowTextA
SetCursor
CoUninitialize
CoCreateInstance
CoInitialize
OleInitialize
Number of PE resources by type
RT_STRING 11
RT_DIALOG 4
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 19
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
50176

ImageVersion
0.0

ProductName
7-Zip

FileVersionNumber
9.30.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Large address aware, 32-bit

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
7z.sfx.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
9.30 alpha

TimeStamp
2012:10:26 13:03:35+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
7z.sfx

ProductVersion
9.30 alpha

FileDescription
7z SFX

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright (c) 1999-2012 Igor Pavlov

MachineType
Intel 386 or later, and compatibles

CompanyName
Igor Pavlov

CodeSize
129024

FileSubtype
0

ProductVersionNumber
9.30.0.0

EntryPoint
0x1dc22

ObjectFileType
Executable application

File identification
MD5 ab910f5ce935fa4cfb53b635c64030c4
SHA1 d0fbcc82698f715cee200212508886f64c30c36c
SHA256 890df093e90e2b12ba2cc6dba0910adb163d3402c286886671162224df37e19f
ssdeep
393216:qaXQVrZacTxKRQ/AWSYNJ3N1LwtvgphIuMGuxkdXyL4qQaSmhzEWGkgzV+hTB:RQOi5SuLwt4phI5zepyEqQyhVLgzV+h1

authentihash cd3215604a3a47975b02f59e64c84a4fe75d6d5c62d685724dac53b71bc89458
imphash e24db73d03357361f784bcc8267e1019
File size 23.8 MB ( 24923805 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (33.7%)
Win64 Executable (generic) (29.8%)
Microsoft Visual C++ compiled executable (generic) (17.8%)
Win32 Dynamic Link Library (generic) (7.1%)
Win32 Executable (generic) (4.8%)
Tags
peexe nsis overlay aspack pecompact upx via-tor

VirusTotal metadata
First submission 2015-11-28 20:18:36 UTC ( 3 anni, 2 mesi fa )
Last submission 2019-02-10 06:13:19 UTC ( 1 settimana, 1 giorno fa )
Nomi dei files WinSetupFromUSB.exe
WinSetupFromUSB-1-6.sanet.me.exe
WinSetupFromUSB-1-6.exe
WinSetupFromUSB-1-620170702-7245-1vs4jqf.exe
WinSetupFromUSB-1-6.exe
WinSetupFromUSB-1-6 (1).exe
WinSetupFromUSB-1-6.exe
WinSetupFromUSB-1-6_2.exe
filename
WinSetupFromUSB-1-6.exe
WinSetupFromUSB-1-6.exe
WinSetupFromUSB-1-6 (2).exe
rsload.net.WinSetupFromUSB-1-6.exe
WinSetupFromUSB-1-6_001.exe
WinSetupFromUSB-1-6_[www.programosy.pl].exe
7z.sfx.exe
WinSetupFromUSB-1-6(multi-bootable usb).exe
7z.sfx
WinSetupFromUSB-1-6(2).exe
WinSetupFromUSB-1-6.exe
WinSetupFromUSB-1-6.exe
WinSetupFromUSB-1-6.exe
WinSetupFromUSB-1-6.exe
WinSetupFromUSB-1-6_.exe
WinSetupFromUSB_Setup.exe
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspici.2B1358E1.

Nessun commento. Nessun membro della Comunità di VirusTotal ha commentato questo item, sii il primo a farlo!

Lascia il tuo commento...

?
Posta commento

Non ti sei ancora collegato. Solo gli utenti registrati possono commentare, collegati ed esprimi il tuo giudizio!

Nessun voto. Nessuno ha ancora votato questo item, sii il primo a farlo!