× I cookies sono disabilitati! Questo sito richiede i cookies abilitati per funzionare correttamente
SHA256: 90cd0e0fbbf8929e4d30db5c0748289d63baca8eed6229a64c1ce1bfc8dd47ab
Nome del file: heidisql32.r4710.exe
Rapporto rilevamento: 1 / 49
Data analisi: 2014-02-13 10:40:23 UTC ( 1 anno, 4 mesi fa ) Leggli gli ultimi
Antivirus Risultato Aggiornamento
Jiangmin Hoax.ArchSMS.ypo 20140213
AVG 20140213
Ad-Aware 20140213
Agnitum 20140212
AhnLab-V3 20140212
AntiVir 20140213
Antiy-AVL 20140213
Avast 20140213
Baidu-International 20140213
BitDefender 20140213
Bkav 20140213
ByteHero 20140213
CAT-QuickHeal 20140213
CMC 20140213
ClamAV 20140213
Commtouch 20140213
Comodo 20140213
DrWeb 20140213
ESET-NOD32 20140213
Emsisoft 20140213
F-Prot 20140211
F-Secure 20140213
Fortinet 20140213
GData 20140213
Ikarus 20140213
K7AntiVirus 20140212
K7GW 20140213
Kaspersky 20140213
Kingsoft 20140213
Malwarebytes 20140213
McAfee 20140213
McAfee-GW-Edition 20140213
MicroWorld-eScan 20140213
Microsoft 20140213
NANO-Antivirus 20140213
Norman 20140213
Panda 20140213
Qihoo-360 20140122
Rising 20140212
SUPERAntiSpyware 20140213
Sophos 20140213
Symantec 20140213
TheHacker 20140212
TotalDefense 20140213
TrendMicro 20140213
TrendMicro-HouseCall 20140213
VBA32 20140212
VIPRE 20140213
ViRobot 20140213
nProtect 20140213
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Developer metadata
Copyright
See GPL license

Product HeidiSQL
Description HeidiSQL 8.3.0.4710 32 Bit
Packers identified
F-PROT UPX_LZMA
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-02-13 08:03:52
Link date 9:03 AM 2/13/2014
Entry Point 0x006DBAB0
Number of sections 3
PE sections
PE imports
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
ImageList_Add
PrintDlgW
DoDragDrop
LresultFromObject
VariantCopy
GetModuleInformation
DragFinish
SHStrDupW
VerQueryValueA
InternetOpenW
timeGetTime
OpenPrinterW
PE exports
Number of PE resources by type
RT_BITMAP 48
RT_STRING 40
RT_RCDATA 34
RT_GROUP_CURSOR 19
RT_CURSOR 19
RT_ICON 3
RT_DIALOG 2
MAD 2
EXE 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 115
ENGLISH US 37
GERMAN 19
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
2.25

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
8.3.0.4710

UninitializedDataSize
5201920

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Windows, Latin1

InitializedDataSize
28672

MIMEType
application/octet-stream

Subsystem
Windows GUI

TimeStamp
2014:02:13 09:03:52+01:00

FileType
Win32 EXE

PEType
PE32

FileAccessDate
2014:03:18 00:50:03+01:00

FileDescription
HeidiSQL 8.3.0.4710 32 Bit

OSVersion
5.0

FileCreateDate
2014:03:18 00:50:03+01:00

FileOS
Win32

LegalCopyright
See GPL license

MachineType
Intel 386 or later, and compatibles

CodeSize
1990656

ProductName
HeidiSQL

ProductVersionNumber
0.0.0.0

EntryPoint
0x6dbab0

ObjectFileType
Executable application

File identification
MD5 4b73601df54289d6822ef15ffa42863d
SHA1 e10eeb8ca417525bf20a6497eafb2c3aa6caeff3
SHA256 90cd0e0fbbf8929e4d30db5c0748289d63baca8eed6229a64c1ce1bfc8dd47ab
ssdeep
98304:zf4x7rWGUh45dTss7vgYnxfhqO5jmKCOR:zf49/w4vvfQO5j1L

imphash 63282dc9bdaed0ae842e96925922e5cf
File size 3.4 MB ( 3579447 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (41.1%)
Win32 EXE Yoda's Crypter (35.7%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Win16/32 Executable Delphi generic (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2014-02-13 10:40:23 UTC ( 1 anno, 4 mesi fa )
Last submission 2014-02-13 10:40:23 UTC ( 1 anno, 4 mesi fa )
Nomi dei files heidisql32.r4710.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/doc/pua.html .

Symantec reputation Suspicious.Insight
Nessun commento. Nessun membro della Comunità di VirusTotal ha commentato questo item, sii il primo a farlo!

Lascia il tuo commento...

?
Posta commento

Non ti sei ancora collegato. Solo gli utenti registrati possono commentare, collegati ed esprimi il tuo giudizio!

Nessun voto. Nessuno ha ancora votato questo item, sii il primo a farlo!