× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: 5486bac00ca9b11b90ffeec6f4c337fccdff0352fbe218bac4e9f5f130795ceb
ファイル名: acfinder150823.exe
検出率: 0 / 56
分析日時: 2015-08-23 02:38:32 UTC (1 年, 10 ヶ月前) 最新を表示
ウイルス対策ソフト 結果 更新日
Ad-Aware 20150823
AegisLab 20150822
Yandex 20150822
AhnLab-V3 20150822
Alibaba 20150821
ALYac 20150823
Antiy-AVL 20150823
Arcabit 20150823
Avast 20150823
AVG 20150823
Avira (no cloud) 20150822
AVware 20150823
Baidu-International 20150822
BitDefender 20150823
Bkav 20150822
ByteHero 20150823
CAT-QuickHeal 20150822
ClamAV 20150823
CMC 20150819
Comodo 20150822
Cyren 20150823
DrWeb 20150823
Emsisoft 20150823
ESET-NOD32 20150822
F-Prot 20150823
F-Secure 20150821
Fortinet 20150823
GData 20150823
Ikarus 20150822
Jiangmin 20150820
K7AntiVirus 20150823
K7GW 20150822
Kaspersky 20150823
Kingsoft 20150823
Malwarebytes 20150822
McAfee 20150823
McAfee-GW-Edition 20150822
Microsoft 20150823
eScan 20150823
NANO-Antivirus 20150823
nProtect 20150822
Panda 20150822
Qihoo-360 20150823
Rising 20150822
Sophos 20150823
SUPERAntiSpyware 20150822
Symantec 20150822
Tencent 20150823
TheHacker 20150820
TrendMicro 20150823
TrendMicro-HouseCall 20150823
VBA32 20150822
VIPRE 20150823
ViRobot 20150823
Zillya 20150822
Zoner 20150823
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Original name EPSFX.EXE
Internal name EPSFX
File version 6.02
Description Self Extractable Archive
Comments Self Extractable Archive by EXEpress Copyright(C) Web Technology Corp. http://www.webtech.co.jp/
Packers identified
F-PROT CAB, UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-07-22 10:15:39
Entry Point 0x00019D6C
Number of sections 5
PE sections
Overlays
MD5 2cc01959b175786b0e56eec01b128b2a
File type data
Offset 384000
Size 1225413
Entropy 8.00
PE imports
LookupPrivilegeValueA
RegCloseKey
RegQueryValueExA
GetSecurityDescriptorControl
GetAce
AdjustTokenPrivileges
InitializeAcl
RegCreateKeyExA
GetAclInformation
SetSecurityDescriptorDacl
GetSidSubAuthorityCount
GetSidSubAuthority
OpenProcessToken
AddAccessAllowedAce
GetFileSecurityA
RegOpenKeyExA
SetFileSecurityA
GetTokenInformation
DuplicateTokenEx
LookupAccountNameA
GetSecurityDescriptorDacl
GetUserNameA
GetLengthSid
InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid
CheckTokenMembership
RegSetValueExA
EqualSid
AddAce
Ord(17)
CreatePropertySheetPageA
PropertySheetA
Ord(8)
Ord(23)
Ord(20)
Ord(21)
Ord(22)
CreatePen
TextOutA
CreateFontIndirectA
SetStretchBltMode
Rectangle
GetDeviceCaps
DeleteDC
SetBkMode
BitBlt
SetTextColor
GetObjectA
CreateFontA
CreateBrushIndirect
CreateDIBitmap
GetStockObject
SetTextAlign
SelectClipRgn
CreateCompatibleDC
StretchBlt
GetTextFaceA
CreateRectRgn
SelectObject
CreateSolidBrush
SetBkColor
DeleteObject
CreateCompatibleBitmap
GetStdHandle
GetDriveTypeW
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
GetDriveTypeA
SetEndOfFile
EncodePointer
DeleteCriticalSection
GetCurrentProcess
CompareFileTime
GetConsoleMode
GetLocaleInfoA
LoadLibraryExW
FreeEnvironmentStringsW
GetFullPathNameA
GetTempPathA
GetCPInfo
GetProcAddress
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
GetExitCodeProcess
OutputDebugStringW
FindClose
InterlockedDecrement
SetLastError
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetVersionExA
RemoveDirectoryA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
SetFilePointerEx
CreateMutexA
GetModuleHandleA
CreateThread
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
ExitThread
MoveFileExA
SetEnvironmentVariableA
TerminateProcess
GetModuleHandleExW
GlobalAlloc
LocalFileTimeToFileTime
ReadConsoleW
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
WriteConsoleW
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetSystemDirectoryA
FreeLibrary
GlobalSize
DosDateTimeToFileTime
DecodePointer
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetStartupInfoW
CreateDirectoryW
GetUserDefaultLCID
GetProcessHeap
CompareStringW
GlobalReAlloc
FindFirstFileA
GetTempFileNameA
CreateFileMappingA
GlobalLock
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
SystemTimeToFileTime
LCMapStringW
GlobalFree
GetConsoleCP
GetEnvironmentStringsW
GlobalUnlock
IsDBCSLeadByte
GetModuleFileNameA
GetShortPathNameA
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCurrentDirectoryA
HeapSize
GetCommandLineA
OpenMutexA
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
SetStdHandle
CreateProcessA
WideCharToMultiByte
IsValidCodePage
UnmapViewOfFile
Sleep
NetUserGetLocalGroups
NetWkstaUserGetInfo
NetUserGetInfo
NetApiBufferFree
SHChangeNotify
SHGetSpecialFolderLocation
SHCreateDirectoryExA
SHBrowseForFolderA
SHGetFolderPathA
SHGetPathFromIDListA
ShellExecuteA
PathFindExtensionA
PathAddBackslashA
PathParseIconLocationA
PathRemoveBackslashA
PathIsRelativeA
PathAddBackslashW
AssocQueryStringW
PathIsDirectoryEmptyA
SetFocus
SetDlgItemTextA
GetParent
MapDialogRect
SetPropA
EndDialog
BeginPaint
MoveWindow
DefWindowProcA
KillTimer
LoadImageA
ShowWindow
PostQuitMessage
FindWindowA
MessageBeep
LoadBitmapA
DrawTextExA
GetWindowThreadProcessId
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
IsWindow
GetWindowRect
DispatchMessageA
EnableWindow
UpdateWindow
PostMessageA
SetRectEmpty
MessageBoxA
PeekMessageA
SetWindowPos
SetClassLongA
TranslateMessage
DialogBoxParamA
GetSysColor
GetScrollInfo
GetDC
SetWindowLongA
GetCursorPos
SystemParametersInfoA
SetWindowTextA
LoadStringA
PtInRect
IsWindowVisible
IsZoomed
SendMessageA
GetClientRect
CreateWindowExA
GetDlgItem
CreateDialogParamA
SetCursor
IsIconic
ScreenToClient
SetRect
InvalidateRect
GetWindowLongA
SetTimer
LoadCursorA
LoadIconA
DrawTextA
FillRect
IsDlgButtonChecked
GetWindowTextW
CheckDlgButton
GetSysColorBrush
CallWindowProcA
GetSystemMenu
GetWindowTextLengthW
ReleaseDC
EndPaint
RegisterClassExA
ExitWindowsEx
IsDialogMessageA
DestroyWindow
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
WinVerifyTrust
MakeSureDirectoryPathExists
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
Number of PE resources by type
RT_DIALOG 30
RT_STRING 10
RT_BITMAP 5
RT_ICON 4
RT_VERSION 2
RT_GROUP_CURSOR 1
RT_MANIFEST 1
RT_CURSOR 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 22
JAPANESE DEFAULT 21
NEUTRAL 12
PE resources
ExifTool file metadata
SubsystemVersion
5.1

Comments
Self Extractable Archive by EXEpress

LinkerVersion
11.0

ImageVersion
0.0

FileVersionNumber
6.2.0.0

UninitializedDataSize
0

LanguageCode
Japanese

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
331264

EntryPoint
0x19d6c

OriginalFileName
EPSFX.EXE

MIMEType
application/octet-stream

FileVersion
6.02

TimeStamp
2015:07:22 11:15:39+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
EPSFX

ProductVersion
6.02

FileDescription
Self Extractable Archive

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
172544

FileSubtype
0

ProductVersionNumber
6.2.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 138beb591a96d7ac390b09856608936a
SHA1 b8fad435905b64a0fbad13b71fd70921408a4c81
SHA256 5486bac00ca9b11b90ffeec6f4c337fccdff0352fbe218bac4e9f5f130795ceb
ssdeep
24576:22aE5TmlH3Z5rL+GABCtMTULlKDW4n+4hGGqUNkrbxfB1ba2zBbQIXbRAdNtKSIx:yE5T0D+XcMalqHHGPV/z+IXVSI4s

authentihash f57c6ca0ca9da6a4b5a1dd93a54b56cc2e33492f84756914c88bd0d6d746e5a9
imphash d3bb9ddd8945cee221e7095d6342f002
File size 1.5 MB ( 1609413 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe upx overlay

VirusTotal metadata
First submission 2015-08-23 02:38:32 UTC (1 年, 10 ヶ月前)
Last submission 2017-04-18 09:35:35 UTC (2 ヶ月前)
ファイル名 EPSFX
EPSFX.EXE
acfinder150823.exe
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Created mutexes
Opened mutexes
Runtime DLLs