× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: 6691733f1265b387a2ed49c03d7937b1279c21e6748d4ebe2c0a149314ab2478
ファイル名: acfinder170519.exe
検出率: 0 / 59
分析日時: 2017-05-19 12:37:56 UTC (6 ヶ月, 4 週間前) 最新を表示
ウイルス対策ソフト 結果 更新日
Ad-Aware 20170519
AegisLab 20170519
AhnLab-V3 20170519
Alibaba 20170519
ALYac 20170519
Antiy-AVL 20170519
Arcabit 20170519
Avast 20170519
AVG 20170519
Avira (no cloud) 20170519
AVware 20170519
Baidu 20170503
BitDefender 20170519
CAT-QuickHeal 20170519
ClamAV 20170519
CMC 20170518
Comodo 20170519
CrowdStrike Falcon (ML) 20170130
Cyren 20170519
DrWeb 20170519
Emsisoft 20170519
Endgame 20170515
ESET-NOD32 20170519
F-Prot 20170519
F-Secure 20170519
Fortinet 20170519
GData 20170519
Ikarus 20170519
Sophos ML 20170516
Jiangmin 20170519
K7AntiVirus 20170519
K7GW 20170518
Kaspersky 20170519
Kingsoft 20170519
Malwarebytes 20170519
McAfee 20170519
McAfee-GW-Edition 20170518
Microsoft 20170519
eScan 20170519
NANO-Antivirus 20170519
nProtect 20170519
Palo Alto Networks (Known Signatures) 20170519
Panda 20170519
Qihoo-360 20170519
Rising 20170518
SentinelOne (Static ML) 20170516
Sophos AV 20170519
SUPERAntiSpyware 20170519
Symantec 20170518
Symantec Mobile Insight 20170518
Tencent 20170519
TheHacker 20170516
TrendMicro-HouseCall 20170519
VBA32 20170519
VIPRE 20170519
ViRobot 20170519
Webroot 20170519
WhiteArmor 20170517
Yandex 20170518
Zillya 20170518
ZoneAlarm by Check Point 20170519
Zoner 20170519
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(C)1997-2001 K.Miyauchi

Product Cab32
Original name CabStub
Internal name CabStub
File version 1, 0, 4, 0
Description CabSfx Stub Module
Packers identified
F-PROT CAB, UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2001-01-16 03:14:44
Entry Point 0x00006FE5
Number of sections 4
PE sections
Overlays
MD5 37a40c2c6db7fb973635b57b0b51a310
File type data
Offset 65536
Size 1852688
Entropy 8.00
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
HeapFree
GetStdHandle
DosDateTimeToFileTime
LCMapStringW
GetVersionExA
SetHandleCount
lstrlenA
GetFileAttributesA
GlobalFree
WaitForSingleObject
GetOEMCP
LCMapStringA
HeapDestroy
HeapAlloc
SetFileTime
GlobalUnlock
GetEnvironmentStringsW
GetTempPathA
GetModuleFileNameA
GlobalHandle
RtlUnwind
LoadLibraryA
GlobalSize
FreeEnvironmentStringsA
GetStartupInfoA
HeapCreate
GetEnvironmentStrings
GetWindowsDirectoryA
GetStringTypeW
lstrcatA
CreateDirectoryA
DeleteFileA
GetCurrentDirectoryA
UnhandledExceptionFilter
MultiByteToWideChar
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineA
GlobalLock
GetModuleHandleA
_lclose
GlobalReAlloc
MapViewOfFile
GetStringTypeA
SetFilePointer
ReadFile
WriteFile
GetCurrentProcess
MulDiv
CreateFileMappingA
GetSystemDirectoryA
HeapReAlloc
MoveFileExA
GetProcAddress
SetFileAttributesA
GetACP
TerminateProcess
CreateProcessA
WideCharToMultiByte
GetEnvironmentVariableA
UnmapViewOfFile
lstrcpyA
GlobalAlloc
VirtualFree
LocalFileTimeToFileTime
GetFileType
CreateFileA
ExitProcess
GetVersion
VirtualAlloc
SetCurrentDirectoryA
CloseHandle
SHChangeNotify
DragFinish
ShellExecuteA
DragQueryFileA
SetPropA
EndDialog
GetPropA
SendDlgItemMessageA
GetSystemMetrics
IsWindow
GetWindowRect
DispatchMessageA
SetDlgItemTextA
MoveWindow
GetDlgItemTextA
MessageBoxA
PeekMessageA
SetWindowLongA
TranslateMessage
DialogBoxParamA
RemovePropA
SetWindowTextA
GetWindowLongA
CreateDialogParamA
wsprintfA
GetWindowTextA
IsDialogMessageA
DestroyWindow
Number of PE resources by type
RT_ICON 2
RT_DIALOG 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
JAPANESE DEFAULT 6
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.4.0

UninitializedDataSize
0

LanguageCode
Japanese

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
32768

EntryPoint
0x6fe5

OriginalFileName
CabStub

MIMEType
application/octet-stream

LegalCopyright
(C)1997-2001 K.Miyauchi

FileVersion
1, 0, 4, 0

TimeStamp
2001:01:16 04:14:44+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
CabStub

ProductVersion
1, 0, 4, 0

FileDescription
CabSfx Stub Module

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
LightShip Software

CodeSize
40960

ProductName
Cab32

ProductVersionNumber
1.0.4.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 f9d19cadf30c2a832405b5919cc57992
SHA1 0fd9e4702e02ef712d11dba4f95a23b999d03e3a
SHA256 6691733f1265b387a2ed49c03d7937b1279c21e6748d4ebe2c0a149314ab2478
ssdeep
49152:9Ugxe9t+gMLMfwV02FiaI1grOQsFfwPo5v4nVlFPw:9Ugg90gMLMoVLFiaatfwwcdw

authentihash c85d3828c6a55ae00c1312ea725f595226cbe2d6383ce983c8aee6a4ddb85f84
imphash 4a09e13dffd1254b086a50c0614d1c3e
File size 1.8 MB ( 1918224 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe upx overlay

VirusTotal metadata
First submission 2017-05-19 12:37:56 UTC (6 ヶ月, 4 週間前)
Last submission 2017-07-13 07:39:48 UTC (5 ヶ月前)
ファイル名 CabStub
acfinder170519.exe
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Opened mutexes
Runtime DLLs
UDP communications