× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: 9606691fd1cb19fcc8ba2736dde49f94c09172f3d9b48963133f4809558be75d
ファイル名: Chrome_Font.exe
検出率: 9 / 56
分析日時: 2017-01-25 07:22:46 UTC (6 ヶ月, 4 週間前) 最新を表示
ウイルス対策ソフト 結果 更新日
Avast Win32:Malware-gen 20170125
AVG Ransom_r.BJO 20170125
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20170125
CMC Trojan-Downloader.Win32.Gamarue.2!O 20170124
CrowdStrike Falcon (ML) malicious_confidence_98% (D) 20161024
Sophos ML ransom.win32.cerber.a 20170111
Qihoo-360 HEUR/QVM07.1.0000.Malware.Gen 20170125
Rising Malware.Heuristic!ET#86% (rdm+) 20170125
Symantec ML.Attribute.VeryHighConfidence [Heur.AdvML.B] 20170124
Ad-Aware 20170125
AegisLab 20170125
AhnLab-V3 20170125
Alibaba 20170122
ALYac 20170125
Antiy-AVL 20170125
Arcabit 20170125
Avira (no cloud) 20170124
AVware 20170125
BitDefender 20170125
Bkav 20170123
CAT-QuickHeal 20170125
ClamAV 20170125
Comodo 20170125
Cyren 20170125
DrWeb 20170125
Emsisoft 20170125
ESET-NOD32 20170125
F-Prot 20170125
F-Secure 20170125
Fortinet 20170125
GData 20170125
Ikarus 20170124
Jiangmin 20170125
K7AntiVirus 20170125
K7GW 20170125
Kaspersky 20170125
Kingsoft 20170125
Malwarebytes 20170125
McAfee 20170125
McAfee-GW-Edition 20170124
Microsoft 20170125
eScan 20170125
NANO-Antivirus 20170125
nProtect 20170125
Panda 20170124
Sophos AV 20170125
SUPERAntiSpyware 20170125
Tencent 20170125
TheHacker 20170125
TrendMicro 20170125
TrendMicro-HouseCall 20170125
Trustlook 20170125
VBA32 20170124
VIPRE 20170125
ViRobot 20170125
WhiteArmor 20170123
Yandex 20170124
Zillya 20170125
Zoner 20170125
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 2007-2010 Google Inc.

Product Google Update
Original name GoogleUpdateSetup.exe
Internal name Google Update Setup
File version 1.3.31.5
Description Google Update Setup
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-01-23 18:49:09
Entry Point 0x000025E0
Number of sections 4
PE sections
Overlays
MD5 9151b8a5e2055a9339587249c5ecdbe0
File type ASCII text
Offset 204800
Size 369000
Entropy 0.00
PE imports
GetPixelFormat
DeleteDC
CreateRectRgn
SetThreadLocale
CopyFileW
LoadLibraryA
OpenEventW
CopyFileA
HeapAlloc
GetModuleFileNameA
GetFileAttributesW
GetStartupInfoA
GetFileSize
SetLocaleInfoW
GetCommandLineA
CloseHandle
CompareStringW
GetModuleHandleA
FindFirstFileA
SetConsoleTitleA
ReadFile
GetModuleHandleW
OpenSemaphoreW
HeapCreate
OpenSemaphoreA
FindClose
CreateFileA
GetTickCount
OpenEventA
CompareStringA
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0logic_error@std@@QAE@ABV01@@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??1out_of_range@std@@UAE@XZ
??0out_of_range@std@@QAE@ABV01@@Z
__p__fmode
??0exception@@QAE@ABV0@@Z
??1type_info@@UAE@XZ
__dllonexit
toupper
_except_handler3
??2@YAPAXI@Z
__p__commode
_onexit
exit
_XcptFilter
__setusermatherr
_controlfp
_acmdln
_CxxThrowException
_adjust_fdiv
free
__getmainargs
memcpy
_initterm
_exit
strcmp
__set_app_type
FindWindowExA
CreateWindowExA
IsWindow
OpenIcon
IsWindowVisible
IsZoomed
FindWindowW
GetWindowTextLengthW
CreateWindowExW
GetWindowTextA
SetWindowPos
GetWindowTextW
GetClipboardData
Number of PE resources by type
RT_ICON 3
RT_GROUP_ICON 2
RT_BITMAP 1
Number of PE resources by language
NEUTRAL 5
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.3.31.5

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Google Update Setup

CharacterSet
Unicode

InitializedDataSize
192512

EntryPoint
0x25e0

OriginalFileName
GoogleUpdateSetup.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2007-2010 Google Inc.

FileVersion
1.3.31.5

LanguageId
en

TimeStamp
2017:01:23 19:49:09+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Google Update Setup

ProductVersion
1.3.31.5

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Google Inc.

CodeSize
8192

ProductName
Google Update

ProductVersionNumber
1.3.31.5

Warning
Possibly corrupt Version resource

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 595d9f59c8cad55892fb71ee8f6c371b
SHA1 34a5df8870cbfe4cce9563960ae5494978454536
SHA256 9606691fd1cb19fcc8ba2736dde49f94c09172f3d9b48963133f4809558be75d
ssdeep
6144:6i7iI2p5XIoorAz1QBZ51qhmwYOWe2Q6JI/7O:6i12DXLorAuBZ/qhmwYO2fJb

authentihash 1dcceca7dfb5a789e776ef713ddc5abb2a899ad17d0d6683aa9c5a762d6cd845
imphash 27ec40cd6c3f3a5cd79373c2ec399fe3
File size 560.4 KB ( 573800 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2017-01-25 07:22:46 UTC (6 ヶ月, 4 週間前)
Last submission 2017-02-18 01:57:09 UTC (6 ヶ月前)
ファイル名 Google Update Setup
RANSOMWARE_XMAS (5)
GoogleUpdateSetup.exe
Chrome_Font.exe
Chrome_Font.exe_c
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
HTTP requests
DNS requests
TCP connections
UDP communications