× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: b29cba3990a536f4d40368800091c94119d2d91205c1c72352575b31f7ececdd
ファイル名: acfinder170716.exe
検出率: 0 / 63
分析日時: 2017-07-16 04:37:23 UTC (5 ヶ月前) 最新を表示
ウイルス対策ソフト 結果 更新日
Ad-Aware 20170716
AegisLab 20170716
AhnLab-V3 20170715
Alibaba 20170714
ALYac 20170716
Antiy-AVL 20170716
Arcabit 20170716
Avast 20170716
AVG 20170716
Avira (no cloud) 20170715
AVware 20170716
Baidu 20170714
BitDefender 20170716
Bkav 20170715
CAT-QuickHeal 20170715
ClamAV 20170716
CMC 20170714
Comodo 20170716
CrowdStrike Falcon (ML) 20170710
Cylance 20170716
Cyren 20170716
DrWeb 20170716
Emsisoft 20170716
Endgame 20170713
ESET-NOD32 20170715
F-Prot 20170716
F-Secure 20170716
Fortinet 20170629
GData 20170716
Ikarus 20170715
Sophos ML 20170607
Jiangmin 20170716
K7AntiVirus 20170714
K7GW 20170716
Kaspersky 20170716
Kingsoft 20170716
Malwarebytes 20170716
MAX 20170716
McAfee 20170716
McAfee-GW-Edition 20170716
Microsoft 20170716
eScan 20170716
NANO-Antivirus 20170716
nProtect 20170716
Palo Alto Networks (Known Signatures) 20170716
Panda 20170715
Qihoo-360 20170716
Rising 20170716
SentinelOne (Static ML) 20170516
Sophos AV 20170716
SUPERAntiSpyware 20170716
Symantec 20170715
Symantec Mobile Insight 20170713
Tencent 20170716
TheHacker 20170712
TrendMicro 20170716
TrendMicro-HouseCall 20170716
Trustlook 20170716
VBA32 20170714
VIPRE 20170716
ViRobot 20170715
Webroot 20170716
WhiteArmor 20170713
Yandex 20170714
Zillya 20170714
ZoneAlarm by Check Point 20170716
Zoner 20170716
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(C)1997-2001 K.Miyauchi

Product Cab32
Original name CabStub
Internal name CabStub
File version 1, 0, 4, 0
Description CabSfx Stub Module
Packers identified
F-PROT CAB, UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2001-01-16 03:14:44
Entry Point 0x00006FE5
Number of sections 4
PE sections
Overlays
MD5 dd47ed98e93e83946952063399fb2e22
File type data
Offset 65536
Size 1852494
Entropy 8.00
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
HeapFree
GetStdHandle
DosDateTimeToFileTime
LCMapStringW
GetVersionExA
SetHandleCount
lstrlenA
GetFileAttributesA
GlobalFree
WaitForSingleObject
GetOEMCP
LCMapStringA
HeapDestroy
HeapAlloc
SetFileTime
GlobalUnlock
GetEnvironmentStringsW
GetTempPathA
GetModuleFileNameA
GlobalHandle
RtlUnwind
LoadLibraryA
GlobalSize
FreeEnvironmentStringsA
GetStartupInfoA
HeapCreate
GetEnvironmentStrings
GetWindowsDirectoryA
GetStringTypeW
lstrcatA
CreateDirectoryA
DeleteFileA
GetCurrentDirectoryA
UnhandledExceptionFilter
MultiByteToWideChar
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineA
GlobalLock
GetModuleHandleA
_lclose
GlobalReAlloc
MapViewOfFile
GetStringTypeA
SetFilePointer
ReadFile
WriteFile
GetCurrentProcess
MulDiv
CreateFileMappingA
GetSystemDirectoryA
HeapReAlloc
MoveFileExA
GetProcAddress
SetFileAttributesA
GetACP
TerminateProcess
CreateProcessA
WideCharToMultiByte
GetEnvironmentVariableA
UnmapViewOfFile
lstrcpyA
GlobalAlloc
VirtualFree
LocalFileTimeToFileTime
GetFileType
CreateFileA
ExitProcess
GetVersion
VirtualAlloc
SetCurrentDirectoryA
CloseHandle
SHChangeNotify
DragFinish
ShellExecuteA
DragQueryFileA
SetPropA
EndDialog
GetPropA
SendDlgItemMessageA
GetSystemMetrics
IsWindow
GetWindowRect
DispatchMessageA
SetDlgItemTextA
MoveWindow
GetDlgItemTextA
MessageBoxA
PeekMessageA
SetWindowLongA
TranslateMessage
DialogBoxParamA
RemovePropA
SetWindowTextA
GetWindowLongA
CreateDialogParamA
wsprintfA
GetWindowTextA
IsDialogMessageA
DestroyWindow
Number of PE resources by type
RT_ICON 2
RT_DIALOG 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
JAPANESE DEFAULT 6
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.4.0

UninitializedDataSize
0

LanguageCode
Japanese

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
32768

EntryPoint
0x6fe5

OriginalFileName
CabStub

MIMEType
application/octet-stream

LegalCopyright
(C)1997-2001 K.Miyauchi

FileVersion
1, 0, 4, 0

TimeStamp
2001:01:16 04:14:44+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
CabStub

ProductVersion
1, 0, 4, 0

FileDescription
CabSfx Stub Module

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
LightShip Software

CodeSize
40960

ProductName
Cab32

ProductVersionNumber
1.0.4.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 0addf93be12ec5e175eb21080bba7837
SHA1 b4d6f78955840de0c0529715c171f185af5faf41
SHA256 b29cba3990a536f4d40368800091c94119d2d91205c1c72352575b31f7ececdd
ssdeep
49152:9cgxe9t+bIVeezCEb94/8PWSNzlE5f/VzuF:9cgg90bI7bqcWSN+VV2

authentihash 105412d5c042a3118f08d66e70cfbf509b7281178e88ab935d931b2bc0c92044
imphash 4a09e13dffd1254b086a50c0614d1c3e
File size 1.8 MB ( 1918030 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe upx overlay

VirusTotal metadata
First submission 2017-07-16 04:37:23 UTC (5 ヶ月前)
Last submission 2017-11-17 20:23:07 UTC (3 週間, 6 日前)
ファイル名 02a6fcf81cde455a293a0aa94d70687af56148bc
CabStub
acfinder170716.exe
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Opened mutexes
Runtime DLLs