× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: c6e4718daab64ad9fe4f323f725472d588d05aa775590fd5125476f729c88e81
ファイル名: EPSFX
検出率: 0 / 57
分析日時: 2016-12-09 11:31:36 UTC (2 年, 2 ヶ月前)
ウイルス対策ソフト 結果 更新日
Ad-Aware 20161209
AegisLab 20161209
AhnLab-V3 20161209
Alibaba 20161209
ALYac 20161209
Antiy-AVL 20161209
Arcabit 20161209
Avast 20161209
AVG 20161209
Avira (no cloud) 20161209
AVware 20161209
Baidu 20161207
BitDefender 20161209
Bkav 20161209
CAT-QuickHeal 20161209
ClamAV 20161209
CMC 20161209
Comodo 20161209
CrowdStrike Falcon (ML) 20161024
Cyren 20161209
DrWeb 20161209
Emsisoft 20161209
ESET-NOD32 20161209
F-Prot 20161209
F-Secure 20161209
Fortinet 20161209
GData 20161209
Ikarus 20161209
Sophos ML 20161202
Jiangmin 20161208
K7AntiVirus 20161209
K7GW 20161209
Kaspersky 20161209
Kingsoft 20161209
Malwarebytes 20161209
McAfee 20161209
McAfee-GW-Edition 20161209
Microsoft 20161209
eScan 20161209
NANO-Antivirus 20161209
nProtect 20161209
Panda 20161209
Qihoo-360 20161209
Rising 20161209
Sophos AV 20161209
SUPERAntiSpyware 20161209
Symantec 20161209
Tencent 20161209
TheHacker 20161130
TotalDefense 20161209
TrendMicro 20161209
TrendMicro-HouseCall 20161209
Trustlook 20161209
VBA32 20161208
VIPRE 20161209
ViRobot 20161209
WhiteArmor 20161207
Yandex 20161208
Zillya 20161207
Zoner 20161209
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Original name EPSFX.EXE
Internal name EPSFX
File version 5.26.00
Description Self Extractable Archive
Comments Self Extractable Archive by EXEpress CX Copyright(C) 1998-2014 Web Technology Corp. http://www.webtech.co.jp/
Packers identified
F-PROT CAB, appended, HLP
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-02-05 07:58:22
Entry Point 0x00015401
Number of sections 4
PE sections
Overlays
MD5 e7bf8a50ffc287d8348736893e2caee3
File type data
Offset 290816
Size 3198948
Entropy 8.00
PE imports
PropertySheetA
CreatePropertySheetPageA
Ord(17)
Ord(8)
CreatePen
TextOutA
CreateFontIndirectA
SetStretchBltMode
Rectangle
GetDeviceCaps
DeleteDC
SetBkMode
BitBlt
SetTextColor
GetObjectA
CreateFontA
CreateBrushIndirect
CreateDIBitmap
GetStockObject
SetTextAlign
SelectClipRgn
CreateCompatibleDC
StretchBlt
GetTextFaceA
CreateRectRgn
SelectObject
CreateSolidBrush
SetBkColor
DeleteObject
CreateCompatibleBitmap
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
GetDriveTypeA
HeapDestroy
GetExitCodeProcess
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
lstrcatA
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
GetOEMCP
LocalFree
LocalSize
InitializeCriticalSection
FindClose
TlsGetValue
SetLastError
ExitProcess
GetVersionExA
RemoveDirectoryA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
WritePrivateProfileSectionA
CreateMutexA
GetModuleHandleA
CreateThread
GetPrivateProfileSectionA
SetUnhandledExceptionFilter
GetSystemDirectoryA
MoveFileExA
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
ExitThread
GlobalSize
GetStartupInfoA
DosDateTimeToFileTime
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetFullPathNameA
GlobalLock
GetProcessHeap
CompareStringW
GlobalReAlloc
lstrcmpA
FindFirstFileA
lstrcpyA
CompareStringA
GetTempFileNameA
CreateFileMappingA
GetProcAddress
GetTimeZoneInformation
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
SystemTimeToFileTime
LCMapStringW
HeapCreate
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
IsDBCSLeadByte
GetModuleFileNameA
GetShortPathNameA
FileTimeToLocalFileTime
GetEnvironmentStrings
CompareFileTime
GetCurrentProcessId
SetFileTime
GetCurrentDirectoryA
HeapSize
GetCommandLineA
OpenMutexA
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetACP
CreateProcessA
WideCharToMultiByte
IsValidCodePage
UnmapViewOfFile
VirtualFree
Sleep
VirtualAlloc
SHChangeNotify
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
SHGetSpecialFolderLocation
SetFocus
SetDlgItemTextA
GetParent
MapDialogRect
SetPropA
GetScrollInfo
BeginPaint
EndDialog
MoveWindow
KillTimer
LoadImageA
PostQuitMessage
DefWindowProcA
ShowWindow
MessageBeep
LoadBitmapA
SetWindowPos
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
IsWindow
GetWindowRect
DispatchMessageA
EnableWindow
UpdateWindow
PostMessageA
SetRectEmpty
DrawTextExA
MessageBoxA
PeekMessageA
SetWindowLongA
SetClassLongA
TranslateMessage
DialogBoxParamA
GetSysColor
CheckDlgButton
GetDC
RegisterClassExA
GetCursorPos
SystemParametersInfoA
SetWindowTextA
LoadStringA
wsprintfA
PtInRect
IsWindowVisible
IsZoomed
SendMessageA
GetClientRect
CreateWindowExA
GetDlgItem
CreateDialogParamA
IsIconic
ScreenToClient
SetRect
InvalidateRect
GetWindowLongA
SetTimer
LoadCursorA
LoadIconA
DrawTextA
FillRect
IsDlgButtonChecked
GetSysColorBrush
CallWindowProcA
GetSystemMenu
ReleaseDC
EndPaint
GetWindowTextA
SetCursor
ExitWindowsEx
IsDialogMessageA
DestroyWindow
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitialize
Number of PE resources by type
RT_DIALOG 30
RT_STRING 8
RT_BITMAP 5
RT_ICON 4
RT_VERSION 2
RT_GROUP_CURSOR 1
RT_MANIFEST 1
RT_CURSOR 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 21
JAPANESE DEFAULT 20
NEUTRAL 12
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
Self Extractable Archive by EXEpress CX

LinkerVersion
8.0

ImageVersion
0.0

FileVersionNumber
5.25.0.0

UninitializedDataSize
0

LanguageCode
Japanese

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
131072

EntryPoint
0x15401

OriginalFileName
EPSFX.EXE

MIMEType
application/octet-stream

FileVersion
5.26.00

TimeStamp
2014:02:05 08:58:22+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
EPSFX

ProductVersion
5.26.00

FileDescription
Self Extractable Archive

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
155648

FileSubtype
0

ProductVersionNumber
5.25.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 fec4ec09a7358ab1b99b010e2af6b7d7
SHA1 b8888169214482a1fa667ca551e46765cef58d63
SHA256 c6e4718daab64ad9fe4f323f725472d588d05aa775590fd5125476f729c88e81
ssdeep
98304:pFpu/ic8ofAJ7eUs38GWVW3hCIk4ATgrvn0XE43:fka3JRIycoePnY

authentihash e225fcd072a38fa9d514a183f94a4010de4517c6db9e59a8151d737f6dfa3104
imphash 23dd88597aaf02722928fae5757823e8
File size 3.3 MB ( 3489764 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-03-12 08:48:00 UTC (2 年, 11 ヶ月前)
Last submission 2016-03-12 08:48:00 UTC (2 年, 11 ヶ月前)
ファイル名 EPSFX
tkt01-202.exe
EPSFX.EXE
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Created mutexes
Opened mutexes
Runtime DLLs