× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: f589e6e081ba3cd34b601aaea2f5c797f6018e10be8b55b019c19c518f7afc32
ファイル名: X.exe
検出率: 3 / 56
分析日時: 2016-04-28 08:47:30 UTC (1 年, 2 ヶ月前) 最新を表示
ウイルス対策ソフト 結果 更新日
AegisLab Troj.W32.Swisyn.mki7 20160428
Bkav HW32.Packed.B62A 20160427
CMC Virus.Win32.Sality!O 20160428
Ad-Aware 20160428
AhnLab-V3 20160428
Alibaba 20160428
ALYac 20160428
Antiy-AVL 20160428
Arcabit 20160428
Avast 20160428
AVG 20160428
Avira (no cloud) 20160428
AVware 20160428
Baidu 20160428
Baidu-International 20160427
BitDefender 20160428
CAT-QuickHeal 20160428
ClamAV 20160427
Comodo 20160428
Cyren 20160428
DrWeb 20160428
Emsisoft 20160428
ESET-NOD32 20160428
F-Prot 20160428
F-Secure 20160428
Fortinet 20160428
GData 20160428
Ikarus 20160428
Jiangmin 20160428
K7AntiVirus 20160428
K7GW 20160428
Kaspersky 20160427
Kingsoft 20160428
Malwarebytes 20160428
McAfee 20160428
McAfee-GW-Edition 20160428
Microsoft 20160428
eScan 20160428
NANO-Antivirus 20160428
nProtect 20160428
Panda 20160427
Qihoo-360 20160428
Rising 20160428
Sophos AV 20160428
SUPERAntiSpyware 20160428
Symantec 20160428
Tencent 20160428
TheHacker 20160426
TrendMicro 20160428
TrendMicro-HouseCall 20160428
VBA32 20160427
VIPRE 20160428
ViRobot 20160428
Yandex 20160427
Zillya 20160427
Zoner 20160428
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
File version 0.0.0.2
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-04-27 00:57:20
Entry Point 0x0118B721
Number of sections 3
PE sections
Overlays
MD5 45a9dee14ca010d43b4508e6c80d8edd
File type ASCII text
Offset 6689792
Size 32
Entropy 3.25
PE imports
AVIFileExit
gluDisk
GetProcAddress
GetModuleHandleA
SHGetFolderPathW
URLDownloadToFileW
InternetGetConnectedState
RegCloseKey
ImageList_Add
ChooseColorW
CoCreateGuid
LresultFromObject
SysFreeString
wglGetCurrentDC
DragFinish
CharNextW
VerQueryValueW
WinHttpOpen
PlaySoundW
OpenPrinterW
PE exports
Number of PE resources by type
RT_RCDATA 140
RT_STRING 80
RT_BITMAP 44
RT_GROUP_CURSOR 32
RT_CURSOR 32
RT_ICON 9
UNICODEDATA 6
RT_GROUP_ICON 5
RT_DIALOG 2
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 178
ENGLISH US 158
GERMAN 12
SERBIAN LATIN 2
SPANISH ARGENTINA 2
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
2.25

ImageVersion
0.0

FileVersionNumber
0.0.5960.55552

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
9163264

EntryPoint
0x118b721

MIMEType
application/octet-stream

FileVersion
0.0.0.2

TimeStamp
2016:04:27 01:57:20+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
0.0.0.0

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
8516096

FileSubtype
0

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 afd0e52c24d6a96d074ce443aadb9f82
SHA1 5e671f475c768739ccaae67d4ce1f142f93f7be2
SHA256 f589e6e081ba3cd34b601aaea2f5c797f6018e10be8b55b019c19c518f7afc32
ssdeep
196608:BNpFCdTQbZmeZhHvyNm2HwsEpMEcd1WHhPSyXg:BhCRQt9ZZmmWw+EeWhSyXg

authentihash 507f12afbcf036437ee060f10176c0b553f5edd18deb2ac3c17a06d1ed370403
imphash 4ed4645d3c9688dd9cf1e434fd0389cf
File size 6.4 MB ( 6689824 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-04-28 08:47:30 UTC (1 年, 2 ヶ月前)
Last submission 2016-12-30 10:00:14 UTC (6 ヶ月, 3 週間前)
ファイル名 X.exe
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created mutexes
Runtime DLLs
UDP communications