× 쿠키가 비활성화 되어 있습니다! 이 사이트는 작업을 제대로 하려면 쿠키 활성화가 필요합니다.
SHA256: 4aa4457443ab28b4a335809d6d101be91baa6a5a96e3b414a73281c71665ec8a
파일 이름: yabasic-2.78.0-setup.exe
탐지 비율: 2 / 61
분석 날짜: 2017-04-20 17:42:02 UTC ( 2개월 전 ) 최신 보기
안티바이러스 결과 업데이트
Invincea backdoor.msil.bladabindi.aj 20170413
Qihoo-360 HEUR/QVM41.1.9D24.Malware.Gen 20170420
Ad-Aware 20170420
AegisLab 20170420
AhnLab-V3 20170420
Alibaba 20170420
ALYac 20170420
Antiy-AVL 20170420
Arcabit 20170420
Avast 20170420
AVG 20170420
Avira (no cloud) 20170420
AVware 20170420
Baidu 20170420
BitDefender 20170420
Bkav 20170420
CAT-QuickHeal 20170420
ClamAV 20170420
CMC 20170420
Comodo 20170420
CrowdStrike Falcon (ML) 20170420
Cyren 20170420
DrWeb 20170420
Emsisoft 20170420
Endgame 20170419
ESET-NOD32 20170420
F-Prot 20170420
F-Secure 20170420
Fortinet 20170420
GData 20170420
Ikarus 20170420
Jiangmin 20170420
K7AntiVirus 20170420
K7GW 20170420
Kaspersky 20170420
Kingsoft 20170420
Malwarebytes 20170420
McAfee 20170420
McAfee-GW-Edition 20170420
Microsoft 20170420
eScan 20170420
NANO-Antivirus 20170420
nProtect 20170420
Palo Alto Networks (Known Signatures) 20170420
Panda 20170420
Rising 20170420
SentinelOne (Static ML) 20170330
Sophos 20170420
SUPERAntiSpyware 20170420
Symantec 20170420
Symantec Mobile Insight 20170414
Tencent 20170420
TheHacker 20170420
TrendMicro 20170420
TrendMicro-HouseCall 20170420
Trustlook 20170420
VBA32 20170420
VIPRE 20170420
ViRobot 20170420
Webroot 20170420
WhiteArmor 20170409
Yandex 20170420
Zillya 20170418
ZoneAlarm by Check Point 20170420
Zoner 20170420
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Internet Explorer
Original name WEXTRACT.EXE
Internal name Wextract
File version 11.00.14393.0 (rs1_release.160715-1616)
Description Win32 Cabinet Self-Extractor
Packers identified
F-PROT SFX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-07-16 01:42:10
Entry Point 0x00006BD0
Number of sections 5
PE sections
PE imports
GetTokenInformation
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges
FreeSid
RegQueryValueExA
AllocateAndInitializeSid
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
EqualSid
RegQueryInfoKeyA
Ord(23)
Ord(20)
Ord(21)
Ord(22)
GetDeviceCaps
GetLastError
GetCurrentDirectoryA
GetTempFileNameA
DosDateTimeToFileTime
LoadLibraryA
GetFileAttributesA
GlobalFree
WaitForSingleObject
LockResource
FreeLibrary
QueryPerformanceCounter
MulDiv
ExitProcess
SetFileTime
GetVersionExA
GlobalUnlock
RemoveDirectoryA
IsDBCSLeadByte
GetExitCodeProcess
GetStartupInfoA
GetVolumeInformationA
LoadLibraryExA
SizeofResource
CreateEventA
GetPrivateProfileStringA
WritePrivateProfileStringA
LocalAlloc
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
UnhandledExceptionFilter
_llseek
GetShortPathNameA
ExpandEnvironmentStringsA
SetEvent
GetModuleFileNameA
GlobalLock
TerminateThread
GetTempPathA
GetCurrentProcessId
CreateMutexA
GetModuleHandleA
_lclose
CreateThread
SetFilePointer
lstrcmpA
ReadFile
GetCurrentThreadId
SetUnhandledExceptionFilter
WriteFile
_lopen
FindFirstFileA
CompareStringA
ResetEvent
EnumResourceLanguagesA
FindNextFileA
GetSystemDirectoryA
GetDiskFreeSpaceA
GetModuleHandleW
GetProcAddress
FreeResource
SetFileAttributesA
GetDriveTypeA
LocalFree
TerminateProcess
CreateProcessA
GetSystemTimeAsFileTime
GetCurrentProcess
LoadResource
GlobalAlloc
LocalFileTimeToFileTime
FindClose
Sleep
FormatMessageA
CreateFileA
GetTickCount
GetVersion
FindResourceA
SetCurrentDirectoryA
GetSystemInfo
CloseHandle
CharPrevA
EndDialog
ShowWindow
MessageBeep
SetWindowPos
SendDlgItemMessageA
GetSystemMetrics
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
PeekMessageA
SetWindowLongA
CharUpperA
GetDC
ReleaseDC
SetWindowTextA
LoadStringA
SendMessageA
GetDlgItem
GetWindowLongA
CharNextA
GetDesktopWindow
CallWindowProcA
MsgWaitForMultipleObjects
SetForegroundWindow
ExitWindowsEx
DialogBoxIndirectParamA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
_cexit
?terminate@@YAXXZ
_vsnprintf
_ismbblead
_acmdln
_exit
__p__commode
memset
_amsg_exit
memcpy
memcpy_s
_except_handler4_common
exit
__p__fmode
_XcptFilter
__getmainargs
_initterm
_controlfp
__setusermatherr
__set_app_type
Number of PE resources by type
RT_RCDATA 14
RT_ICON 13
RT_DIALOG 6
RT_STRING 6
RT_VERSION 2
RT_MANIFEST 1
AVI 1
RT_GROUP_ICON 1
Number of PE resources by language
GERMAN 23
ENGLISH US 21
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.0

LinkerVersion
14.0

ImageVersion
10.0

FileSubtype
0

FileVersionNumber
11.0.14393.0

UninitializedDataSize
0

LanguageCode
German

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
508416

EntryPoint
0x6bd0

OriginalFileName
WEXTRACT.EXE .MUI

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. Alle Rechte vorbehalten.

FileVersion
11.00.14393.0 (rs1_release.160715-1616)

TimeStamp
2016:07:16 02:42:10+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Wextract

ProductVersion
11.00.14393.0

FileDescription
Win32 Cabinet Self-Extractor

OSVersion
10.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
26112

ProductName
Internet Explorer

ProductVersionNumber
11.0.14393.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 0846970fd640eee9c253173334ad0901
SHA1 fae8d3316a82c3b95fc37d5928abe37f678cb578
SHA256 4aa4457443ab28b4a335809d6d101be91baa6a5a96e3b414a73281c71665ec8a
ssdeep
6144:uop0yN90QE8ePvRaqwX+Dmo8S8fXTQnrhCyg45unbHW+FkvEwfF3nGzeg51IYbmD:Yy90WSaVymTXTQrhCy/5mNmyb5ux

authentihash 532e2895eb65913e7f136075144c238b2f7a5fa3083d44d5e834978df88be11e
imphash 1efe015ade03f54dd6d9b2ccea28b970
File size 523.0 KB ( 535552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2017-04-20 17:42:02 UTC ( 2개월 전 )
Last submission 2017-04-20 17:42:02 UTC ( 2개월 전 )
파일 이름 yabasic-2.78.0-setup.exe
Wextract
WEXTRACT.EXE
댓글이 없습니다.. 이 항목에 대해 댓글을 작성한 바이러스토탈 커뮤니티 회원이 아직 없습니다. 첫 번째로 댓글을 작성해 보십시오!

댓글 남기기...

?
댓글 달기

로그인 안됨. 등록된 사용자만 댓글을 남길 수 있습니다. 로그인하여 댓글을 남겨보십시오!

투표가 없습니다.. 아직 이 항목에 투표한 사람이 없습니다. 첫 번째로 투표해 보십시오!