× 쿠키가 비활성화 되어 있습니다! 이 사이트는 작업을 제대로 하려면 쿠키 활성화가 필요합니다.
SHA256: 9a3ada4ebc2c4384e3b7c4047024cbab488b5b35c7282fae537056a3829b91de
파일 이름: GoodGame Empire Hack V1.0.exe
탐지 비율: 1 / 48
분석 날짜: 2013-09-17 17:15:02 UTC ( 4년, 1개월 전 )
안티바이러스 결과 업데이트
Bkav HW32.CDB.4a9e 20130917
Yandex 20130917
AhnLab-V3 20130917
AntiVir 20130917
Antiy-AVL 20130917
Avast 20130917
AVG 20130917
Baidu-International 20130917
BitDefender 20130917
ByteHero 20130917
CAT-QuickHeal 20130917
ClamAV 20130917
Commtouch 20130917
Comodo 20130917
DrWeb 20130917
Emsisoft 20130917
ESET-NOD32 20130917
F-Prot 20130917
F-Secure 20130917
Fortinet 20130917
GData 20130917
Ikarus 20130917
Jiangmin 20130903
K7AntiVirus 20130917
K7GW 20130917
Kaspersky 20130917
Kingsoft 20130829
Malwarebytes 20130917
McAfee 20130917
McAfee-GW-Edition 20130917
Microsoft 20130917
eScan 20130917
NANO-Antivirus 20130917
Norman 20130917
nProtect 20130917
Panda 20130917
PCTools 20130917
Rising 20130917
Sophos AV 20130917
SUPERAntiSpyware 20130917
Symantec 20130917
TheHacker 20130917
TotalDefense 20130916
TrendMicro 20130917
TrendMicro-HouseCall 20130917
VBA32 20130917
VIPRE 20130917
ViRobot 20130917
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
File version 3, 3, 8, 1
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-01-29 21:32:28
Entry Point 0x000B3E60
Number of sections 3
PE sections
PE imports
ImageList_Remove
GetSaveFileNameW
LineTo
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
WNetGetConnectionW
EnumProcesses
DragFinish
LoadUserProfileW
VerQueryValueW
FtpOpenFileW
timeGetTime
Ord(16)
CoInitialize
Number of PE resources by type
RT_STRING 7
RT_ICON 4
RT_GROUP_ICON 4
RT_DIALOG 1
RT_MANIFEST 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
ENGLISH UK 17
ENGLISH US 2
PE resources
ExifTool file metadata
UninitializedDataSize
462848

InitializedDataSize
12288

ImageVersion
0.0

FileVersionNumber
3.3.8.1

LanguageCode
English (British)

FileFlagsMask
0x0017

CharacterSet
Unicode

LinkerVersion
10.0

MIMEType
application/octet-stream

FileVersion
3, 3, 8, 1

TimeStamp
2012:01:29 22:32:28+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

CompiledScript
AutoIt v3 Script: 3, 3, 8, 1

MachineType
Intel 386 or later, and compatibles

CodeSize
274432

FileSubtype
0

ProductVersionNumber
3.3.8.1

EntryPoint
0xb3e60

ObjectFileType
Unknown

File identification
MD5 1233009fb3a5d53340ed794c79479f96
SHA1 e9886006ca42be65627d83a47aa8b0f936729877
SHA256 9a3ada4ebc2c4384e3b7c4047024cbab488b5b35c7282fae537056a3829b91de
ssdeep
6144:duIlWqB+ihabs7Ch9KwyF5LeLodp2D1Mmakda0qLdn83RP:w6Wq4aaE6KwyF5L0Y2D1PqLdnARP

File size 292.1 KB ( 299123 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID AutoIt3 compiled script executable (88.6%)
UPX compressed Win32 Executable (5.3%)
Win32 EXE Yoda's Crypter (4.6%)
Win32 Executable (generic) (0.7%)
Generic Win/DOS Executable (0.3%)
Tags
peexe

VirusTotal metadata
First submission 2013-09-17 17:15:02 UTC ( 4년, 1개월 전 )
Last submission 2013-09-17 17:15:02 UTC ( 4년, 1개월 전 )
파일 이름 GoodGame Empire Hack V1.0.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
댓글이 없습니다.. 이 항목에 대해 댓글을 작성한 바이러스토탈 커뮤니티 회원이 아직 없습니다. 첫 번째로 댓글을 작성해 보십시오!

댓글 남기기...

?
댓글 달기

로그인 안됨. 등록된 사용자만 댓글을 남길 수 있습니다. 로그인하여 댓글을 남겨보십시오!

투표가 없습니다.. 아직 이 항목에 투표한 사람이 없습니다. 첫 번째로 투표해 보십시오!