× Obsługa plików cookie w przeglądarce jest wyłączona! Ta strona wymaga włączonej obsługi plików cookie, aby działać poprawnie
SHA256: 34284a79d33e4615f968b4b7925d12e71d8c6d439d47c06421a437ffe6d53255
Nazwa pliku: minitwittertool.exe
Współczynnik wykrycia: 0 / 42
Data analizy: 2012-02-04 05:48:31 UTC ( 5 lat, 5 miesięcy temu ) Zobacz najnowsze
Antywirus Wynik Uaktualnij
AhnLab-V3 20120203
AntiVir 20120203
Antiy-AVL 20120203
Avast 20120203
AVG 20120204
BitDefender 20120204
ByteHero 20120126
CAT-QuickHeal 20120203
ClamAV 20120204
Commtouch 20120204
Comodo 20120203
DrWeb 20120204
Emsisoft 20120204
eSafe 20120202
eTrust-Vet 20120203
F-Prot 20120201
F-Secure 20120204
Fortinet 20120204
GData 20120204
Ikarus 20120204
Jiangmin 20120203
K7AntiVirus 20120203
McAfee 20120204
McAfee-GW-Edition 20120203
Microsoft 20120204
NOD32 20120204
Norman 20120203
nProtect 20120203
Panda 20120203
PCTools 20120204
Prevx 20120204
Rising 20120118
Sophos AV 20120204
SUPERAntiSpyware 20120203
Symantec 20120204
TheHacker 20120203
TrendMicro 20120204
TrendMicro-HouseCall 20120204
VBA32 20120203
VIPRE 20120204
ViRobot 20120204
VirusBuster 20120203
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
File version 3, 3, 6, 1
Packers identified
F-PROT AutoIt, UTF-8, UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-04-16 07:47:33
Entry Point 0x000CFBB0
Number of sections 3
PE sections
Overlays
MD5 681919dacf390da672ce481574581ecc
File type data
Offset 395776
Size 237825
Entropy 8.00
PE imports
ImageList_Remove
GetSaveFileNameW
LineTo
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
WNetGetConnectionW
SafeArrayUnaccessData
EnumProcesses
DragFinish
LoadUserProfileW
VerQueryValueW
FtpOpenFileW
timeGetTime
CoInitialize
Number of PE resources by type
RT_ICON 18
RT_STRING 7
RT_GROUP_ICON 4
RT_DIALOG 1
RT_MANIFEST 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
ENGLISH UK 31
ENGLISH US 2
PE resources
ExifTool file metadata
UninitializedDataSize
577536

LinkerVersion
9.0

ImageVersion
0.0

FileVersionNumber
3.3.6.1

LanguageCode
English (British)

FileFlagsMask
0x0017

CharacterSet
Unicode

InitializedDataSize
126976

EntryPoint
0xcfbb0

MIMEType
application/octet-stream

FileVersion
3, 3, 6, 1

TimeStamp
2010:04:16 08:47:33+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

CompiledScript
AutoIt v3 Script: 3, 3, 6, 1

MachineType
Intel 386 or later, and compatibles

CodeSize
270336

FileSubtype
0

ProductVersionNumber
3.3.6.1

FileTypeExtension
exe

ObjectFileType
Unknown

Compressed bundles
File identification
MD5 5b9a3328330ce7f0bb4f141886fe0056
SHA1 d8835102d3bfbdf3f761030ddc0b6d0471f86fe3
SHA256 34284a79d33e4615f968b4b7925d12e71d8c6d439d47c06421a437ffe6d53255
ssdeep
12288:djkArEN249AyE/rbaMct4bO2/VT1DIh8hRAR57R6z+nc6enPHM4yESosb0xJGD9:CFE//Tct4bOsR1Uh8hSRF0zuc6csyswY

authentihash b7f169dc8d711ef2a1d7a2171ac2a49584295a2a05c25d3af276f01693719f3b
imphash 77b2e5e9b52fbef7638f64ab65f0c58c
File size 618.8 KB ( 633601 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (42.3%)
Win32 EXE Yoda's Crypter (36.7%)
Win32 Dynamic Link Library (generic) (9.1%)
Win32 Executable (generic) (6.2%)
Generic Win/DOS Executable (2.7%)
Tags
peexe upx overlay

VirusTotal metadata
First submission 2012-02-04 05:48:31 UTC ( 5 lat, 5 miesięcy temu )
Last submission 2016-01-22 04:43:31 UTC ( 1 rok, 6 miesięcy temu )
Nazwy plików 34284a79d33e4615f968b4b7925d12e71d8c6d439d47c06421a437ffe6d53255.vir
file-4289658_exe
minitwittertool.exe
5b9a3328330ce7f0bb4f141886fe0056
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Brak komentarzy. Żaden z członków społeczności VirusTotal nie skomentował tego. Bądź pierwszy, by to zrobić!

Skomentuj

?
Dodaj komentarz

Nie jesteś zalogowany. Tylko zarejestrowani użytkownicy mogą dodawać komentarze, zalogować się i mieć swój głos!

Brak ocen. Nikt jeszcze nie oddał swojego głosu, bądź pierwszy!