× Obsługa plików cookie w przeglądarce jest wyłączona! Ta strona wymaga włączonej obsługi plików cookie, aby działać poprawnie
SHA256: 822717b5b6f858ee0d00157e0b79368d88f6822684008ceaaac4a89b755f2e5f
Nazwa pliku: Clash of Kings Outil V2.1.exe
Współczynnik wykrycia: 0 / 57
Data analizy: 2015-02-02 18:22:23 UTC ( 2 lata, 9 miesięcy temu ) Zobacz najnowsze
Antywirus Wynik Uaktualnij
Ad-Aware 20150202
AegisLab 20150202
Yandex 20150202
AhnLab-V3 20150202
Alibaba 20150202
ALYac 20150202
Antiy-AVL 20150202
Avast 20150202
AVG 20150202
Avira (no cloud) 20150202
AVware 20150202
Baidu-International 20150202
BitDefender 20150202
Bkav 20150202
ByteHero 20150202
CAT-QuickHeal 20150202
ClamAV 20150202
CMC 20150202
Comodo 20150202
Cyren 20150202
DrWeb 20150202
Emsisoft 20150202
ESET-NOD32 20150202
F-Prot 20150202
F-Secure 20150201
Fortinet 20150202
GData 20150202
Ikarus 20150202
Jiangmin 20150131
K7AntiVirus 20150202
K7GW 20150202
Kaspersky 20150202
Kingsoft 20150202
Malwarebytes 20150202
McAfee 20150202
McAfee-GW-Edition 20150202
Microsoft 20150202
eScan 20150202
NANO-Antivirus 20150202
Norman 20150202
nProtect 20150130
Panda 20150202
Qihoo-360 20150202
Rising 20150130
Sophos AV 20150202
SUPERAntiSpyware 20150201
Symantec 20150202
Tencent 20150202
TheHacker 20150131
TotalDefense 20150202
TrendMicro 20150202
TrendMicro-HouseCall 20150202
VBA32 20150202
VIPRE 20150202
ViRobot 20150202
Zillya 20150202
Zoner 20150202
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
Packers identified
F-PROT maxorder, appended, RAR, Unicode
PE header basic information
Target machine x64
Compilation timestamp 2012-02-17 14:55:33
Entry Point 0x0000D148
Number of sections 6
PE sections
Overlays
MD5 9bcf7893f003df262502cb0e03ce3fc0
File type application/x-rar
Offset 132096
Size 1507693
Entropy 8.00
PE imports
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
InitCommonControlsEx
GetDeviceCaps
DeleteDC
SelectObject
StretchBlt
GetObjectW
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
SetFilePointer
GetSystemTime
GetLastError
HeapFree
GetStdHandle
DosDateTimeToFileTime
ReadFile
FileTimeToSystemTime
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
GetExitCodeProcess
FindNextFileA
CompareStringW
HeapAlloc
SystemTimeToFileTime
IsDBCSLeadByte
GetCommandLineW
GetFileAttributesW
FileTimeToLocalFileTime
MoveFileW
OpenFileMappingW
SetFileAttributesA
GetDateFormatW
CreateDirectoryA
DeleteFileA
GetCPInfo
ExitProcess
MultiByteToWideChar
SetEnvironmentVariableW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CreateFileMappingW
GetTimeFormatW
WriteFile
SetFileAttributesW
CloseHandle
WideCharToMultiByte
MapViewOfFile
MoveFileExW
ExpandEnvironmentStringsW
FindNextFileW
SetEndOfFile
GetFileAttributesA
GetTempPathW
FindFirstFileA
FindFirstFileW
HeapReAlloc
GetModuleHandleW
GetFullPathNameA
FreeLibrary
GetCurrentDirectoryW
LoadLibraryW
SetCurrentDirectoryW
UnmapViewOfFile
FindResourceW
CreateFileW
GlobalAlloc
LocalFileTimeToFileTime
FindClose
Sleep
GetFileType
GetFullPathNameW
SetFileTime
CreateFileA
GetTickCount
GetLocaleInfoW
GetNumberFormatW
SetLastError
CompareStringA
VariantInit
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
SHAutoComplete
SetFocus
MapWindowPoints
SetWindowLongPtrW
GetParent
UpdateWindow
EndDialog
LoadBitmapW
DefWindowProcW
CopyRect
GetWindowTextW
GetMessageW
ShowWindow
GetSystemMetrics
SetWindowPos
wvsprintfW
CharToOemBuffA
SetWindowLongW
IsWindow
SendMessageW
GetWindowRect
RegisterClassExW
CharUpperW
DialogBoxParamW
CharToOemBuffW
wvsprintfA
SendDlgItemMessageW
GetDlgItemTextW
PostMessageW
GetSysColor
SetDlgItemTextW
GetDC
GetWindowLongW
ReleaseDC
DestroyIcon
TranslateMessage
IsWindowVisible
GetWindowLongPtrW
LoadStringW
SetWindowTextW
GetDlgItem
GetWindow
MessageBoxW
DispatchMessageW
OemToCharA
PeekMessageW
CharUpperA
GetClassNameW
GetClientRect
WaitForInputIdle
OemToCharBuffA
LoadCursorW
LoadIconW
FindWindowExW
CreateWindowExW
EnableWindow
SetForegroundWindow
DestroyWindow
CharToOemA
CreateStreamOnHGlobal
OleUninitialize
CoCreateInstance
OleInitialize
CLSIDFromString
Number of PE resources by type
RT_DIALOG 4
RT_ICON 4
RT_STRING 4
RT_MANIFEST 1
RT_BITMAP 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 15
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
AMD AMD64

TimeStamp
2012:02:17 15:55:33+01:00

FileType
Win64 EXE

PEType
PE32+

CodeSize
88064

LinkerVersion
9.0

FileTypeExtension
exe

InitializedDataSize
131584

SubsystemVersion
5.2

EntryPoint
0xd148

OSVersion
5.2

ImageVersion
0.0

UninitializedDataSize
0

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Compressed bundles
File identification
MD5 febf89f8f510dafb0985581aab2a4a77
SHA1 f6290dcda790a6eae9d9793d8c6c17afe5e68a2c
SHA256 822717b5b6f858ee0d00157e0b79368d88f6822684008ceaaac4a89b755f2e5f
ssdeep
49152:+VliRsB9azQjk0ipe0bAKlyB244Mw59nB7UT:+Vli3Hpe/Kkg44MIB7UT

authentihash c98a26c57050f5694fdd34173d49fbf43e5df6faf8ee7456ed8a10578cb91ae7
imphash 573e157e4c9d2cf9c3b68c2ca470a40b
File size 1.6 MB ( 1639789 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI) Mono/.Net assembly, RAR self-extracting archive

TrID Win64 Executable (generic) (87.3%)
Generic Win/DOS Executable (6.3%)
DOS Executable Generic (6.3%)
Tags
64bits peexe overlay assembly software-collection

VirusTotal metadata
First submission 2012-02-20 10:56:49 UTC ( 5 lat, 9 miesięcy temu )
Last submission 2017-10-24 08:34:02 UTC ( 3 tygodnie, 4 dni temu )
Nazwy plików 822717b5b6f858ee0d00157e0b79368d88f6822684008ceaaac4a89b755f2e5f
MyEgy.Winrar4.11.X64.exe
1360536189-winrar-x64-411.exe
server.exe
WinRAR_4.11_(64-bit)[1].exe
fb71d522-2a7c-9f98-45cf-c94e03fa6a0e_1d27adcd5c1d47b
$RN08VHD.exe_
WinRAR 32Bit.exe
87586b54-af87-4b4b-a4a9-db8439eba18e.exe
MyEgy.WinRAR 4.11.X64.exe
kucf+8qy.exe.part
febf89f8f510dafb0985581aab2a4a77
winrar-x64-411-{0bd219a3-6816-4b70-b816-309726a76389}-v354211.exe
file-3572383_exe
filename
winrar-x64-411.exe
6yuq3tnhsctov2ozpe6yy3axv7s6ncrm.exe
winrar-x64-411 (1).exe
winrar411-x64.exe
download.php
414735.winrar-x64-411.exe
winrar-x64-411.exe
WinRAR 4.1.1 Final x64.exe
winrar411-64.exe
f115158.exe
Software collections
website http://oldapps.com/winrar.php?old_winrar=7302
oldapps http://oldapps.com/winrar.php?old_winrar=7302?download
product WinRAR 4.11 (x64)
developer win.rar GmbH
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Brak komentarzy. Żaden z członków społeczności VirusTotal nie skomentował tego. Bądź pierwszy, by to zrobić!

Skomentuj

?
Dodaj komentarz

Nie jesteś zalogowany. Tylko zarejestrowani użytkownicy mogą dodawać komentarze, zalogować się i mieć swój głos!

Brak ocen. Nikt jeszcze nie oddał swojego głosu, bądź pierwszy!