× Obsługa plików cookie w przeglądarce jest wyłączona! Ta strona wymaga włączonej obsługi plików cookie, aby działać poprawnie
SHA256: 9a79d77ddc2e4a6ee91df5bfb4f7baf48f3da1a84f38fb0f427f5d318f35fe9a
Nazwa pliku: winemenubuilder.exe
Współczynnik wykrycia: 0 / 57
Data analizy: 2015-01-14 12:48:32 UTC ( 2 lata, 9 miesięcy temu ) Zobacz najnowsze
Antywirus Wynik Uaktualnij
Ad-Aware 20150114
AegisLab 20150114
Yandex 20150113
AhnLab-V3 20150114
Alibaba 20150114
ALYac 20150114
Antiy-AVL 20150114
Avast 20150114
AVG 20150114
Avira (no cloud) 20150114
AVware 20150114
Baidu-International 20150114
BitDefender 20150114
Bkav 20150114
ByteHero 20150114
CAT-QuickHeal 20150114
ClamAV 20150114
CMC 20150113
Comodo 20150114
Cyren 20150114
DrWeb 20150114
Emsisoft 20150114
ESET-NOD32 20150114
F-Prot 20150114
F-Secure 20150114
Fortinet 20150114
GData 20150114
Ikarus 20150114
Jiangmin 20150113
K7AntiVirus 20150114
K7GW 20150114
Kaspersky 20150114
Kingsoft 20150114
Malwarebytes 20150114
McAfee 20150114
McAfee-GW-Edition 20150114
Microsoft 20150114
eScan 20150114
NANO-Antivirus 20150114
Norman 20150114
nProtect 20150114
Panda 20150114
Qihoo-360 20150114
Rising 20150113
Sophos AV 20150114
SUPERAntiSpyware 20150114
Symantec 20150114
Tencent 20150114
TheHacker 20150112
TotalDefense 20150114
TrendMicro 20150114
TrendMicro-HouseCall 20150114
VBA32 20150113
VIPRE 20150114
ViRobot 20150114
Zillya 20150113
Zoner 20150112
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Entry Point 0x00001020
Number of sections 2
PE sections
PE imports
_except_handler3
exit
_XcptFilter
__getmainargs
_exit
_controlfp
__set_app_type
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

TimeStamp
0000:00:00 00:00:00

FileType
Win32 EXE

PEType
PE32

CodeSize
0

LinkerVersion
6.0

FileTypeExtension
exe

InitializedDataSize
0

SubsystemVersion
4.0

EntryPoint
0x1020

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

Execution parents
Compressed bundles
File identification
MD5 8f409fc904543688c4abe74b1fb54343
SHA1 b0d469d0ca6f0aba6ff692a2f36ce0c768ceb545
SHA256 9a79d77ddc2e4a6ee91df5bfb4f7baf48f3da1a84f38fb0f427f5d318f35fe9a
ssdeep
12:etGSGQ6Y+qhWJztAqXsrlylET/cNUhkTT3DlAvM0mPRj/AXFiNfKmreR:etGSB+pJJAysxna4kTqvMVcXFi8jR

authentihash 9d1c274b3d91d875f371110e1c3324a20be268a6033323a0880bd62cfb0ad683
imphash 50f433a443bc36990996bb4d4dd484aa
File size 1.5 KB ( 1536 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.3%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2013-07-09 05:57:48 UTC ( 4 lata, 3 miesiące temu )
Last submission 2017-07-10 22:16:15 UTC ( 3 miesiące, 1 tydzień temu )
Nazwy plików test.exe
main.exe
winemenubuilder.exe
basic.exe
9A79D77DDC2E4A6EE91DF5BFB4F7BAF48F3DA1A84F38FB0F427F5D318F35FE9A
empty.exe
winemenubuilder.exe
winemenubuilder.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Brak komentarzy. Żaden z członków społeczności VirusTotal nie skomentował tego. Bądź pierwszy, by to zrobić!

Skomentuj

?
Dodaj komentarz

Nie jesteś zalogowany. Tylko zarejestrowani użytkownicy mogą dodawać komentarze, zalogować się i mieć swój głos!

Brak ocen. Nikt jeszcze nie oddał swojego głosu, bądź pierwszy!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
UDP communications