× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: 18c7b4a8e22fa9ae35848ec20a4ea2d3a0f8b0a47a743928e1822b08bcd2dad2
Nome do arquivo: trainer_3.exe
Taxa de detecção: 7 / 49
Data da análise: 2014-01-20 19:54:14 UTC ( 4 anos, 3 meses atrás ) Visualizar últimos
Antivírus Resultado Atualização
AntiVir TR/Dropper.Gen 20140120
Baidu-International Trojan.MSIL.GameHack.F 20131213
ESET-NOD32 a variant of MSIL/GameHack.F 20140120
Malwarebytes Trojan.MSIL.INJ 20140120
McAfee Artemis!631BFBB5F7E5 20140120
McAfee-GW-Edition Artemis!631BFBB5F7E5 20140120
Sophos AV Mal/MsilInj-G 20140120
Ad-Aware 20140120
Yandex 20140119
AhnLab-V3 20140120
Antiy-AVL 20140120
Avast 20140120
AVG 20140120
BitDefender 20140120
Bkav 20140120
ByteHero 20140114
CAT-QuickHeal 20140120
ClamAV 20140120
CMC 20140115
Commtouch 20140120
Comodo 20140120
DrWeb 20140120
Emsisoft 20140120
F-Prot 20140120
F-Secure 20140120
Fortinet 20140120
GData 20140120
Ikarus 20140120
Jiangmin 20140120
K7AntiVirus 20140120
K7GW 20140120
Kaspersky 20140120
Kingsoft 20130829
Microsoft 20140120
eScan 20140120
NANO-Antivirus 20140120
Norman 20140120
nProtect 20140120
Panda 20140120
Rising 20140120
SUPERAntiSpyware 20140120
Symantec 20140120
TheHacker 20140120
TotalDefense 20140120
TrendMicro 20140120
TrendMicro-HouseCall 20140120
VBA32 20140120
VIPRE 20140120
ViRobot 20140120
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2012

Product ESP ?????????
Original name Trainer.exe
Internal name Trainer.exe
File version 1.0.0.0
Description ESP ?????????
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-01-20 19:21:35
Entry Point 0x00093F2E
Number of sections 3
.NET details
Module Version ID 7efa619f-172c-4a8a-a49e-dd90cfe6084a
TypeLib ID cad19f87-2333-4a75-85d3-f0eebcb9f930
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
2048

ImageVersion
0.0

ProductName
ESP

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
Trainer.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.0

TimeStamp
2014:01:20 20:21:35+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Trainer.exe

ProductVersion
1.0.0.0

FileDescription
ESP

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2012

MachineType
Intel 386 or later, and compatibles

CodeSize
598016

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x93f2e

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 631bfbb5f7e53dc183d17e1ea1115cdb
SHA1 49b00d0654c477088b4d75d947ccca8610c7d949
SHA256 18c7b4a8e22fa9ae35848ec20a4ea2d3a0f8b0a47a743928e1822b08bcd2dad2
ssdeep
12288:HL7xZI/bcbbYiov2F6n6ntQuGfObIRZ0BY+J/op:HDIbc62cwtiWbAoJU

authentihash fee90252069b8ac7d2e9d7b90ec8b1850158dc18889fbf97db32aa8a99628abe
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 586.5 KB ( 600576 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (33.8%)
Win32 EXE PECompact compressed (v2.x) (27.2%)
Win32 EXE PECompact compressed (generic) (19.1%)
Win64 Executable (generic) (12.7%)
Win32 Dynamic Link Library (generic) (3.0%)
Tags
peexe assembly

VirusTotal metadata
First submission 2014-01-20 16:36:04 UTC ( 4 anos, 3 meses atrás )
Last submission 2014-03-03 08:00:56 UTC ( 4 anos, 1 mês atrás )
Nomes do arquivo aCaJ.tar
Trainer.exe
bing.exe
aa
trainer_3_20.01.2014.exe
7yneT1bIA.dotx
trainer_3_.exe
Trainer_3.exe
Trainer by KopoJlb.exe
dEaJY3_ss.xlt
trainer_3.exe
18c7b4a8e22fa9ae35848ec20a4ea2d3a0f8b0a47a743928e1822b08bcd2dad2
Trainer_3_.exe
file-6498868_exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
dll-injection

Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!