× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: 3883a18741f271c2a0fe38c28470d76f77ae3c77d2a673616f449a2ebe0c9d9d
Nome do arquivo: Setup.CE.v6.3_32Bit.(x86).exe
Taxa de detecção: 2 / 56
Data da análise: 2016-10-19 01:51:38 UTC ( 2 anos, 1 mês atrás ) Visualizar últimos
Antivírus Resultado Atualização
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9514 20161018
ESET-NOD32 a variant of Win32/HackTool.CheatEngine.AB potentially unsafe 20161019
Ad-Aware 20161019
AegisLab 20161018
AhnLab-V3 20161018
Alibaba 20161018
ALYac 20161019
Antiy-AVL 20161019
Arcabit 20161019
Avast 20161019
AVG 20161018
Avira (no cloud) 20161018
AVware 20161019
BitDefender 20161019
Bkav 20161019
CAT-QuickHeal 20161018
ClamAV 20161018
CMC 20161018
Comodo 20161019
CrowdStrike Falcon (ML) 20160725
Cyren 20161019
DrWeb 20161019
Emsisoft 20161019
F-Prot 20161019
F-Secure 20161018
Fortinet 20161019
GData 20161018
Ikarus 20161018
Sophos ML 20161018
Jiangmin 20161018
K7AntiVirus 20161018
K7GW 20161018
Kaspersky 20161018
Kingsoft 20161019
Malwarebytes 20161019
McAfee 20161019
McAfee-GW-Edition 20161018
Microsoft 20161019
eScan 20161019
NANO-Antivirus 20161019
nProtect 20161018
Panda 20161018
Qihoo-360 20161019
Rising 20161018
Sophos AV 20161019
SUPERAntiSpyware 20161019
Symantec 20161019
Tencent 20161019
TheHacker 20161018
TrendMicro 20161019
TrendMicro-HouseCall 20161019
VBA32 20161018
VIPRE 20161019
ViRobot 20161018
Yandex 20161018
Zillya 20161018
Zoner 20161018
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Setup Engine Copyright © 2011-2016 Cheat Engine Brasil, Inc

Product Cheat Engine Brasil Setup
Original name suf_launch.exe
Internal name sf_rt
File version 6.3.0.3328
Description Setup Aplicação
Comments Criado por Cheat Engine Brasil. Visite Nosso Site!
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-08-27 19:10:44
Entry Point 0x000029E1
Number of sections 5
PE sections
Overlays
MD5 366a71a63d144d7cc12d1d16e5d72a8c
File type data
Offset 433152
Size 11499355
Entropy 7.99
PE imports
GetTokenInformation
OpenProcessToken
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
lstrlenA
GetFileAttributesA
GetExitCodeProcess
QueryPerformanceCounter
HeapReAlloc
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
GetTempPathA
RemoveDirectoryA
RtlUnwind
LoadLibraryA
HeapSetInformation
GetCurrentProcess
_lwrite
GetFileType
GetStringTypeW
InterlockedIncrement
lstrcatA
CreateDirectoryA
DeleteFileA
GetCurrentDirectoryA
UnhandledExceptionFilter
InterlockedDecrement
_llseek
HeapSize
FreeEnvironmentStringsW
GetCPInfo
MultiByteToWideChar
GetProcAddress
_lread
EncodePointer
GetStartupInfoW
GetModuleFileNameW
_lclose
WideCharToMultiByte
LoadLibraryW
TlsFree
_lcreat
GetSystemTimeAsFileTime
DeleteCriticalSection
GetCurrentProcessId
SetUnhandledExceptionFilter
lstrcpyA
_lopen
DecodePointer
CloseHandle
IsProcessorFeaturePresent
GetCommandLineA
GetACP
GetDiskFreeSpaceA
MoveFileExA
GetModuleHandleW
FreeLibrary
LocalFree
TerminateProcess
GetModuleFileNameA
IsValidCodePage
HeapCreate
WriteFile
TlsGetValue
Sleep
SetLastError
GetTickCount
TlsSetValue
HeapAlloc
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
GetOEMCP
CompareStringA
ShellExecuteExA
wsprintfA
LoadCursorA
DispatchMessageA
MessageBoxA
PeekMessageA
MsgWaitForMultipleObjects
TranslateMessage
SetCursor
Number of PE resources by type
RT_ICON 9
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
PE resources
ExifTool file metadata
SpecialBuild
Contruido por Cheat Engine Brasil

LegalTrademarks
www.cheatengine.com.br

SubsystemVersion
5.1

Comments
Criado por Cheat Engine Brasil. Visite Nosso Site!

InitializedDataSize
409600

ImageVersion
0.0

ProductName
Cheat Engine Brasil Setup

FileVersionNumber
6.3.0.3328

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
ASCII

LinkerVersion
10.0

PrivateBuild
Contruido por Cheat Engine Brasil

FileTypeExtension
exe

OriginalFileName
suf_launch.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6.3.0.3328

TimeStamp
2013:08:27 20:10:44+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
sf_rt

ProductVersion
6.3.0.3328

FileDescription
Setup Aplica o

OSVersion
5.1

FileOS
Win32

LegalCopyright
Setup Engine Copyright 2011-2016 Cheat Engine Brasil, Inc

MachineType
Intel 386 or later, and compatibles

CompanyName
Cheat Engine Brasil, Inc

CodeSize
22528

FileSubtype
0

ProductVersionNumber
6.3.0.3328

EntryPoint
0x29e1

ObjectFileType
Executable application

File identification
MD5 d0e7bdc13450eb12228117a449145d8c
SHA1 1d1c261702ba17770500e7d80fa0f8a06f72e7a8
SHA256 3883a18741f271c2a0fe38c28470d76f77ae3c77d2a673616f449a2ebe0c9d9d
ssdeep
196608:E4aOFqYJazUiYlWAFz6uGXGzj3JiHo1YUmoupz0n4wJHs6auHb3ceOJKUy1bPZu3:IOFqzzOYVu3diDPz0ZJx7b3ceOIdT4Sq

authentihash 485f18776b18c48823310dce9585f881a4425c7c720454360ec6ab3c33be7e34
imphash 1ff847646487d56f85778df99ff3728a
File size 11.4 MB ( 11932507 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.6%)
Win32 EXE Yoda's Crypter (35.4%)
Win32 Dynamic Link Library (generic) (8.7%)
Win32 Executable (generic) (6.0%)
OS/2 Executable (generic) (2.7%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-10-19 01:51:38 UTC ( 2 anos, 1 mês atrás )
Last submission 2018-09-29 17:29:15 UTC ( 2 meses, 1 semana atrás )
Nomes do arquivo suf_launch.exe
Setup.CE.v6.3_32Bit.(x86).exe
sf_rt
Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Shell commands
Runtime DLLs
DNS requests
UDP communications