× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: 5c599f46cd5e622e472eb9b2ba07557648882358f3cf8e5bd7efe913e521f1ae
Nome do arquivo: Rato Agil Fraco.EXE
Taxa de detecção: 7 / 56
Data da análise: 2015-01-05 16:53:49 UTC ( 4 anos, 1 mês atrás ) Visualizar últimos
Antivírus Resultado Atualização
Yandex HackTool.CheatEngine!h2lP7QG9eRI 20150104
Antiy-AVL Trojan/Win32.Tgenic 20150105
Avast Win32:Malware-gen 20150105
ESET-NOD32 a variant of Win32/HackTool.CheatEngine.AF 20150105
F-Prot W32/CheatEngine.B!Eldorado 20150105
Jiangmin TrojanDropper.Injector.bhlg 20150104
Malwarebytes Hacktool.CheatEngine 20150105
Ad-Aware 20150105
AegisLab 20150105
AhnLab-V3 20150105
ALYac 20150105
AVG 20150105
Avira (no cloud) 20150105
AVware 20150105
Baidu-International 20150105
BitDefender 20150105
Bkav 20150105
ByteHero 20150105
CAT-QuickHeal 20150105
ClamAV 20150105
CMC 20150104
Comodo 20150105
Cyren 20150105
DrWeb 20150105
Emsisoft 20150105
F-Secure 20150105
Fortinet 20150104
GData 20150105
Ikarus 20150105
K7AntiVirus 20150105
K7GW 20150105
Kaspersky 20150105
Kingsoft 20150105
McAfee 20150105
McAfee-GW-Edition 20150105
Microsoft 20150105
eScan 20150105
NANO-Antivirus 20150105
Norman 20150105
nProtect 20150105
Panda 20150105
Qihoo-360 20150105
Rising 20141231
Sophos AV 20150105
SUPERAntiSpyware 20150105
Symantec 20150105
Tencent 20150105
TheHacker 20150103
TotalDefense 20150105
TrendMicro 20150105
TrendMicro-HouseCall 20150105
VBA32 20150105
VIPRE 20150105
ViRobot 20150105
Zillya 20150104
Zoner 20141228
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-06-28 14:45:44
Entry Point 0x000015EB
Number of sections 5
PE sections
PE imports
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
SetStdHandle
SetHandleCount
LoadLibraryA
WaitForSingleObject
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
RemoveDirectoryA
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
SizeofResource
GetConsoleMode
GetLocaleInfoA
GetCurrentProcessId
GetConsoleOutputCP
WriteConsoleW
CreateDirectoryA
DeleteFileA
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetStringTypeA
GetConsoleCP
LeaveCriticalSection
LCMapStringW
SetFilePointer
GetTempPathA
WideCharToMultiByte
TlsFree
GetModuleHandleA
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
CloseHandle
GetTempFileNameA
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
HeapAlloc
TerminateProcess
GetEnvironmentStrings
CreateProcessA
LCMapStringA
WriteConsoleA
IsValidCodePage
LoadResource
VirtualFree
TlsGetValue
Sleep
GetFileType
TlsSetValue
CreateFileA
GetTickCount
GetCurrentThreadId
FindResourceA
VirtualAlloc
HeapCreate
SetLastError
InterlockedIncrement
PathRemoveFileSpecA
PathAddBackslashA
PathStripPathA
MessageBoxA
Number of PE resources by type
RT_RCDATA 2
RT_ICON 1
RT_GROUP_ICON 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 3
NEUTRAL 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

SubsystemVersion
5.0

MachineType
Intel 386 or later, and compatibles

TimeStamp
2013:06:28 15:45:44+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
36352

LinkerVersion
9.0

FileTypeExtension
exe

InitializedDataSize
4094976

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x15eb

OSVersion
5.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 db690dc0f938fb416572adcfd133d7fd
SHA1 4918327dc3fa8854007e152ec6aa88bd938ac9a1
SHA256 5c599f46cd5e622e472eb9b2ba07557648882358f3cf8e5bd7efe913e521f1ae
ssdeep
98304:0veHFsHktp0BrXmX6R4fm3IpxonAZ7yqE3b3H7t73nmbpP:m0FsEtp2Xmqqfm3Ipxon27RETHh2l

authentihash 7a69be592e784f0fa7d8c3a68caee61120b32fceb1b3aee2c658e6b230bc6d93
imphash 8d92fa1956a6a631c642190121740197
File size 3.9 MB ( 4132352 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (64.5%)
Win32 Dynamic Link Library (generic) (13.6%)
Win32 Executable (generic) (9.3%)
OS/2 Executable (generic) (4.1%)
Generic Win/DOS Executable (4.1%)
Tags
peexe

VirusTotal metadata
First submission 2015-01-05 16:53:49 UTC ( 4 anos, 1 mês atrás )
Last submission 2015-01-05 20:06:32 UTC ( 4 anos, 1 mês atrás )
Nomes do arquivo Rato Agil Fraco.EXE
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files
Deleted files
Created processes
Runtime DLLs