× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: e40a32e6781af530eb6a544b185156d1a25384a78b7771bca52f05744af811f1
Nome do arquivo: 0034095.scr
Taxa de detecção: 0 / 56
Data da análise: 2015-08-20 11:56:24 UTC ( 3 anos, 9 meses atrás ) Visualizar últimos
Antivírus Resultado Atualização
Ad-Aware 20150820
AegisLab 20150820
Yandex 20150819
AhnLab-V3 20150820
Alibaba 20150820
ALYac 20150820
Antiy-AVL 20150820
Arcabit 20150820
Avast 20150820
AVG 20150820
Avira (no cloud) 20150820
AVware 20150820
Baidu-International 20150820
BitDefender 20150820
Bkav 20150820
ByteHero 20150820
CAT-QuickHeal 20150819
ClamAV 20150820
CMC 20150819
Comodo 20150820
Cyren 20150820
DrWeb 20150820
Emsisoft 20150820
ESET-NOD32 20150820
F-Prot 20150820
F-Secure 20150820
Fortinet 20150820
GData 20150820
Ikarus 20150820
Jiangmin 20150819
K7AntiVirus 20150820
K7GW 20150820
Kaspersky 20150820
Kingsoft 20150820
Malwarebytes 20150820
McAfee 20150820
McAfee-GW-Edition 20150820
Microsoft 20150820
eScan 20150820
NANO-Antivirus 20150820
nProtect 20150820
Panda 20150820
Qihoo-360 20150820
Rising 20150817
Sophos AV 20150820
SUPERAntiSpyware 20150820
Symantec 20150819
Tencent 20150820
TheHacker 20150820
TrendMicro 20150820
TrendMicro-HouseCall 20150820
VBA32 20150820
VIPRE 20150820
ViRobot 20150820
Zillya 20150820
Zoner 20150820
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-06-05 22:05:28
Entry Point 0x00003000
Number of sections 5
PE sections
PE imports
GetModuleHandleA
ExitProcess
GetCommandLineW
DragAcceptFiles
DragQueryFileW
DragFinish
ShellAboutW
GetMessageA
CreateWindowExA
LoadIconA
DispatchMessageA
TranslateMessage
DefWindowProcA
RegisterClassExA
ChooseFontW
PageSetupDlgW
FindTextW
GetSaveFileNameW
CommDlgExtendedError
Number of PE resources by type
RT_BITMAP 1
RT_MENU 1
RT_MANIFEST 1
RT_GROUP_ICON 1
RT_ICON 1
Number of PE resources by language
NEUTRAL 4
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2009:06:05 23:05:28+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
7168

LinkerVersion
1.71

EntryPoint
0x3000

InitializedDataSize
18432

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
1.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 0fa4329816dc54b21f8542f2b84abcd4
SHA1 cb6945a81b9f19a384eb68d8aafcdcedd2dfb0b3
SHA256 e40a32e6781af530eb6a544b185156d1a25384a78b7771bca52f05744af811f1
ssdeep
384:KrA0wuC21D1hdCp2yxE6rfjg/sXkSk/VWX26z3Wf/P8fvP0nk:KrA0wuxDwTrfjfX3ktWm6LO/PqvN

authentihash 990edea8cae29c7bd8b17d993c7183ef71ba77625ee04f829a11cecdd9f383bf
imphash 64e4956b65f68eeee6c31364abcd60ab
File size 26.0 KB ( 26624 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (53.8%)
Windows screen saver (25.5%)
Win32 Executable (generic) (8.7%)
Win16/32 Executable Delphi generic (4.0%)
Generic Win/DOS Executable (3.8%)
Tags
peexe

VirusTotal metadata
First submission 2015-08-20 11:12:03 UTC ( 3 anos, 9 meses atrás )
Last submission 2015-11-19 10:46:04 UTC ( 3 anos, 6 meses atrás )
Nomes do arquivo 0034095.scr
0fa4329816dc54b21f8542f2b84abcd4
0034095.scr
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.F0E9H0ZHK15.

Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!