× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: ff282e46b9c1e08079c981bc1f8314f835f04422ee71d38bb7b2c7c0fbb04790
Nome do arquivo: phoenix_2006-2008_fixer.exe
Taxa de detecção: 5 / 41
Data da análise: 2009-09-06 16:48:38 UTC ( 8 anos, 1 mês atrás ) Visualizar últimos
Antivírus Resultado Atualização
eSafe Win32.Banker 20090906
McAfee+Artemis Artemis!C48F312E2350 20090905
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Spyware.I 20090906
NOD32 probably a variant of Win32/HackTool.Patcher.A 20090906
Prevx High Risk Worm 20090906
a-squared 20090906
AhnLab-V3 20090905
AntiVir 20090906
Antiy-AVL 20090904
Authentium 20090905
Avast 20090905
AVG 20090906
BitDefender 20090906
CAT-QuickHeal 20090905
ClamAV 20090906
Comodo 20090906
DrWeb 20090906
eTrust-Vet 20090904
F-Prot 20090905
F-Secure 20090906
Fortinet 20090906
GData 20090906
Ikarus 20090906
Jiangmin 20090906
K7AntiVirus 20090905
Kaspersky 20090906
McAfee 20090905
Microsoft 20090906
Norman 20090904
nProtect 20090906
Panda 20090906
PCTools 20090906
Rising 20090901
Sophos AV 20090906
Sunbelt 20090906
Symantec 20090906
TheHacker 20090904
TrendMicro 20090905
VBA32 20090905
ViRobot 20090904
VirusBuster 20090906
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2008-09-27 14:36:18
Entry Point 0x0000311E
Number of sections 4
PE sections
PE imports
RegQueryValueExA
RegOpenKeyA
RegCloseKey
RegCreateKeyExA
InitCommonControls
GetOpenFileNameA
GetSaveFileNameA
GetObjectA
SetPixel
SelectObject
RoundRect
RemoveFontResourceA
AddFontResourceA
SetBkMode
GetStockObject
TextOutA
CreateFontIndirectA
CreateSolidBrush
GetTextExtentPointA
ExtCreateRegion
BitBlt
SetBkColor
CreateCompatibleDC
GetPixel
CreateCompatibleBitmap
SetTextColor
UnmapViewOfFile
lstrlenA
lstrcmpiA
WaitForSingleObject
FreeLibrary
CopyFileA
ExitProcess
GlobalUnlock
FlushFileBuffers
GetModuleFileNameA
LoadLibraryA
SizeofResource
RtlZeroMemory
GetFileSize
lstrcatA
CreateDirectoryA
DeleteFileA
GetCurrentDirectoryA
MapViewOfFile
GetCommandLineA
GlobalLock
SetFilePointer
GetTempPathA
CreateThread
GetFileAttributesA
GetModuleHandleA
lstrcmpA
lstrcpyA
CompareStringA
CreateFileMappingA
ExpandEnvironmentStringsA
SetEnvironmentVariableA
SetFileAttributesA
MoveFileA
CreateProcessA
GetProcAddress
LoadResource
WriteFile
GlobalAlloc
VirtualFree
RtlMoveMemory
Sleep
SetEndOfFile
CreateFileA
FindResourceA
VirtualAlloc
SetCurrentDirectoryA
CloseHandle
ShellExecuteA
SetFocus
RedrawWindow
SetWindowRgn
UpdateWindow
IntersectRect
EndDialog
OffsetRect
MoveWindow
GetCapture
DefWindowProcA
ShowWindow
SetClassLongA
LoadBitmapA
SetWindowPos
GetParent
GetSystemMetrics
AppendMenuA
GetWindowRect
EnableWindow
SetDlgItemTextA
SetCapture
ReleaseCapture
GetDlgItemTextA
CreatePopupMenu
MessageBoxA
SetWindowLongA
DialogBoxParamA
CheckDlgButton
GetDC
RegisterClassExA
GetCursorPos
DrawTextA
GetDlgCtrlID
SetWindowTextA
LoadStringA
SetClipboardData
SendMessageA
GetClientRect
CreateWindowExA
GetDlgItem
InvalidateRect
GetWindowLongA
OpenClipboard
LoadCursorA
LoadIconA
TrackPopupMenu
GetActiveWindow
IsDlgButtonChecked
CallWindowProcA
EmptyClipboard
CloseClipboard
GetKeyState
PtInRect
Number of PE resources by type
RT_RCDATA 43
RT_ICON 4
RT_DIALOG 3
RT_STRING 3
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 54
ENGLISH UK 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2008:09:27 15:36:18+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
15872

LinkerVersion
5.12

FileTypeExtension
exe

InitializedDataSize
417792

SubsystemVersion
4.0

EntryPoint
0x311e

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

Execution parents
File identification
MD5 c48f312e23500a0059e5dcd2542d683a
SHA1 2cfa429cebd2ee86cda82277a67a8a1424636232
SHA256 ff282e46b9c1e08079c981bc1f8314f835f04422ee71d38bb7b2c7c0fbb04790
ssdeep
12288:89pUJqRlN7Bk/7qOVfWDPLZu566uZClbPK1Uq:n8RPGBs9uhuZePK7

authentihash 52e549d2084cb3cfd0223d4854980f274a07f840957b391060ae7ed82396a10a
imphash 3424ca02d6a6e0a2787a25eea391c4a8
File size 424.5 KB ( 434688 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (48.1%)
Win32 Executable MS Visual C++ (generic) (34.9%)
Win32 Dynamic Link Library (generic) (7.3%)
Win32 Executable (generic) (5.0%)
Generic Win/DOS Executable (2.2%)
Tags
peexe

VirusTotal metadata
First submission 2008-12-04 13:03:33 UTC ( 8 anos, 10 meses atrás )
Last submission 2015-01-19 18:42:44 UTC ( 2 anos, 9 meses atrás )
Nomes do arquivo fixer.exe
phoenix 2006-2008 fixer.exe
fixer.exe
fixer.exe
fixer.exe
fixer.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!