× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 03572a7ce42e2c8f9fbe57d207c753b2a59c61fdbd599d33154daebd9e10bcfd
Имя файла: GameNet.exe
Показатель выявления: 6 / 61
Дата анализа: 2017-03-15 18:10:28 UTC (1 год, 8 месяцев назад) Показать последний анализ
Антивирус Результат Дата обновления
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170130
Sophos ML pws.win32.magovel.a 20170203
Qihoo-360 HEUR/QVM19.1.0000.Malware.Gen 20170315
SentinelOne (Static ML) static engine - malicious 20170315
Symantec ML.Attribute.HighConfidence 20170315
Webroot Malicious 20170315
Ad-Aware 20170315
AegisLab 20170315
AhnLab-V3 20170315
Alibaba 20170228
ALYac 20170315
Antiy-AVL 20170315
Arcabit 20170315
Avast 20170315
AVG 20170315
Avira (no cloud) 20170315
AVware 20170315
Baidu 20170315
BitDefender 20170315
Bkav 20170315
CAT-QuickHeal 20170315
ClamAV 20170315
CMC 20170315
Comodo 20170315
Cyren 20170315
DrWeb 20170315
Emsisoft 20170315
Endgame 20170222
ESET-NOD32 20170315
F-Prot 20170315
F-Secure 20170315
Fortinet 20170315
GData 20170315
Ikarus 20170315
Jiangmin 20170315
K7AntiVirus 20170315
K7GW 20170315
Kaspersky 20170315
Kingsoft 20170315
Malwarebytes 20170315
McAfee 20170315
McAfee-GW-Edition 20170315
Microsoft 20170315
eScan 20170315
NANO-Antivirus 20170315
nProtect 20170315
Palo Alto Networks (Known Signatures) 20170315
Panda 20170315
Rising 20170315
Sophos AV 20170315
SUPERAntiSpyware 20170315
Tencent 20170315
TheHacker 20170315
TrendMicro 20170315
TrendMicro-HouseCall 20170315
Trustlook 20170315
VBA32 20170315
VIPRE 20170315
ViRobot 20170315
WhiteArmor 20170315
Yandex 20170315
Zillya 20170314
ZoneAlarm by Check Point 20170315
Zoner 20170315
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2017

Product StarJIeuSoft
Original name GameNet.exe
Internal name GameNet.exe
File version 1.0.0.0
Description StarJIeuSoft
Packers identified
F-PROT embedded
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-03-15 16:39:47
Entry Point 0x0004000A
Number of sections 7
PE sections
PE imports
SHGetFolderPathW
SHGetFolderPathA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
GetStdHandle
FileTimeToDosDateTime
GetFileAttributesA
WaitForSingleObject
FindFirstFileW
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
LocalAlloc
GetThreadContext
GetLocaleInfoW
GetFullPathNameA
GetTempPathA
WideCharToMultiByte
WriteFile
GetDiskFreeSpaceA
SetFileAttributesA
SetEvent
LocalFree
InitializeCriticalSection
LoadResource
GetStringTypeExW
GetLogicalDriveStringsW
FindClose
TlsGetValue
QueryDosDeviceW
FormatMessageA
SetFileAttributesW
GetStringTypeExA
SetLastError
WriteProcessMemory
RemoveDirectoryW
ExitProcess
GetModuleFileNameA
EnumCalendarInfoA
LoadLibraryExA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
FlushInstructionCache
GetModuleHandleA
GetFullPathNameW
GetSystemDirectoryW
GetSystemDirectoryA
SetThreadContext
SetCurrentDirectoryW
VirtualQuery
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
SetCurrentDirectoryA
CloseHandle
EnterCriticalSection
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
ExitThread
GetStartupInfoA
GetDateFormatA
GetWindowsDirectoryW
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
ReadProcessMemory
GetCPInfo
DeleteFileW
GetProcAddress
VirtualProtectEx
GetTempFileNameW
CompareStringW
GetModuleFileNameW
FindFirstFileA
CreateDirectoryW
ResetEvent
GetTempFileNameA
FindNextFileA
CreateFileW
CreateEventA
TlsSetValue
CreateFileA
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
VirtualAllocEx
lstrlenA
FindResourceW
GetThreadLocale
RemoveDirectoryA
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
SetFileTime
GetCurrentDirectoryA
GetCommandLineA
RaiseException
TlsFree
SetFilePointer
ReadFile
FindNextFileW
lstrcpynA
GetACP
GetVersion
FreeResource
IsBadStringPtrW
GetTempPathW
PostQueuedCompletionStatus
VirtualFree
Sleep
IsBadReadPtr
VirtualAlloc
CompareStringA
ZwProtectVirtualMemory
RtlInitUnicodeString
RtlAnsiStringToUnicodeString
RtlFormatCurrentUserKeyPath
RtlInitAnsiString
LdrGetProcedureAddress
LdrLoadDll
RtlFreeUnicodeString
RtlDosPathNameToNtPathName_U
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
VariantChangeType
SafeArrayGetLBound
SafeArrayPtrOfIndex
SysAllocStringLen
VariantClear
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
GetErrorInfo
SysFreeString
VariantInit
PathMatchSpecW
CharLowerBuffW
GetSystemMetrics
LoadStringA
CharLowerA
CharNextA
CharUpperW
MessageBoxA
CharLowerW
CharUpperBuffW
CharUpperA
GetKeyboardType
CharToOemA
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 4
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
StarJIeuSoft

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
189440

EntryPoint
0x4000a

OriginalFileName
GameNet.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2017

FileVersion
1.0.0.0

TimeStamp
2017:03:15 17:39:47+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
GameNet.exe

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
41984

ProductName
StarJIeuSoft

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

Compressed bundles
File identification
MD5 9e61caafc41d3517d07b4bcaa029a0f9
SHA1 e0bde640e0a5e5b2a88132cd43b059d036023e82
SHA256 03572a7ce42e2c8f9fbe57d207c753b2a59c61fdbd599d33154daebd9e10bcfd
ssdeep
49152:GBPcWAThGzaxEQbxD1jc6sIP0XKmEumRP2y3bdGzsWc0gIFCN:GBPATcspIFC

authentihash c877c992e3158a20214441b03fbb213e77b42a83af52c8004e1aa526d3aca707
imphash 25c0914e1e7dc7c3bb957d88e787a155
Размер файла 1.8 MБ ( 1870848 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 EXE PECompact compressed (generic) (32.5%)
Win32 Executable MS Visual C++ (generic) (24.4%)
Win64 Executable (generic) (21.6%)
DOS Borland compiled Executable (generic) (7.8%)
Win32 Dynamic Link Library (generic) (5.1%)
Tags
peexe

VirusTotal metadata
First submission 2017-03-15 18:10:28 UTC (1 год, 8 месяцев назад)
Last submission 2018-08-22 19:25:36 UTC (2 месяцев, 3 недель назад)
Имена файлов 03572a7ce42e2c8f9fbe57d207c753b2a59c61fdbd599d33154daebd9e10bcfd.exe
GameNet.exe
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Runtime DLLs
UDP communications