× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 23a22c1358dbe34d3363c454cb2dc9f036015be2dd605d8906933b84145fe5b0
Имя файла: w3l.exe
Показатель выявления: 6 / 65
Дата анализа: 2017-09-22 10:29:48 UTC (3 недель, 5 дней назад) Показать последний анализ
Антивирус Результат Дата обновления
Avast Win32:Evo-gen [Susp] 20170922
AVG Win32:Evo-gen [Susp] 20170922
Cylance Unsafe 20170922
Endgame malicious (moderate confidence) 20170821
Qihoo-360 HEUR/QVM19.1.0386.Malware.Gen 20170922
Rising Malware.Heuristic!ET#91% (RDM+:cmRtazpbB99n3eT5MPvcSTNTvXNp) 20170922
Ad-Aware 20170922
AegisLab 20170922
AhnLab-V3 20170922
Alibaba 20170911
ALYac 20170922
Antiy-AVL 20170922
Arcabit 20170922
Avast-Mobile 20170922
Avira (no cloud) 20170922
AVware 20170922
Baidu 20170922
BitDefender 20170922
CAT-QuickHeal 20170922
ClamAV 20170922
CMC 20170920
Comodo 20170922
CrowdStrike Falcon (ML) 20170804
Cyren 20170922
DrWeb 20170922
Emsisoft 20170922
ESET-NOD32 20170922
F-Prot 20170922
F-Secure 20170922
Fortinet 20170922
GData 20170922
Ikarus 20170922
Sophos ML 20170914
Jiangmin 20170922
K7AntiVirus 20170922
K7GW 20170922
Kaspersky 20170921
Kingsoft 20170922
Malwarebytes 20170922
MAX 20170922
McAfee 20170922
McAfee-GW-Edition 20170922
Microsoft 20170922
eScan 20170922
NANO-Antivirus 20170922
nProtect 20170922
Palo Alto Networks (Known Signatures) 20170922
Panda 20170921
SentinelOne (Static ML) 20170806
Sophos AV 20170922
SUPERAntiSpyware 20170922
Symantec 20170922
Symantec Mobile Insight 20170922
Tencent 20170922
TheHacker 20170921
TotalDefense 20170922
TrendMicro 20170922
TrendMicro-HouseCall 20170922
Trustlook 20170922
VBA32 20170922
VIPRE 20170922
ViRobot 20170922
Webroot 20170922
WhiteArmor 20170829
Yandex 20170908
Zillya 20170922
ZoneAlarm by Check Point 20170922
Zoner 20170922
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c) 2008 Keres / Rupan / phatdeeva

Product w3l
Original name w3l.exe
Internal name w3l
File version 1.5.1.1
Description Warcraft 3 1.22a-1.28e+ loader for PvPGN
Comments Latest versions of this loader and other tools @ https://github.com/w3lh
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-09-22 10:26:50
Entry Point 0x00011032
Number of sections 6
PE sections
PE imports
CreateProcessW
HeapFree
ResumeThread
WriteProcessMemory
GetStartupInfoW
SetFilePointer
LoadLibraryW
CreateFileW
GetThreadContext
FreeLibrary
WriteFile
HeapAlloc
TerminateProcess
ReadProcessMemory
CloseHandle
ExitProcess
GetProcAddress
GetCommandLineW
VirtualProtectEx
GetProcessHeap
wsprintfA
MessageBoxA
wvsprintfA
Number of PE resources by type
RT_ICON 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
RUSSIAN 4
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

Comments
Latest versions of this loader and other tools @ https://github.com/w3lh

LinkerVersion
14.11

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.5.1.1

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Warcraft 3 1.22a-1.28e+ loader for PvPGN

CharacterSet
Windows, Latin1

InitializedDataSize
23552

EntryPoint
0x11032

OriginalFileName
w3l.exe

MIMEType
application/octet-stream

LegalCopyright
(c) 2008 Keres / Rupan / phatdeeva

FileVersion
1.5.1.1

TimeStamp
2017:09:22 11:26:50+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
w3l

ProductVersion
1.5.1.1

UninitializedDataSize
0

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
w3l

CodeSize
9216

ProductName
w3l

ProductVersionNumber
1.5.1.1

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 c33b3053a7d3d4c833a4297df6c236c3
SHA1 4c3a7c2de382c7c3a2ab6953693a5d9dcc6a86c5
SHA256 23a22c1358dbe34d3363c454cb2dc9f036015be2dd605d8906933b84145fe5b0
ssdeep
192:TNGPDco+YzLfTfCKlv7ShFM3ycMDc5Dnfz/mBalMF6g/Ikhxib/NWJFNkDg0q7Xv:QbcT2LCKp95kc5DTCiUJFNheddT/eEq

authentihash 21dd416039cdbcc3a9849fdfb930f91b573b60fd763c5763dc6b90ae730623ea
imphash 0377f0fec48e4b19dbc8adcf4f937fee
Размер файла 33.0 KБ ( 33792 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe

VirusTotal metadata
First submission 2017-09-22 10:29:48 UTC (3 недель, 5 дней назад)
Last submission 2017-10-10 20:50:28 UTC (1 неделя назад)
Имена файлов w3l.exe
w3l
w3l.exe
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files
Created processes
Runtime DLLs
UDP communications