× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 366b78a5199f010604014326d4fed0d2225cc3590b9aab9caae4281b28bbedfc
Имя файла: bvsGenerator.exe
Показатель выявления: 2 / 57
Дата анализа: 2015-02-23 20:18:37 UTC (3 лет, 5 месяцев назад) Показать последний анализ
Антивирус Результат Дата обновления
Ikarus Trojan.Win32.Koblu 20150223
Symantec WS.Reputation.1 20150223
Ad-Aware 20150223
AegisLab 20150223
Yandex 20150223
AhnLab-V3 20150223
Alibaba 20150223
ALYac 20150223
Antiy-AVL 20150223
Avast 20150223
AVG 20150223
Avira (no cloud) 20150223
AVware 20150223
Baidu-International 20150223
BitDefender 20150223
Bkav 20150213
ByteHero 20150223
CAT-QuickHeal 20150223
ClamAV 20150223
CMC 20150223
Comodo 20150223
Cyren 20150223
DrWeb 20150223
Emsisoft 20150223
ESET-NOD32 20150223
F-Prot 20150223
F-Secure 20150223
Fortinet 20150223
GData 20150223
Jiangmin 20150223
K7AntiVirus 20150223
K7GW 20150223
Kaspersky 20150223
Kingsoft 20150223
Malwarebytes 20150223
McAfee 20150223
McAfee-GW-Edition 20150223
Microsoft 20150223
eScan 20150223
NANO-Antivirus 20150223
Norman 20150223
nProtect 20150223
Panda 20150223
Qihoo-360 20150223
Rising 20150223
Sophos AV 20150223
SUPERAntiSpyware 20150222
Tencent 20150223
TheHacker 20150222
TotalDefense 20150223
TrendMicro 20150223
TrendMicro-HouseCall 20150223
VBA32 20150220
VIPRE 20150223
ViRobot 20150223
Zillya 20150223
Zoner 20150223
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
©2011, Cepreu4

Product bvsGenerator
Original name bvsGenerator.exe
Internal name Generator
File version 0.1.5.17
Description MultiPurpose Word & Number Generator
Comments Free for non-commercial personal use
Packers identified
PEiD BobSoft Mini Delphi -> BoB / BobSoft
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x000068A4
Number of sections 8
PE sections
PE imports
PropertySheetA
ImageList_Destroy
ImageList_AddMasked
ImageList_Draw
ImageList_Create
ImageList_Remove
ImageList_ReplaceIcon
GetOpenFileNameA
GetSaveFileNameA
GetObjectA
GetDeviceCaps
LineTo
CreateEllipticRgn
SetBkMode
MoveToEx
CreatePen
GetStockObject
CreateFontIndirectA
CreateSolidBrush
SelectObject
DeleteObject
SetTextColor
GetSystemTime
GetLastError
HeapFree
GetStdHandle
GetFileAttributesA
FreeLibrary
ExitProcess
GetModuleFileNameA
RtlUnwind
LoadLibraryA
GetTickCount
GetFileSize
GetProcessHeap
SetFilePointer
RaiseException
GetModuleHandleA
ReadFile
WriteFile
CloseHandle
HeapReAlloc
GetFullPathNameA
VirtualFree
TlsGetValue
GetFileType
SetEndOfFile
TlsSetValue
CreateFileA
HeapAlloc
GetCurrentThreadId
VirtualAlloc
LocalAlloc
SysReAllocStringLen
SysFreeString
DragAcceptFiles
DragFinish
ShellExecuteA
DragQueryFileA
SetFocus
RedrawWindow
SetWindowRgn
EndDialog
CheckRadioButton
ShowWindow
MessageBeep
LoadBitmapA
SetWindowPos
GetParent
SendDlgItemMessageA
GetSystemMetrics
GetWindowRect
EnableWindow
SetDlgItemTextA
PostMessageA
MoveWindow
GetDlgItemTextA
SetWindowLongA
DialogBoxParamA
GetDlgItemInt
GetDC
ReleaseDC
GetDlgCtrlID
SetWindowTextA
SendMessageA
GetClientRect
GetDlgItem
ScreenToClient
GetWindowLongA
GetWindowTextLengthA
CreateWindowExA
LoadCursorA
LoadIconA
IsDlgButtonChecked
GetDesktopWindow
CallWindowProcA
GetWindowTextA
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Number of PE resources by type
RT_DIALOG 4
RT_RCDATA 2
RT_ICON 2
RT_BITMAP 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 10
RUSSIAN 3
PE resources
ExifTool file metadata
Web
http://vizbe.net

LegalTrademarks
bvs, Victor S. Belyaev, Tor Bel, Cepreu4

SubsystemVersion
4.0

Comments
Free for non-commercial personal use

LinkerVersion
2.25

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.1.5.17

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
MultiPurpose Word & Number Generator

CharacterSet
Windows, Latin1

InitializedDataSize
13824

EntryPoint
0x68a4

OriginalFileName
bvsGenerator.exe

MIMEType
application/octet-stream

LegalCopyright
2011, Cepreu4

FileVersion
0.1.5.17

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Generator

ProductVersion
0.15

UninitializedDataSize
0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Cepreu4 aka Tor Bel aka Victor S. Belyaev

CodeSize
23040

ProductName
bvsGenerator

ProductVersionNumber
0.1.5.17

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 18eaf73923dbea6e6f745d8e3f4416b1
SHA1 a2931d25dcd83c44b8814507c75bd46a0d9c06f9
SHA256 366b78a5199f010604014326d4fed0d2225cc3590b9aab9caae4281b28bbedfc
ssdeep
768:woMAY+Kr4a8DBI3dNA8vGaZxSQ1ZxNpIzadOgx7rQ:wx4aTI8uaCIxHdjr

authentihash cb42f04a513ade4a6e57942db9314e679215888f8764110a14a10586fb13082d
imphash 0f31008f28b17a04713bcf1e21ac5a7e
Размер файла 37.0 KБ ( 37888 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Windows screen saver (40.5%)
Win32 Dynamic Link Library (generic) (20.3%)
Win32 Executable (generic) (13.9%)
Win16/32 Executable Delphi generic (6.4%)
OS/2 Executable (generic) (6.2%)
Tags
bobsoft peexe

VirusTotal metadata
First submission 2012-05-16 11:33:11 UTC (6 лет, 3 месяцев назад)
Last submission 2018-05-18 21:57:08 UTC (2 месяцев, 4 недель назад)
Имена файлов bvsGenerator.exe
bvsGenerator.exe
Generator
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspicious_GEN.F47V0105.

Symantec reputation Suspicious.Insight
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs