× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 4933a1d7456120479604e68d215f3b20db0779319937101f035c8dca70faad9d
Имя файла: TeamViewer 10.0.41459 MultiLang ReID & TVManager Portable Free.exe
Показатель выявления: 3 / 56
Дата анализа: 2015-05-02 11:38:09 UTC (3 лет, 5 месяцев назад) Показать последний анализ
Антивирус Результат Дата обновления
Jiangmin AdWare.Win32.Agent.ahdb 20150430
Qihoo-360 HEUR/QVM18.1.Malware.Gen 20150502
VBA32 TrojanPSW.Ruftar 20150501
Ad-Aware 20150502
AegisLab 20150502
Yandex 20150501
AhnLab-V3 20150501
Alibaba 20150502
ALYac 20150502
Antiy-AVL 20150502
Avast 20150502
AVG 20150502
Avira (no cloud) 20150501
AVware 20150502
Baidu-International 20150502
BitDefender 20150502
Bkav 20150425
ByteHero 20150502
CAT-QuickHeal 20150502
ClamAV 20150502
CMC 20150501
Comodo 20150502
Cyren 20150502
DrWeb 20150502
Emsisoft 20150502
ESET-NOD32 20150502
F-Prot 20150502
F-Secure 20150502
Fortinet 20150502
GData 20150502
Ikarus 20150502
K7AntiVirus 20150502
K7GW 20150502
Kaspersky 20150502
Kingsoft 20150502
McAfee 20150502
McAfee-GW-Edition 20150501
Microsoft 20150502
eScan 20150502
NANO-Antivirus 20150502
Norman 20150502
nProtect 20150430
Panda 20150502
Rising 20150502
Sophos AV 20150502
SUPERAntiSpyware 20150502
Symantec 20150502
Tencent 20150502
TheHacker 20150501
TotalDefense 20150430
TrendMicro 20150502
TrendMicro-HouseCall 20150502
VIPRE 20150502
ViRobot 20150502
Zillya 20150501
Zoner 20150430
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
File version 2.8.1.8782
Packers identified
F-PROT AutoIt, UPX_LZMA, 7Z, Unicode, UTF-8
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-05-24 10:39:21
Entry Point 0x00032E49
Number of sections 4
PE sections
Overlays
MD5 32fa72eac4d3c0ae6f2fda07df604346
File type data
Offset 470016
Size 12444273
Entropy 8.00
PE imports
InitCommonControlsEx
CreateSolidBrush
DeleteObject
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
WaitForSingleObject
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
SetStdHandle
WideCharToMultiByte
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
FormatMessageW
ResumeThread
InitializeCriticalSection
FindClose
TlsGetValue
MoveFileW
SetFileAttributesW
GetEnvironmentVariableW
SetLastError
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetVersionExA
GetModuleFileNameA
SetThreadPriority
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
GetFullPathNameW
InterlockedExchangeAdd
CreateThread
SetUnhandledExceptionFilter
ExitThread
SetPriorityClass
TerminateProcess
WriteConsoleA
SetCurrentDirectoryW
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetWindowsDirectoryW
GetFileSize
GetStartupInfoW
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
GetProcessHeap
GetTempFileNameW
RemoveDirectoryW
ExpandEnvironmentStringsW
FindNextFileW
ResetEvent
FindFirstFileW
GetProcAddress
GetTempPathW
CreateEventW
CreateFileW
SetFileApisToOEM
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
lstrlenW
CreateProcessW
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetLongPathNameW
IsValidCodePage
HeapCreate
FindResourceW
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
CommandLineToArgvW
SetFocus
EndDialog
PostQuitMessage
KillTimer
GetMessageW
ShowWindow
SetWindowPos
GetSystemMetrics
IsWindow
DestroyIcon
GetWindowRect
EnableWindow
DialogBoxParamW
TranslateMessage
PostMessageW
DispatchMessageW
CreateDialogParamW
SendMessageW
IsWindowVisible
LoadStringW
SetWindowTextW
GetDlgItem
MessageBoxW
ScreenToClient
SetTimer
IsDialogMessageW
GetActiveWindow
GetWindowTextW
GetDesktopWindow
LoadIconW
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
CoInitializeEx
Number of PE resources by type
RT_STRING 109
RT_DIALOG 3
RT_ICON 3
RT_MANIFEST 1
RT_BITMAP 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
RUSSIAN NEUTRAL 117
RUSSIAN 1
NEUTRAL 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

FileVersionNumber
5.18.16.9457

LanguageCode
Unknown (0019)

FileFlagsMask
0x003f

CharacterSet
Windows, Cyrillic

InitializedDataSize
207360

EntryPoint
0x32e49

MIMEType
application/octet-stream

FileVersion
2.8.1.8782

TimeStamp
2012:05:24 11:39:21+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
2.8

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
261632

FileSubtype
0

ProductVersionNumber
5.0.4.31807

Warning
Possibly corrupt Version resource

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 4f1ca209f367c2319d9cf4dae087d673
SHA1 dd2330a6e35750bbb882858058b52e8d1fd12edf
SHA256 4933a1d7456120479604e68d215f3b20db0779319937101f035c8dca70faad9d
ssdeep
196608:mMfZxYzBr35p0p5+tb13L0aWxIr4AAuHVi7qM6FROJt9MAItIlDzEok37Fr9nmz:mMfEzBD5Ofs1LgCVwMQJstUH837o

authentihash ccab166a8a6a4b0f525ad3422774c0f887281c4203bbcb4ac60da37c5ffa3c69
imphash e3ac8154f0eca18fb9d19811e4d6603d
Размер файла 12.3 MБ ( 12914289 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-05-02 11:38:09 UTC (3 лет, 5 месяцев назад)
Last submission 2015-05-02 18:09:21 UTC (3 лет, 5 месяцев назад)
Имена файлов TeamViewer 10.0.41459 MultiLang ReID & TVManager Portable Free.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
UDP communications