× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 56f1152304f62e2b0e26a1083782ce8c270f7065dd2c3f9f38e74747dedd7215
Имя файла: 1429156644-gta-5-2015-low-specs-patch-by-ragnos1997_81897ae7.exe
Показатель выявления: 23 / 67
Дата анализа: 2018-08-10 19:36:34 UTC (9 месяцев, 2 недель назад) Показать последний анализ
Антивирус Результат Дата обновления
Ad-Aware Gen:Variant.Graftor.499173 20180810
ALYac Gen:Variant.Graftor.499173 20180810
Arcabit Trojan.Graftor.D79DE5 20180810
Avira (no cloud) TR/Crypt.ZPACK.Gen2 20180810
BitDefender Gen:Variant.Graftor.499173 20180810
Bkav W32.eHeur.Malware03 20180810
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cybereason malicious.e52604 20180225
Cylance Unsafe 20180810
Emsisoft Gen:Variant.Graftor.499173 (B) 20180810
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GJOU 20180810
F-Secure Gen:Variant.Graftor.499173 20180810
Fortinet W32/Kryptik.GIQX!tr 20180810
GData Gen:Variant.Graftor.499173 20180810
Ikarus Trojan.Crypt9 20180810
Sophos ML heuristic 20180717
Jiangmin AdWare.Generic.egct 20180810
MAX malware (ai score=86) 20180810
Microsoft Program:Win32/Unwaders.C!ml 20180810
eScan Gen:Variant.Graftor.499173 20180810
Rising Malware.Heuristic!ET#90% (RDM+:cmRtazrN6GNkwFe5A9aFVAHmVN20) 20180810
Webroot W32.Adware.Gen 20180810
AegisLab 20180810
AhnLab-V3 20180810
Alibaba 20180713
Antiy-AVL 20180810
Avast 20180810
Avast-Mobile 20180810
AVG 20180810
AVware 20180810
Babable 20180725
Baidu 20180810
CAT-QuickHeal 20180810
ClamAV 20180810
CMC 20180810
Comodo 20180810
Cyren 20180810
DrWeb 20180810
eGambit 20180810
F-Prot 20180810
K7AntiVirus 20180810
K7GW 20180810
Kaspersky 20180810
Kingsoft 20180810
Malwarebytes 20180810
McAfee 20180810
McAfee-GW-Edition 20180810
NANO-Antivirus 20180810
Palo Alto Networks (Known Signatures) 20180810
Panda 20180810
Qihoo-360 20180810
SentinelOne (Static ML) 20180701
Sophos AV 20180810
SUPERAntiSpyware 20180810
Symantec 20180810
Symantec Mobile Insight 20180809
TACHYON 20180810
Tencent 20180810
TheHacker 20180807
TrendMicro 20180810
TrendMicro-HouseCall 20180810
Trustlook 20180810
VBA32 20180810
VIPRE 20180810
ViRobot 20180810
Yandex 20180810
Zillya 20180810
ZoneAlarm by Check Point 20180810
Zoner 20180810
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-09-15 09:06:05
Entry Point 0x00001203
Number of sections 8
PE sections
PE imports
RegDeleteKeyW
FlatSB_GetScrollInfo
ImageList_GetImageCount
ImageList_BeginDrag
InitCommonControlsEx
CreateStatusWindowW
ImageList_AddMasked
ImageList_LoadImageW
ImageList_Draw
ImageList_GetIconSize
FlatSB_SetScrollInfo
ImageList_SetOverlayImage
ImageList_DragMove
ImageList_Create
PropertySheetW
ImageList_GetIcon
FlatSB_SetScrollPos
ImageList_ReplaceIcon
CryptAcquireCertificatePrivateKey
CertOpenStore
CryptExportPKCS8
CertAddEncodedCertificateToStore
CertFreeCertificateContext
CryptStringToBinaryW
CertNameToStrW
CryptProtectData
CryptMsgOpenToDecode
CryptDecodeObjectEx
CryptMsgClose
CertGetNameStringW
CertFreeCertificateChain
CertGetPublicKeyLength
CertGetCertificateChain
CryptBinaryToStringW
CryptDecodeObject
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetSystemTimeAsFileTime
EnterCriticalSection
LCMapStringW
SetHandleCount
LoadLibraryW
GlobalFree
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
ReplaceFileW
TlsAlloc
GetEnvironmentStringsW
GetProcAddress
lstrcmpiW
GetConsoleWindow
RtlUnwind
lstrlenW
GetStdHandle
GetACP
HeapSetInformation
GetCurrentProcess
OpenJobObjectW
DecodePointer
GetCurrentProcessId
GetUserDefaultLCID
GetCommandLineW
WideCharToMultiByte
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetStartupInfoW
FreeEnvironmentStringsW
DeleteFileW
FindFirstFileExW
EncodePointer
HeapSize
CreateFileMappingW
CompareStringW
RaiseException
GetCPInfo
GetModuleFileNameW
TlsFree
SetFilePointer
DeleteCriticalSection
SetUnhandledExceptionFilter
LoadLibraryExW
IsProcessorFeaturePresent
TerminateProcess
lstrcmpW
HeapReAlloc
GetStringTypeW
GetModuleHandleW
LocalFree
FreeConsole
VirtualAlloc
IsValidCodePage
HeapCreate
WriteFile
CreateWaitableTimerW
GlobalAlloc
InterlockedDecrement
Sleep
GetFileType
TlsSetValue
HeapAlloc
GetCurrentThreadId
LeaveCriticalSection
ExitProcess
SetLastError
InterlockedIncrement
glCopyTexSubImage2D
glFlush
glTexSubImage2D
glTexImage2D
glDisable
glStencilMask
glBindTexture
glDrawArrays
glClearColor
glGetString
glEnable
glClear
glIsEnabled
glStencilOp
glReadPixels
glBlendFunc
glDeleteTextures
glViewport
glGetError
glDrawElements
glGetFloatv
glClearDepth
glGenTextures
glTexParameteri
glStencilFunc
glDepthFunc
glGetIntegerv
glPixelStorei
RasGetEntryPropertiesW
SetupCloseFileQueue
SetupFindNextLine
SetupDiSetDeviceRegistryPropertyW
SetupDiOpenDeviceInfoW
SetupGetFieldCount
SetupInstallFromInfSectionW
CM_Get_Device_IDW
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status
CM_Get_Parent
CM_Get_Device_ID_ExW
SetupDiCreateDeviceInfoListExW
SetupDiSetDeviceInstallParamsW
SetupDiGetActualSectionToInstallW
SetupDiGetDeviceInstallParamsW
SetupDiOpenDeviceInterfaceW
CM_Locate_DevNodeW
SetupDiEnumDriverInfoW
CM_Get_Parent_Ex
SetupOpenFileQueue
SetupDiGetClassDevsExW
SetupDiCreateDeviceInfoList
SetupCloseInfFile
MapWindowPoints
GetMonitorInfoW
GetMessagePos
GetMenuInfo
EndDialog
GetScrollPos
CharPrevW
ShowWindow
SetPropW
RemoveMenu
EnumDisplayMonitors
SetScrollRange
ScrollWindowEx
ReleaseCapture
SendDlgItemMessageW
PostMessageW
GetDlgItemInt
CheckDlgButton
GetMenuItemID
GetIconInfo
DestroyIcon
RegisterClassW
UnregisterClassW
DrawMenuBar
IsCharAlphaNumericW
TrackPopupMenu
GetTopWindow
IsDlgButtonChecked
SetDlgItemTextW
TranslateAcceleratorW
ReleaseStgMedium
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoGetMalloc
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2015:09:15 10:06:05+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
66048

LinkerVersion
12.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x1203

InitializedDataSize
2638336

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 2c99e37e52604da99235390aedb5e9d6
SHA1 2920af245c1d423295660a183130dccd8333d1c3
SHA256 56f1152304f62e2b0e26a1083782ce8c270f7065dd2c3f9f38e74747dedd7215
ssdeep
49152:71hFD32eSkWFJfjpiwpw6PJmRid0a9rvrEdliSt/FdhP0Hk2zbU+Bf:7D1dYJf/wcIRivNvrAllRdP0Hk2zbUA

authentihash 0066b571e0df6319f72b6a741cf5562eab5cf0a799de68d3d61e1455ea117fe7
imphash de8a13884c750518dfc6a57f16cb195e
Размер файла 2.6 MБ ( 2705408 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (44.9%)
Win64 Executable (generic) (39.8%)
Win32 Executable (generic) (6.4%)
OS/2 Executable (generic) (2.9%)
Generic Win/DOS Executable (2.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-08-10 19:36:34 UTC (9 месяцев, 2 недель назад)
Last submission 2018-09-01 07:24:11 UTC (8 месяцев, 3 недель назад)
Имена файлов 1429156644-gta-5-2015-low-specs-patch-by-ragnos1997_81897ae7.exe
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Replaced files
Code injections in the following processes
Created mutexes
Searched windows
Runtime DLLs
HTTP requests
DNS requests
TCP connections