× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 785de6b80dd55bde5b662bbb26f007c67eca16a3cdb3c1d102bd186aa05c54b2
Имя файла: mini-KMS_Activator_v1.3_Office2010_VL_RUS.exe
Показатель выявления: 24 / 45
Дата анализа: 2013-03-12 19:41:59 UTC (6 лет, 1 месяц назад) Показать последний анализ
Антивирус Результат Дата обновления
Yandex Trojan.Offend!6ZKgLbWMlMY 20130312
AhnLab-V3 Trojan/Win32.ADH 20130312
AntiVir SPR/Tool.Keygen.57 20130312
Avast Win32:Malware-gen 20130312
AVG unknown virus Win32/DH{AQBhWAI} 20130312
Commtouch W32/Risk.LCTX-0235 20130312
Comodo UnclassifiedMalware 20130312
ESET-NOD32 a variant of Win32/HackKMS.A 20130312
F-Prot W32/MalwareF.IHDT 20130312
Fortinet W32/CLE.TJK!tr 20130312
GData Win32:Malware-gen 20130312
Ikarus possible-Threat.Activator 20130312
K7AntiVirus Riskware 20130312
McAfee Generic.dx!tjk 20130312
McAfee-GW-Edition Generic.dx!tjk 20130312
Microsoft HackTool:Win32/Keygen 20130312
Norman HackKMS.C 20130312
Panda Generic Trojan 20130312
PCTools Trojan.ADH 20130312
Sophos AV Troj/Keygen-DX 20130312
Symantec Trojan.ADH 20130312
TrendMicro TROJ_SPNR.02CF11 20130312
TrendMicro-HouseCall TROJ_GEN.R4FH1K5 20130312
VIPRE Trojan.Win32.Generic!BT 20130312
Antiy-AVL 20130312
BitDefender 20130312
ByteHero 20130304
CAT-QuickHeal 20130312
ClamAV 20130312
DrWeb 20130312
Emsisoft 20130312
eSafe 20130307
F-Secure 20130312
Jiangmin 20130311
Kaspersky 20130312
Kingsoft 20130311
Malwarebytes 20130312
eScan 20130312
NANO-Antivirus 20130312
nProtect 20130312
SUPERAntiSpyware 20130312
TheHacker 20130312
TotalDefense 20130312
VBA32 20130312
ViRobot 20130312
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© 2010, FreeSoft

Product mini-KMS Activator v1.3 Office2010 VL RUS
Internal name mini-KMS_Activator_v1.3_Office2010_VL_RUS.exe
File version 1,3,0,0
Description mini-KMS Activator
Packers identified
PEiD UPX 2.93 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-02-07 06:33:08
Entry Point 0x00272970
Number of sections 3
PE sections
PE imports
InitCommonControls
SetBkColor
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
CoInitialize
ShellExecuteExA
IsChild
Number of PE resources by type
RT_ICON 8
RT_RCDATA 5
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 16
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
32768

ImageVersion
0.0

ProductName
mini-KMS Activator v1.3 Office2010 VL RUS

FileVersionNumber
1.3.0.0

UninitializedDataSize
1552384

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
2.5

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1,3,0,0

TimeStamp
2009:02:07 07:33:08+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
mini-KMS_Activator_v1.3_Office2010_VL_RUS.exe

ProductVersion
1,3,0,0

FileDescription
mini-KMS Activator

OSVersion
4.0

FileOS
Windows 16-bit

LegalCopyright
2010, FreeSoft

MachineType
Intel 386 or later, and compatibles

CompanyName
FreeSoft

CodeSize
1015808

FileSubtype
0

ProductVersionNumber
1.3.0.0

EntryPoint
0x272970

ObjectFileType
Executable application

Execution parents
Compressed bundles
File identification
MD5 359d5c6a3976c2ac565adb2cc9a85014
SHA1 6a90e812476fff9ee8f2778affd1801747ac3414
SHA256 785de6b80dd55bde5b662bbb26f007c67eca16a3cdb3c1d102bd186aa05c54b2
ssdeep
24576:VZg6gec7QiqJ62zh/AsWGQKo03OFBBDUceRw1ASxp7QC:meCQ621/LFz3OF32Sxp7l

authentihash 006212dc10c105e46cb10726c5fd3024f2f3f87cf5e41cd1dfb6fab0ef9991a2
imphash 26d3c4cf36a46cd980f89d55afb73146
Размер файла 1019.0 KБ ( 1043456 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (30.9%)
Win32 EXE Yoda's Crypter (30.4%)
Microsoft Visual C++ compiled executable (generic) (18.9%)
Win32 Dynamic Link Library (generic) (7.5%)
Win32 Executable (generic) (5.1%)
Tags
peexe upx via-tor

VirusTotal metadata
First submission 2010-05-25 20:24:45 UTC (8 лет, 11 месяцев назад)
Last submission 2019-03-03 08:57:01 UTC (1 месяц, 2 недель назад)
Имена файлов 785de6b80dd55bde_q.exe
02AC129A00283C4FEC180FE9892C1000ECEB8F7F.exe
789.exe
activator.exe
24_Activator_v1.3_.exe
mini-KMS_Activator_v1.3_Office2010_VL_RUS.exe=
Activator Office 2010.exe
Setup.exe
mini-KMS_Activator_v1.3_Office2010_VL_RUS.exe
Ms Office 2010.exe
Activator.exe
Activator v1.3 Office2010_V.exe
mini-KMS_Activator_v1.3_Office2010_VL_RUS.exe
file-2967092_exe
542a56cf.qsp
7576812_mini-KMS_Activator_v1.3_Office2010_VL_RUS.exe
filename
785de6b80dd55bde5b662bbb26f007c67eca16a3cdb3c1d102bd186aa05c54b2
mini-KMS Activator 1.3 Office 2010 VL.exe
444.exe
mini-KMS_Activator_v1.3_Office2010_VL_RUS.uha
Activator v1.3 Office2010_VL_RUS.exe
cYL0sMqa.exe.part
3SRetP7D.exe.part
50fc96f6a719d61097fe40d90f9d9bac_mini-KMS_Activator_v1.3_Office2010_VL_RUS.exe.safe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Sophos
Possibly Unwanted Application labelled as Keygen. This is a term used to describe applications that, while not malicious, are generally considered unsuitable for business networks. More details about Sophos PUA classifications can be found at: https://www.sophos.com/en-us/support/knowledgebase/14887.aspx .

TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R0C1C0EFE16.

Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!