× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 80e0611d70a342def879e3dd9835859870ef69d5b3589f6adc11683a0e205d9b
Имя файла: DevRem
Показатель выявления: 0 / 57
Дата анализа: 2016-12-09 05:45:38 UTC (1 год, 10 месяцев назад)
Антивирус Результат Дата обновления
Ad-Aware 20161209
AegisLab 20161209
AhnLab-V3 20161208
Alibaba 20161209
ALYac 20161208
Antiy-AVL 20161209
Arcabit 20161209
Avast 20161209
AVG 20161209
Avira (no cloud) 20161208
AVware 20161209
Baidu 20161207
BitDefender 20161209
Bkav 20161208
CAT-QuickHeal 20161208
ClamAV 20161209
CMC 20161208
Comodo 20161209
CrowdStrike Falcon (ML) 20161024
Cyren 20161209
DrWeb 20161209
Emsisoft 20161209
ESET-NOD32 20161209
F-Prot 20161209
F-Secure 20161209
Fortinet 20161209
GData 20161209
Ikarus 20161208
Sophos ML 20161202
Jiangmin 20161208
K7AntiVirus 20161209
K7GW 20161209
Kaspersky 20161209
Kingsoft 20161209
Malwarebytes 20161209
McAfee 20161209
McAfee-GW-Edition 20161208
Microsoft 20161209
eScan 20161209
NANO-Antivirus 20161209
nProtect 20161209
Panda 20161208
Qihoo-360 20161209
Rising 20161209
Sophos AV 20161209
SUPERAntiSpyware 20161209
Symantec 20161209
Tencent 20161209
TheHacker 20161130
TotalDefense 20161208
TrendMicro 20161209
TrendMicro-HouseCall 20161209
Trustlook 20161209
VBA32 20161208
VIPRE 20161209
ViRobot 20161209
WhiteArmor 20161207
Yandex 20161208
Zillya 20161207
Zoner 20161209
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright (c) VSInvent 2016

Product DevRem
Original name devrem.exe
Internal name DevRem
File version 1,0,0,0
Description DevRem
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-12 14:46:09
Entry Point 0x000014E0
Number of sections 8
PE sections
PE imports
DeviceIoControl
EnterCriticalSection
GetLastError
GetDriveTypeA
QueryPerformanceCounter
GetTickCount
VirtualProtect
DeleteCriticalSection
GetCurrentProcess
GetCurrentProcessId
UnhandledExceptionFilter
GetProcAddress
GetVolumeNameForVolumeMountPointA
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
CloseHandle
GetSystemTimeAsFileTime
QueryDosDeviceA
TerminateProcess
InitializeCriticalSection
VirtualQuery
TlsGetValue
Sleep
CreateFileA
GetCurrentThreadId
LeaveCriticalSection
SetupDiEnumDeviceInterfaces
CM_Get_Parent
SetupDiGetClassDevsA
CM_Request_Device_EjectW
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
strncmp
__lconv_init
malloc
__dllonexit
_cexit
abort
fprintf
_fmode
_amsg_exit
fwrite
_lock
_onexit
__initenv
exit
__setusermatherr
_acmdln
_unlock
free
vfprintf
__getmainargs
calloc
strlen
memcpy
signal
_initterm
__set_app_type
_iob
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
2.25

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
1536

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
16896

EntryPoint
0x14e0

OriginalFileName
devrem.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) VSInvent 2016

FileVersion
1,0,0,0

TimeStamp
2016:11:12 15:46:09+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
DevRem

ProductVersion
1,0,0,0

FileDescription
DevRem

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
(Shcherbakov Vasily Petrovich) / VSInvent

CodeSize
9216

ProductName
DevRem

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 3fe7d917902fa0ea3fb05bd4b7702c26
SHA1 65b279f1a3c8fe6c67f1a5605fe6b6d00a47fded
SHA256 80e0611d70a342def879e3dd9835859870ef69d5b3589f6adc11683a0e205d9b
ssdeep
192:cpsHqBQ/fk7dykoI4ko7VXIoO92NDafQQtm4+piWAO9hO38R0sw3F3rGSUY:GAqhdykakSgYBa0piW+3MoFb5U

authentihash 8a663b1eb371347c0a4e2097e9760e04fc89ef59249469c515b1705fff9db4da
imphash 198ae02475c8bbce43058afab483a1fb
Размер файла 17.5 KБ ( 17920 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.3%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-11-12 15:47:29 UTC (1 год, 11 месяцев назад)
Last submission 2016-11-18 05:40:32 UTC (1 год, 11 месяцев назад)
Имена файлов _d.exe
DevRem
devrem.exe
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.