× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 994c7528ee3a9a0d6041759b69d5a65514ccd6eb5669b2abea6867cbb7e7e9ea
Имя файла: vcr447.exe
Показатель выявления: 3 / 56
Дата анализа: 2016-10-04 06:34:12 UTC (11 месяцев, 3 недель назад) Показать последний анализ
Антивирус Результат Дата обновления
Bkav HW32.Packed.503E 20161003
K7AntiVirus Spyware ( 004c76c01 ) 20161003
K7GW Spyware ( 004c76c01 ) 20161004
Ad-Aware 20161004
AegisLab 20161004
AhnLab-V3 20161003
Alibaba 20161003
ALYac 20160930
Antiy-AVL 20161004
Arcabit 20161004
Avast 20161004
AVG 20161004
Avira (no cloud) 20161004
AVware 20161004
Baidu 20161001
BitDefender 20161004
CAT-QuickHeal 20161003
ClamAV 20161004
CMC 20161003
Comodo 20161004
CrowdStrike Falcon (ML) 20160725
Cyren 20161004
DrWeb 20161004
Emsisoft 20161004
ESET-NOD32 20161004
F-Prot 20161004
F-Secure 20161004
Fortinet 20161004
GData 20161004
Ikarus 20161003
Sophos ML 20160928
Jiangmin 20161004
Kaspersky 20161004
Kingsoft 20161004
Malwarebytes 20161004
McAfee 20161004
McAfee-GW-Edition 20161004
Microsoft 20161004
eScan 20161004
NANO-Antivirus 20161003
nProtect 20161004
Panda 20161002
Qihoo-360 20161004
Rising 20161004
Sophos AV 20161004
SUPERAntiSpyware 20161004
Symantec 20161004
Tencent 20161004
TheHacker 20161001
TrendMicro 20161004
TrendMicro-HouseCall 20161004
VBA32 20161003
VIPRE 20161004
ViRobot 20161004
Yandex 20161003
Zillya 20161003
Zoner 20161004
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Sergei Kazanskij, (c) 2003-2008

Product HSP Victoria
Internal name Generic DS Project
File version 4.4.7.0
Description HDD low-level test, repair & benchmark utility
Comments Made in Belorussia
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Entry Point 0x042F0C96
Number of sections 6
PE sections
PE imports
CloseServiceHandle
RegFlushKey
RegCloseKey
OpenServiceA
OpenProcessToken
CreateServiceA
RegQueryValueExA
LookupPrivilegeValueA
AdjustTokenPrivileges
StartServiceA
RegCreateKeyExA
RegOpenKeyExA
OpenSCManagerA
ImageList_BeginDrag
ImageList_SetBkColor
InitCommonControls
ImageList_SetDragCursorImage
ImageList_Read
ImageList_GetDragImage
ImageList_Create
ImageList_DragMove
ImageList_DrawEx
ImageList_SetIconSize
ImageList_Write
ImageList_GetImageCount
ImageList_Destroy
ImageList_Draw
ImageList_GetIconSize
ImageList_DragLeave
ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_Add
ImageList_DragShowNolock
ImageList_Remove
ImageList_EndDrag
GetOpenFileNameA
GetSaveFileNameA
PolyPolyline
SetMapMode
GetWindowOrgEx
SetTextAlign
GetTextMetricsA
GetViewportOrgEx
GetObjectType
GetTextExtentPointA
SetPixel
IntersectClipRect
CopyEnhMetaFileA
CreatePalette
CreateDIBitmap
GetDIBits
GetEnhMetaFileBits
GetDCOrgEx
StretchBlt
StretchDIBits
GetPaletteEntries
SetWindowExtEx
SetViewportExtEx
ExtCreatePen
SetBkColor
SetWinMetaFileBits
GetDIBColorTable
DeleteEnhMetaFile
GetSystemPaletteEntries
SetStretchBltMode
GetCurrentPositionEx
CreateFontIndirectA
LPtoDP
GetPixel
GetBrushOrgEx
ExcludeClipRect
SetBkMode
BitBlt
GetDeviceCaps
CreateBrushIndirect
SelectPalette
GetMetaFileBitsEx
CreateEnhMetaFileA
CloseEnhMetaFile
SetROP2
SetDIBColorTable
DeleteObject
CreatePenIndirect
PatBlt
GetClipBox
Rectangle
GetObjectA
LineTo
DeleteDC
GetEnhMetaFileDescriptionA
RealizePalette
SetEnhMetaFileBits
CreateBitmap
RectVisible
GetStockObject
PlayEnhMetaFile
ExtTextOutA
UnrealizeObject
GdiFlush
SelectClipRgn
RoundRect
GetTextAlign
GetTextExtentPoint32A
GetWinMetaFileBits
GetEnhMetaFileHeader
SetWindowOrgEx
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
CreateHalftonePalette
SaveDC
MaskBlt
GetEnhMetaFilePaletteEntries
RestoreDC
GetBitmapBits
CreateDIBSection
SetTextColor
MoveToEx
SetViewportOrgEx
ExtTextOutW
CreateCompatibleDC
SetBrushOrgEx
CreateRectRgn
SelectObject
Ellipse
CreateSolidBrush
Polyline
CreateCompatibleBitmap
Number of PE resources by type
RT_BITMAP 108
RT_STRING 33
RT_GROUP_CURSOR 10
RT_CURSOR 10
RT_RCDATA 9
RT_DIALOG 1
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 89
ENGLISH US 73
RUSSIAN 11
GERMAN 1
PE resources
ExifTool file metadata
LegalTrademarks
Sergei Kazanskij, http://hdd-911.com

UninitializedDataSize
68894720

Comments
Made in Belorussia

LinkerVersion
2.25

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.4.7.0

LanguageCode
English (British)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
16384

EntryPoint
0x42f0c96

MIMEType
application/octet-stream

LegalCopyright
Sergei Kazanskij, (c) 2003-2008

FileVersion
4.4.7.0

TimeStamp
0000:00:00 00:00:00

FileType
Win32 EXE

PEType
PE32

InternalName
Generic DS Project

SubsystemVersion
4.0

ProductVersion
4.4.7.0

FileDescription
HDD low-level test, repair & benchmark utility

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Victoria Software

CodeSize
532480

ProductName
HSP Victoria

ProductVersionNumber
4.4.7.0

FileTypeExtension
exe

ObjectFileType
Executable application

Execution parents
Compressed bundles
File identification
MD5 18e266d36c683c5e0d8eec95af435524
SHA1 ead8d26b7a96b359dddb8e560bfe39df87af70ec
SHA256 994c7528ee3a9a0d6041759b69d5a65514ccd6eb5669b2abea6867cbb7e7e9ea
ssdeep
12288:Z6wrR3Q6QTgcYjH3vgXLAXwnJvDHy66UCBRKu3G1ZRT7bM0fwN4HmDB+XHY7fXha:Zq62pYzwLjJrAUCBzUpwymDB+X4dvz

authentihash d7c789c6be2c6758510d597c340b13cd47fe3d301aaaa5877cf346abdb793b07
imphash b98c889fe64b0f19c65feaa9a82bf077
Размер файла 759.5 KБ ( 777728 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (76.0%)
Win32 Executable (generic) (12.6%)
Generic Win/DOS Executable (5.6%)
DOS Executable Generic (5.6%)
Tags
peexe via-tor

VirusTotal metadata
First submission 2013-02-21 11:49:42 UTC (4 лет, 7 месяцев назад)
Last submission 2017-09-20 12:23:26 UTC (5 дней, 13 часов назад)
Имена файлов vcr447.exe
Victoria.exe
vcr447.exe
vcr447.vmp.exe
vcr447.exe
vcr447.exe
vcr447.exe
file-5566489_exe
Generic DS Project
vcr447.exe
vcr447.exe
avz00062.exe
vcr447.exe
victoria.exe
filename
vcr447.exe
vcr447.exe
vcr447 = 1 virus.exe
vcr447.exe
Victoria.exe
vcr447.exe
vcr447[1].exe
VCR447.EXE._EAD8D26B7A96B359DDDB8E560BFE39DF87AF70EC
VCR447.EXE
vcr447.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
UDP communications