× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 9c2c617a9c759eee4715d8c8a0ef0425955eecc5ea55eeaebc0d0dcbb56ea969
Имя файла: SimpleMinecraft.exe
Показатель выявления: 1 / 68
Дата анализа: 2018-10-03 17:46:39 UTC (6 месяцев, 2 недель назад) Показать последний анализ
Антивирус Результат Дата обновления
Jiangmin TrojanSpy.Java.c 20181003
Ad-Aware 20181003
AegisLab 20181003
AhnLab-V3 20181003
Alibaba 20180921
ALYac 20181003
Antiy-AVL 20181003
Arcabit 20181003
Avast 20181003
Avast-Mobile 20181003
AVG 20181003
Avira (no cloud) 20181003
AVware 20180925
Babable 20180918
Baidu 20180930
BitDefender 20181003
Bkav 20181003
CAT-QuickHeal 20181001
ClamAV 20181003
CMC 20181003
Comodo 20181003
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20181003
Cyren 20181003
DrWeb 20181003
eGambit 20181003
Emsisoft 20181003
Endgame 20180730
ESET-NOD32 20181003
F-Prot 20181003
F-Secure 20181003
Fortinet 20181003
GData 20181003
Ikarus 20181003
Sophos ML 20180717
K7AntiVirus 20181003
K7GW 20181003
Kaspersky 20181003
Kingsoft 20181003
Malwarebytes 20181003
MAX 20181003
McAfee 20181003
McAfee-GW-Edition 20181003
Microsoft 20181003
eScan 20181003
NANO-Antivirus 20181003
Palo Alto Networks (Known Signatures) 20181003
Panda 20181003
Qihoo-360 20181003
Rising 20181003
SentinelOne (Static ML) 20180926
Sophos AV 20181003
SUPERAntiSpyware 20180907
Symantec 20181003
Symantec Mobile Insight 20181001
TACHYON 20181003
Tencent 20181003
TheHacker 20181001
TrendMicro 20181003
TrendMicro-HouseCall 20181003
Trustlook 20181003
VBA32 20181003
VIPRE 20181003
ViRobot 20181003
Webroot 20181003
Yandex 20180927
Zillya 20181003
ZoneAlarm by Check Point 20180925
Zoner 20181003
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Packers identified
F-PROT ZIP, embedded
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-03 17:46:13
Entry Point 0x00001290
Number of sections 6
PE sections
Overlays
MD5 6cdca8131870924bea0a674a8cfcb3da
File type application/zip
Offset 134656
Size 370752
Entropy 7.99
PE imports
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegCloseKey
GetLastError
WaitForSingleObject
GetExitCodeProcess
ExitProcess
GetModuleFileNameA
GetCurrentProcess
LockResource
GetCurrentDirectoryA
GetCommandLineA
GetProcAddress
CreateMutexA
FindResourceExA
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
CloseHandle
GlobalMemoryStatusEx
SetEnvironmentVariableA
LocalFree
CreateProcessA
GetEnvironmentVariableA
LoadResource
FormatMessageA
SetLastError
ShellExecuteA
GetWindowThreadProcessId
GetMessageA
FindWindowExA
CreateWindowExA
LoadImageA
TranslateMessage
GetWindowLongA
DispatchMessageA
GetWindowRect
EnumWindows
SendMessageA
SetForegroundWindow
KillTimer
SetTimer
PostQuitMessage
GetWindowTextA
ShowWindow
GetSystemMetrics
UpdateWindow
SetWindowPos
MessageBoxA
__p__fmode
__p__environ
memset
fclose
strcat
atexit
strncat
_setmode
printf
fopen
strlen
strncpy
_cexit
_itoa
puts
strtok
_chdir
_open
_onexit
_findclose
strrchr
_close
strchr
strpbrk
atoi
__getmainargs
_stat
strstr
_read
_findnext
strcmp
_findfirst
strcpy
fwrite
fprintf
__set_app_type
signal
_iob
Number of PE resources by type
RT_RCDATA 11
RT_ICON 6
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL DEFAULT 18
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2018:10:03 18:46:13+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
19968

LinkerVersion
2.22

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit, No debug

FileTypeExtension
exe

InitializedDataSize
113664

SubsystemVersion
4.0

EntryPoint
0x1290

OSVersion
4.0

ImageVersion
1.0

UninitializedDataSize
36864

Execution parents
File identification
MD5 a20cbbbe8835338d91f879ab54229df1
SHA1 af8d7da89c777d400ddbc27367768ae90add44bf
SHA256 9c2c617a9c759eee4715d8c8a0ef0425955eecc5ea55eeaebc0d0dcbb56ea969
ssdeep
12288:dHNn2RCoYYGCL7hdRXS+BIkb9VzMUJT/4M9HExNgHm:dH8ICL7I+hVzMMzsgHm

authentihash baa9905232358c335870fe730768808aa313915006e3dd44cf7577e33b82d9f4
imphash 6011984d7c1f1b97a34d7517a498bff8
Размер файла 493.6 KБ ( 505408 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (33.0%)
Win64 Executable (generic) (29.2%)
Microsoft Visual C++ compiled executable (generic) (17.4%)
Win32 Dynamic Link Library (generic) (6.9%)
Win32 Executable (generic) (4.7%)
Tags
peexe overlay

VirusTotal metadata
First submission 2018-10-03 17:46:39 UTC (6 месяцев, 2 недель назад)
Last submission 2018-10-03 17:46:39 UTC (6 месяцев, 2 недель назад)
Имена файлов SimpleMinecraft.exe
623ea2349b9bfc47b7161f9f81194221d1f68d9733af1b1de9e74f689b5008e0
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Shell commands
Created mutexes
Opened mutexes
Searched windows
Runtime DLLs
Additional details
The file uses the IsDebuggerPresent Windows API function in order to see whether it is being debugged.