× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: b14dc08b70486ddcc8e3da642f72d23834936bb2b0c16bb0c857524169edb16a
Имя файла: Ged.exe
Показатель выявления: 1 / 46
Дата анализа: 2013-07-12 13:46:39 UTC (5 лет, 1 месяц назад)
Антивирус Результат Дата обновления
Symantec Suspicious.Cloud 20130710
Yandex 20130710
AhnLab-V3 20130710
AntiVir 20130710
Antiy-AVL 20130710
Avast 20130710
AVG 20130710
BitDefender 20130710
ByteHero 20130613
CAT-QuickHeal 20130708
ClamAV 20130710
Commtouch 20130710
Comodo 20130709
DrWeb 20130710
Emsisoft 20130710
eSafe 20130709
ESET-NOD32 20130710
F-Prot 20130710
F-Secure 20130710
Fortinet 20130710
GData 20130710
Ikarus 20130710
Jiangmin 20130710
K7AntiVirus 20130709
K7GW 20130709
Kaspersky 20130710
Kingsoft 20130708
Malwarebytes 20130710
McAfee 20130710
McAfee-GW-Edition 20130710
Microsoft 20130710
eScan 20130710
NANO-Antivirus 20130710
Norman 20130708
nProtect 20130710
Panda 20130710
PCTools 20130710
Rising 20130709
Sophos AV 20130710
SUPERAntiSpyware 20130710
TheHacker 20130710
TotalDefense 20130710
TrendMicro 20130710
TrendMicro-HouseCall 20130710
VBA32 20130710
VIPRE 20130710
ViRobot 20130710
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Version 1.0.0.0
File version 1.0.0.0
Packers identified
PEiD ASPack v2.12
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-07-12 07:08:38
Entry Point 0x00F50001
Number of sections 12
PE sections
PE imports
RegQueryValueExW
RegUnLoadKeyW
InitializeFlatSB
PrintDlgW
WidenPath
GetRandomRgn
gluTessCallback
gluTessBeginPolygon
GetProcAddress
GetModuleHandleA
LoadLibraryA
WNetOpenEnumW
TransparentBlt
CreateStreamOnHGlobal
LresultFromObject
GetErrorInfo
SysFreeString
SafeArrayPtrOfIndex
OleUIObjectPropertiesW
glDeleteTextures
glViewport
wglUseFontOutlinesW
SHFileOperationW
SHGetPathFromIDListW
EnumDisplayMonitors
MessageBoxA
SetClassLongW
VerQueryValueW
timeGetTime
GetDefaultPrinterW
OpenPrinterW
WSACleanup
Number of PE resources by type
RT_RCDATA 149
RT_STRING 69
RT_GROUP_CURSOR 48
RT_BITMAP 48
RT_CURSOR 48
RT_DIALOG 3
RT_VERSION 2
RT_MANIFEST 1
RT_ICON 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 260
ENGLISH US 65
RUSSIAN 20
UKRAINIAN DEFAULT 13
GERMAN 12
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
2.25

ImageVersion
0.0

FileVersionNumber
1.0.4941.36515

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
3948032

MIMEType
application/octet-stream

FileVersion
1.0.0.0

TimeStamp
2013:07:12 08:08:38+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0.0.0

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
11733504

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0xf50001

ObjectFileType
Executable application

File identification
MD5 8cce408b0926578c78ce2db789c3b2ef
SHA1 3435fa108b3e3d834fadcc10f2e56993a1b184ce
SHA256 b14dc08b70486ddcc8e3da642f72d23834936bb2b0c16bb0c857524169edb16a
ssdeep
98304:odxBCWlfVx2NbQTM8Tw13c82zTdlb3AY0U2TEn70ZNicbO2yobDE:+BC0fVYNb2M8Tp8STdlbQpU2476Nbb

Размер файла 4.3 MБ ( 4538368 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.5%)
Win16/32 Executable Delphi generic (19.5%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe aspack

VirusTotal metadata
First submission 2013-07-12 13:46:39 UTC (5 лет, 1 месяц назад)
Last submission 2013-07-12 13:46:39 UTC (5 лет, 1 месяц назад)
Имена файлов Ged.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
UDP communications