× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: eac8c979057dafab2fd97e6aa3c8e993de80df13d2d6df67aad891632f00a4b5
Имя файла: Runa4_5.exe
Показатель выявления: 0 / 55
Дата анализа: 2014-11-30 08:32:56 UTC (3 лет, 1 месяц назад)
Антивирус Результат Дата обновления
Ad-Aware 20141130
AegisLab 20141130
Yandex 20141129
AhnLab-V3 20141129
ALYac 20141129
Antiy-AVL 20141130
Avast 20141130
AVG 20141130
Avira (no cloud) 20141129
AVware 20141121
Baidu-International 20141130
BitDefender 20141130
Bkav 20141127
ByteHero 20141130
CAT-QuickHeal 20141129
ClamAV 20141130
CMC 20141127
Comodo 20141130
Cyren 20141130
DrWeb 20141130
Emsisoft 20141130
F-Prot 20141130
F-Secure 20141130
Fortinet 20141129
GData 20141130
Ikarus 20141130
Jiangmin 20141129
K7AntiVirus 20141128
K7GW 20141129
Kaspersky 20141130
Kingsoft 20141130
Malwarebytes 20141130
McAfee 20141130
McAfee-GW-Edition 20141130
Microsoft 20141130
eScan 20141130
NANO-Antivirus 20141130
Norman 20141130
nProtect 20141128
Panda 20141129
Qihoo-360 20141130
Rising 20141129
Sophos AV 20141130
SUPERAntiSpyware 20141129
Symantec 20141130
Tencent 20141130
TheHacker 20141130
TotalDefense 20141129
TrendMicro 20141130
TrendMicro-HouseCall 20141130
VBA32 20141128
VIPRE 20141130
ViRobot 20141128
Zillya 20141127
Zoner 20141127
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 2013-2014 Vladimir Aushtol

Publisher Vladimir Aushtol
Product Runa
Original name Runa4_5.exe
Internal name Runa
File version 4.5
Description Runa 4.5
Comments http://runabase.com/
Packers identified
F-PROT PE_Patch, Aspack
PEiD ASProtect 1.33 - 2.1 Registered -> Alexey Solodovnikov
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1973-02-10 06:15:28
Entry Point 0x00001000
Number of sections 13
PE sections
PE imports
CertCreateCertificateContext
AddFontMemResourceEx
ImmGetCompositionStringW
GetProcAddress
GetModuleHandleA
LoadLibraryA
RaiseException
__dllonexit
SQLAllocHandle
CLSIDFromProgID
GetActiveObject
VariantChangeTypeEx
ExtractIconW
AdjustWindowRectEx
PlaySoundW
WSAAccept
PE exports
Number of PE resources by type
RT_ICON 6
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 8
PE resources
ExifTool file metadata
UninitializedDataSize
30208

Comments
http://runabase.ru/

InitializedDataSize
23898112

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
4.5.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
2.24

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
Copyright 2013-2014 Vladimir Aushtol

FileVersion
4.5

TimeStamp
1973:02:10 07:15:28+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Runa

FileAccessDate
2014:11:30 09:33:30+01:00

ProductVersion
4.5

SubsystemVersion
4.0

OSVersion
4.0

FileCreateDate
2014:11:30 09:33:30+01:00

OriginalFilename
Runa4_5.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Vladimir Aushtol

CodeSize
17719808

ProductName
Runa

ProductVersionNumber
4.5.0.0

EntryPoint
0x1000

ObjectFileType
Dynamic link library

File identification
MD5 cefc55480c7e0fc5f2c2a02cab4bfd9c
SHA1 76857e38c9a681c64e7a84f9107665ffe1763f3f
SHA256 eac8c979057dafab2fd97e6aa3c8e993de80df13d2d6df67aad891632f00a4b5
ssdeep
196608:aD/vejnSrRty71JjqaZxXdFEk/96I/ZahjHM0JsB5dKTnNkb:ECnSrny71JjqaX4K6IOH1JQG7N

authentihash 8380b9a99471fea06f462885ba203b0447b7adb73d258ebbb25080e59c34bf29
imphash 9604a29d3b1d7aa7cf080599c924e444
Размер файла 7.7 MБ ( 8029696 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe asprotect aspack

VirusTotal metadata
First submission 2014-11-30 08:32:56 UTC (3 лет, 1 месяц назад)
Last submission 2014-11-30 08:32:56 UTC (3 лет, 1 месяц назад)
Имена файлов Runa
runa4_5.exe
Runa4_5.exe
Runa4_5.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
clipboard-monitor

Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created mutexes
Opened mutexes
Hooking activity
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.
HTTP requests
DNS requests
TCP connections