× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: f468a7b2aabb2ffe71f808b2955d1a05e245b70b4030284d1c3ba7bb1fb04a50
Имя файла: Archiv_2016.exe
Показатель выявления: 1 / 54
Дата анализа: 2016-03-18 21:16:48 UTC (3 лет, 2 месяцев назад)
Антивирус Результат Дата обновления
Qihoo-360 HEUR/QVM41.1.0000.Malware.Gen 20160318
Ad-Aware 20160318
AegisLab 20160318
Yandex 20160316
AhnLab-V3 20160318
Alibaba 20160318
ALYac 20160318
Antiy-AVL 20160318
Arcabit 20160318
Avast 20160318
AVG 20160318
Avira (no cloud) 20160318
AVware 20160318
Baidu 20160318
Baidu-International 20160318
BitDefender 20160318
Bkav 20160318
ByteHero 20160318
CAT-QuickHeal 20160318
ClamAV 20160317
CMC 20160316
Comodo 20160318
Cyren 20160318
DrWeb 20160318
Emsisoft 20160318
ESET-NOD32 20160318
F-Prot 20160318
F-Secure 20160318
Fortinet 20160318
GData 20160318
Ikarus 20160318
Jiangmin 20160318
K7AntiVirus 20160318
K7GW 20160318
Kaspersky 20160318
Malwarebytes 20160318
McAfee 20160318
McAfee-GW-Edition 20160318
Microsoft 20160318
eScan 20160318
NANO-Antivirus 20160318
nProtect 20160318
Panda 20160318
Rising 20160318
Sophos AV 20160318
SUPERAntiSpyware 20160318
Symantec 20160318
Tencent 20160318
TheHacker 20160315
VBA32 20160318
VIPRE 20160318
ViRobot 20160318
Zillya 20160318
Zoner 20160318
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 1999-2015 Igor Pavlov

Product 7-Zip
Original name 7z.sfx.exe
Internal name 7z.sfx
File version 15.14
Description 7z SFX
Packers identified
F-PROT 7Z
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-12-31 14:25:58
Entry Point 0x000245CA
Number of sections 5
PE sections
Overlays
MD5 8699cc4f75cdce7fcf3ecb0263289d56
File type data
Offset 190976
Size 17445322
Entropy 8.00
PE imports
GetLastError
GetStdHandle
EnterCriticalSection
FileTimeToSystemTime
RemoveDirectoryW
WaitForSingleObject
GetVersionExW
SetEvent
FindNextFileW
GetFileAttributesW
DeleteCriticalSection
GetStartupInfoA
FileTimeToLocalFileTime
CompareFileTime
GetFileSize
SetFileTime
GetCommandLineW
MultiByteToWideChar
GetFileInformationByHandle
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
GetModuleHandleA
SetFileAttributesW
GetModuleFileNameW
SetFilePointer
ReadFile
WriteFile
GetCurrentProcess
ResetEvent
FindFirstFileW
GetProcAddress
SetPriorityClass
FreeLibrary
LocalFree
FormatMessageW
GetCurrentDirectoryW
LoadLibraryW
CreateEventW
InitializeCriticalSection
CreateFileW
VirtualFree
GetLogicalDriveStringsW
FindClose
Sleep
MoveFileW
SetEndOfFile
CloseHandle
GetTickCount
VirtualAlloc
SetLastError
LeaveCriticalSection
_purecall
__p__fmode
malloc
__CxxFrameHandler
??1type_info@@UAE@XZ
memset
__dllonexit
_controlfp
_except_handler3
?terminate@@YAXXZ
_onexit
wcslen
wcscmp
exit
_XcptFilter
memcmp
__setusermatherr
__p__commode
_acmdln
_CxxThrowException
_adjust_fdiv
free
wcscat
__getmainargs
_exit
memmove
memcpy
_beginthreadex
wcsstr
_initterm
__set_app_type
SysAllocString
SysFreeString
SysStringLen
VariantClear
SysAllocStringLen
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SetFocus
GetParent
EndDialog
CharUpperW
KillTimer
ShowWindow
SetWindowLongW
MessageBoxW
GetWindowRect
EnableWindow
MoveWindow
DialogBoxParamW
GetWindowTextLengthW
PostMessageW
SetDlgItemTextW
GetKeyState
MapDialogRect
SendMessageW
LoadStringW
SetWindowTextW
GetDlgItem
SystemParametersInfoW
ScreenToClient
InvalidateRect
SetTimer
IsDlgButtonChecked
GetWindowTextW
CheckDlgButton
LoadCursorW
LoadIconW
GetFocus
GetWindowLongW
SetCursor
CoUninitialize
CoCreateInstance
CoInitialize
OleInitialize
Number of PE resources by type
RT_STRING 16
RT_DIALOG 4
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 24
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
15.14.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
51712

EntryPoint
0x245ca

OriginalFileName
7z.sfx.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 1999-2015 Igor Pavlov

FileVersion
15.14

TimeStamp
2015:12:31 15:25:58+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
7z.sfx

ProductVersion
15.14

FileDescription
7z SFX

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Igor Pavlov

CodeSize
155648

ProductName
7-Zip

ProductVersionNumber
15.14.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 8004d3b766e3aeaacd6365b45eec6c6c
SHA1 f19f2bdbe5fb68c9553b6f26cbe0297918d763f3
SHA256 f468a7b2aabb2ffe71f808b2955d1a05e245b70b4030284d1c3ba7bb1fb04a50
ssdeep
393216:2R80Hit+g7WfFwffhKhLUKJWWmNJN2I9i8vgcAOJFIecszaamtQpR6k:E80e+gg3qJNT9TAOF+aaa6I

authentihash a6c7f7ef851c756ccb46d3beb1d4164fc4f0cf35b7a97bc7c0fef4e141a47db1
imphash e6f39b3587ab9278fb99290006fa6b09
Размер файла 16.8 MБ ( 17636298 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-03-18 21:16:48 UTC (3 лет, 2 месяцев назад)
Last submission 2016-03-18 21:16:48 UTC (3 лет, 2 месяцев назад)
Имена файлов 7z.sfx.exe
7z.sfx
Archiv_2016.exe
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs
DNS requests
UDP communications