× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: f6b4b3f05a02df80a24bb1b499b3bd5700a025e702077731a55fd4d850076daf
Имя файла: PatchPAE3.exe
Показатель выявления: 0 / 55
Дата анализа: 2015-11-24 09:33:03 UTC (3 лет, 1 месяц назад) Показать последний анализ
Антивирус Результат Дата обновления
Ad-Aware 20151124
AegisLab 20151124
Yandex 20151123
AhnLab-V3 20151123
Alibaba 20151124
ALYac 20151124
Antiy-AVL 20151124
Arcabit 20151124
Avast 20151124
AVG 20151124
Avira (no cloud) 20151124
AVware 20151124
Baidu-International 20151124
BitDefender 20151124
Bkav 20151123
ByteHero 20151124
CAT-QuickHeal 20151124
ClamAV 20151124
CMC 20151124
Comodo 20151124
Cyren 20151124
DrWeb 20151124
Emsisoft 20151124
ESET-NOD32 20151124
F-Prot 20151124
F-Secure 20151124
Fortinet 20151124
GData 20151124
Ikarus 20151124
Jiangmin 20151123
K7AntiVirus 20151124
K7GW 20151124
Kaspersky 20151124
Malwarebytes 20151124
McAfee 20151124
McAfee-GW-Edition 20151124
Microsoft 20151124
eScan 20151124
NANO-Antivirus 20151124
nProtect 20151124
Panda 20151123
Qihoo-360 20151124
Rising 20151122
Sophos AV 20151123
SUPERAntiSpyware 20151124
Symantec 20151123
Tencent 20151124
TheHacker 20151121
TrendMicro 20151124
TrendMicro-HouseCall 20151124
VBA32 20151123
VIPRE 20151124
ViRobot 20151124
Zillya 20151123
Zoner 20151124
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-11-20 20:05:57
Entry Point 0x00004252
Number of sections 5
PE sections
PE imports
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
SetHandleCount
GetModuleFileNameW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
EncodePointer
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
CopyFileW
IsProcessorFeaturePresent
DeleteCriticalSection
GetCurrentProcess
GetFileType
GetConsoleMode
GetStringTypeW
GetCurrentProcessId
LCMapStringW
GetCPInfo
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetStartupInfoW
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
HeapSize
SetStdHandle
GetSystemDefaultLangID
WideCharToMultiByte
LoadLibraryW
TlsFree
SetFilePointer
HeapSetInformation
SetUnhandledExceptionFilter
WriteFile
CloseHandle
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
DecodePointer
GetModuleHandleW
HeapAlloc
TerminateProcess
IsValidCodePage
HeapCreate
CreateFileW
InterlockedDecrement
Sleep
WriteConsoleW
TlsSetValue
GetTickCount
GetCurrentThreadId
InterlockedIncrement
ExitProcess
SetLastError
LeaveCriticalSection
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
UnMapAndLoad
MapAndLoad
NtQuerySystemInformation
RtlAllocateHeap
RtlMultiByteToUnicodeSize
RtlUpcaseUnicodeChar
RtlInitializeSListHead
RtlUnicodeToMultiByteN
NtCreateKeyedEvent
RtlMultiByteToUnicodeN
RtlUnicodeToMultiByteSize
RtlCreateHeap
RtlInterlockedPopEntrySList
RtlFreeHeap
RtlInterlockedPushEntrySList
RtlUnwind
RtlFindMessage
RtlGetVersion
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

TimeStamp
2015:11:20 21:05:57+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
55296

LinkerVersion
10.0

FileTypeExtension
exe

InitializedDataSize
34816

SubsystemVersion
5.1

EntryPoint
0x4252

OSVersion
5.1

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 3a70c3ba93f2f429ea06ebe958621044
SHA1 e67f6136e4ec332e2fc62b79e791168d6c40e6ed
SHA256 f6b4b3f05a02df80a24bb1b499b3bd5700a025e702077731a55fd4d850076daf
ssdeep
1536:14j9Bij4qwGvzLgyyhQnWpwvtnt8rDX8L9fnkR:E9GGGfy0Ew88L9fnkR

authentihash fa694e5b2c37173dcb35ada4a2ae34c6790b5c2fe80d2f6ba0468c85cdca9879
imphash 337bcf544958ecce15fc1685c1c0c544
Размер файла 89.0 KБ ( 91136 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2015-11-21 14:56:22 UTC (3 лет, 2 месяцев назад)
Last submission 2017-06-09 18:40:49 UTC (1 год, 7 месяцев назад)
Имена файлов PatchPAE3.exe
PatchPAE3.exe
PatchPae3.exe
PatchPae3.exe
PatchPAE.exe
PatchPAE3.exe
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.