× Колачићи су онемогућени. Овај сајт захтева колачиће како би нормално функционисао
SHA256: 387d4e8c5d54f69c745bd0a1c52c0abd4cbee2156269b57a1163a9ff361d0161
Име датотеке: YouTubeTelecharger.exe
Однос откривања: 0 / 55
Датум анализе: 2014-10-09 07:03:26 UTC (пре 2 године, 7 месеци) Погледај последње
Антивирус Резултат Ажурирање
Ad-Aware 20141009
AegisLab 20141009
Yandex 20141008
AhnLab-V3 20141008
Antiy-AVL 20141008
Avast 20141009
AVG 20141009
Avira (no cloud) 20141009
AVware 20141009
Baidu-International 20141008
BitDefender 20141009
Bkav 20141008
ByteHero 20141009
CAT-QuickHeal 20141008
ClamAV 20141009
CMC 20141009
Comodo 20141009
Cyren 20141009
DrWeb 20141004
Emsisoft 20141009
ESET-NOD32 20141009
F-Prot 20141009
F-Secure 20141009
Fortinet 20141009
GData 20141009
Ikarus 20141009
Jiangmin 20141008
K7AntiVirus 20141008
K7GW 20141008
Kaspersky 20141009
Kingsoft 20141009
Malwarebytes 20141009
McAfee 20141009
McAfee-GW-Edition 20141008
Microsoft 20141009
eScan 20141009
NANO-Antivirus 20141009
Norman 20141009
nProtect 20141008
Panda 20141008
Qihoo-360 20141009
Rising 20141008
Sophos 20141009
SUPERAntiSpyware 20141009
Symantec 20141009
Tencent 20141009
TheHacker 20141008
TotalDefense 20141008
TrendMicro 20141009
TrendMicro-HouseCall 20141009
VBA32 20141008
VIPRE 20141009
ViRobot 20141009
Zillya 20141009
Zoner 20141007
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
YouTube Telecharger

Publisher YouTubeTelecharger.com
Product YouTube Telecharger
Original name YouTubeTelecharger.exe
Internal name YouTubeTelecharger
File version 2.03
Description download youtube videos from YouTube.com and auto convertTélécharger les vidéos de YouTube en MP4 et MP3 formats de haute qualité.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-10-09 04:07:53
Entry Point 0x00004FCC
Number of sections 3
PE sections
PE imports
_adj_fdivr_m64
Ord(546)
Ord(518)
__vbaGenerateBoundsError
__vbaStrFixstr
__vbaInputFile
Ord(616)
EVENT_SINK_Invoke
_adj_fprem
__vbaR4Var
__vbaAryMove
__vbaObjVar
Ord(580)
__vbaVarAnd
__vbaForEachCollObj
__vbaRecDestruct
__vbaRaiseEvent
_adj_fdiv_r
_allmul
__vbaUI1I2
__vbaRecAnsiToUni
Ord(320)
__vbaChkstk
__vbaObjSetAddref
__vbaFixstrConstruct
_adj_fdiv_m64
__vbaHresultCheckObj
__vbaI2Var
__vbaR8Str
_CIlog
__vbaVarMul
Ord(595)
__vbaVarLateMemCallLd
_adj_fptan
__vbaFileClose
Ord(581)
__vbaI4Var
__vbaLateIdCall
__vbaFPInt
__vbaRecUniToAnsi
Ord(608)
__vbaFreeStr
Ord(670)
__vbaLateIdCallLd
Ord(631)
__vbaStrI2
__vbaStrR8
Ord(588)
__vbaStrR4
Ord(709)
__vbaFreeStrList
__vbaI2I4
_adj_fdiv_m16i
EVENT_SINK_QueryInterface
Ord(516)
Ord(531)
Ord(607)
__vbaLenBstr
Ord(525)
Ord(617)
__vbaNextEachCollObj
Ord(681)
__vbaStrToUnicode
__vbaInStr
_adj_fdiv_m32i
Ord(717)
Ord(600)
__vbaExceptHandler
__vbaSetSystemError
DllFunctionCall
Zombie_GetTypeInfoCount
__vbaUbound
__vbaVarTstLt
__vbaDerefAry1
__vbaFreeVar
__vbaBoolVarNull
__vbaStrI4
__vbaFileOpen
Ord(571)
__vbaI2Str
Ord(321)
_CIsin
__vbaFPFix
__vbaNew
__vbaLsetFixstr
__vbaVarTstEq
Ord(610)
__vbaVarDiv
Ord(711)
__vbaOnError
_adj_fdivr_m32i
Ord(579)
__vbaInStrVar
__vbaStrCat
__vbaVarDup
_adj_fdiv_m32
__vbaPrintFile
EVENT_SINK_Release
__vbaStrCmp
__vbaAryCopy
__vbaRecAssign
__vbaVarLateMemSt
__vbaStrVarCopy
__vbaFreeObjList
Ord(650)
EVENT_SINK_GetIDsOfNames
Ord(319)
Ord(666)
__vbaVar2Vec
__vbaVarForNext
__vbaFreeVarList
__vbaStrVarMove
Ord(618)
__vbaExitProc
Ord(542)
Zombie_GetTypeInfo
__vbaVarOr
__vbaVarTstNe
__vbaCastObj
__vbaLateMemCallLd
__vbaAryConstruct2
Ord(520)
__vbaLineInputVar
__vbaFreeObj
_adj_fdivr_m32
__vbaStrVarVal
__vbaVarSub
__vbaUnkVar
Ord(532)
_CIcos
Ord(713)
Ord(543)
Ord(528)
__vbaStrErrVarCopy
__vbaVarCmpNe
__vbaVarMove
Ord(646)
__vbaErrorOverflow
__vbaNew2
__vbaLateIdSt
__vbaVarCmpEq
__vbaAryDestruct
__vbaStrMove
_adj_fprem1
Ord(619)
Ord(537)
__vbaWriteFile
Ord(712)
__vbaLenVar
__vbaEnd
__vbaPutOwner3
Ord(685)
__vbaLateMemSt
__vbaVarLateMemCallLdRf
_adj_fpatan
EVENT_SINK_AddRef
Ord(547)
__vbaVarForInit
__vbaObjIs
__vbaVarVargNofree
__vbaStrCopy
Ord(632)
Ord(645)
__vbaFPException
__vbaAryVar
_adj_fdivr_m16i
__vbaVarAdd
Ord(100)
__vbaRecDestructAnsi
Ord(544)
__vbaCastObjVar
Ord(519)
Ord(561)
Ord(526)
_CIsqrt
__vbaVarCopy
Ord(612)
_CIatan
__vbaI2Abs
__vbaLateMemCall
_CItan
Ord(529)
__vbaObjSet
__vbaI2ErrVar
Ord(644)
__vbaVarCat
_CIexp
__vbaStrToAnsi
__vbaFpR4
__vbaFpR8
__vbaFpI4
Ord(598)
__vbaFpI2
Ord(545)
Number of PE resources by type
RT_ICON 3
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
CHINESE SIMPLIFIED 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
2.3

FileSubtype
0

FileVersionNumber
2.3.0.0

UninitializedDataSize
0

LanguageCode
Chinese (Simplified)

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
40960

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
YouTube Telecharger

FileVersion
2.03

TimeStamp
2014:10:09 05:07:53+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
YouTubeTelecharger

FileAccessDate
2014:10:23 09:29:42+01:00

ProductVersion
2.03

FileDescription
download youtube videos from YouTube.com and auto convertT l charger les vid os de YouTube en MP4 et MP3 formats de haute qualit .

OSVersion
4.0

FileCreateDate
2014:10:23 09:29:42+01:00

OriginalFilename
YouTubeTelecharger.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
YouTubeTelecharger.com

CodeSize
2957312

ProductName
YouTube Telecharger

ProductVersionNumber
2.3.0.0

EntryPoint
0x4fcc

ObjectFileType
Executable application

File identification
MD5 a6c36723fe8ab5efacbde405e5534d05
SHA1 b6df1c4f7310da909a9af7c2eb6ee7a7ef4fb546
SHA256 387d4e8c5d54f69c745bd0a1c52c0abd4cbee2156269b57a1163a9ff361d0161
ssdeep
24576:xP6B30Vb3VxKa54zeR/FhnI3WUgiRyOezJHLXuw:a0VbXGeRv+YNOezFLXu

authentihash 3b44bc76dddf9c3cc597bbe227bfae9d3d496019449bea2d496d555376cf0a49
imphash 9507125caf41579f23f97ccb33a1ddcc
File size 2.8 MB ( 2981888 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (84.4%)
Win32 Dynamic Link Library (generic) (6.7%)
Win32 Executable (generic) (4.6%)
Generic Win/DOS Executable (2.0%)
DOS Executable Generic (2.0%)
Tags
peexe

VirusTotal metadata
First submission 2014-10-09 07:03:26 UTC (пре 2 године, 7 месеци)
Last submission 2014-10-09 07:03:26 UTC (пре 2 године, 7 месеци)
Имена датотека YouTubeTelecharger
YouTubeTelecharger.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Нема коментара.. Ниједан члан заједнице Вајрустотала још није прокоментарисао ову ставку. Будите први који ће то урадити!

Оставите коментар…

?
Постави коментар

Нисте пријављени. Само регистровани корисници могу да остављају коментаре. Отворите налог и разгласите се!

Нема гласова.. Још нико није гласао за ову ставку. Будите први који ће то учинити!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Searched windows
Hooking activity
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.