× Çerezler devre dışı bırakılmış! Bu sitenin düzgün bir şekilde çalışabilmesi için çerezlerin açık olması gerekir.
SHA256: 05cd14751c44bdac2b76aac329f5fdbc92acbbcdb08865b509454df132d89781
Dosya adı: Muhasebe.exe
Tespit edilme orani 0 / 68
Analiz tarihi: 2018-09-12 18:33:54 UTC ( 3 ay önce) En sonuncusunu görüntüle
Antivirus Sonuç Güncelle
Ad-Aware 20180912
AegisLab 20180912
AhnLab-V3 20180912
Alibaba 20180713
ALYac 20180912
Antiy-AVL 20180912
Arcabit 20180912
Avast 20180912
Avast-Mobile 20180912
AVG 20180912
Avira (no cloud) 20180912
AVware 20180912
Babable 20180907
Baidu 20180912
BitDefender 20180912
Bkav 20180912
CAT-QuickHeal 20180912
ClamAV 20180912
CMC 20180912
Comodo 20180912
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180912
Cyren 20180912
DrWeb 20180912
eGambit 20180912
Emsisoft 20180912
Endgame 20180730
ESET-NOD32 20180912
F-Prot 20180912
F-Secure 20180912
Fortinet 20180912
GData 20180912
Ikarus 20180912
Sophos ML 20180717
Jiangmin 20180912
K7AntiVirus 20180912
K7GW 20180912
Kaspersky 20180912
Kingsoft 20180912
Malwarebytes 20180912
MAX 20180912
McAfee 20180912
McAfee-GW-Edition 20180912
Microsoft 20180912
eScan 20180912
NANO-Antivirus 20180912
Palo Alto Networks (Known Signatures) 20180912
Panda 20180912
Qihoo-360 20180912
Rising 20180912
SentinelOne (Static ML) 20180830
Sophos AV 20180912
SUPERAntiSpyware 20180907
Symantec 20180912
Symantec Mobile Insight 20180911
TACHYON 20180912
Tencent 20180912
TheHacker 20180907
TotalDefense 20180912
TrendMicro 20180912
TrendMicro-HouseCall 20180912
Trustlook 20180912
VBA32 20180912
VIPRE 20180912
ViRobot 20180912
Webroot 20180912
Yandex 20180912
Zillya 20180912
ZoneAlarm by Check Point 20180912
Zoner 20180912
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Original name Extra Ön Muhasebe
File version 6.9.1.3
Description Extra Ön Muhasebe
Packers identified
F-PROT UPX
PEiD UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00A97030
Number of sections 3
PE sections
PE imports
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
RegCloseKey
ImageList_Add
PrintDlgA
WNetGetConnectionA
OleDraw
VariantCopy
OleUIObjectPropertiesA
SHGetMalloc
ScriptPlace
VerQueryValueA
InternetGetConnectedState
WritePrinter
inet_ntoa
Number of PE resources by type
RT_RCDATA 204
RT_BITMAP 97
RT_STRING 92
RT_GROUP_CURSOR 15
RT_CURSOR 15
UNICODEDATA 6
RT_ICON 2
RT_GROUP_ICON 2
RT_DIALOG 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 362
GERMAN 48
RUSSIAN 16
FRENCH 6
TURKISH DEFAULT 3
PE resources
ExifTool file metadata
UninitializedDataSize
8470528

LinkerVersion
2.25

ImageVersion
0.0

FileVersionNumber
6.9.1.3

LanguageCode
Turkish

FileFlagsMask
0x003f

FileDescription
Extra n Muhasebe

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Windows, Turkish

InitializedDataSize
40960

EntryPoint
0xa97030

OriginalFileName
Extra n Muhasebe

MIMEType
application/octet-stream

FileVersion
6.9.1.3

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
6.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Extra Yaz l m & Web Tasar m

CodeSize
2633728

FileSubtype
0

ProductVersionNumber
6.9.1.3

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 0eefca9f4a536dcde60ad746da1d0b13
SHA1 eb2f9d63b46a2f824b9dd1800d351a5274ecbe5f
SHA256 05cd14751c44bdac2b76aac329f5fdbc92acbbcdb08865b509454df132d89781
ssdeep
49152:xoMFvyPWhgMN0eg0n88rhUnqJm2drK2EX0FNs74:xoiSKgMXMadtk74

authentihash 03050e6a46a65adb788035d6b0a36a3dfbb73015c31ca4c248b93e46ec008651
imphash 2df21047698c1a05403529bea75a7aa6
Dosya boyutu 2.5 MB ( 2669056 bytes )
Dosya türü Win32 EXE
Magic lafzı
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (37.1%)
Win32 EXE Yoda's Crypter (36.4%)
Win32 Dynamic Link Library (generic) (9.0%)
Win32 Executable (generic) (6.1%)
Win16/32 Executable Delphi generic (2.8%)
Tags
peexe upx

VirusTotal metadata
First submission 2018-09-12 18:33:54 UTC ( 3 ay önce)
Last submission 2018-09-12 18:33:54 UTC ( 3 ay önce)
Dosya isimleri Muhasebe.exe
Extra Ön Muhasebe
Yorum yok.. Henüz hiçbir VirusTotal Topluluğu üyesi bu öğeye yorum yapmadı.Bunu yapan ilk sen ol!

Yorum ekleyin...

?
Yorumu gönder.

Üye girişi yapmadınız..Sadece kayıtlı kullanıcılar yorum yapabilir.Sesinizi duyurmak için giriş yapın.

Oy yok.. Bu öğeyi daha önce hiç kimse oylamadı.Bunu yapan ilk sen ol!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Created mutexes
Runtime DLLs