× Çerezler devre dışı bırakılmış! Bu sitenin düzgün bir şekilde çalışabilmesi için çerezlerin açık olması gerekir.
SHA256: 48d124e3b7983dc57850892ebb91e86942452160a4f8b8525fb63a1ca3118171
Dosya adı: turkcefm2007v2.exe
Tespit edilme orani 2 / 69
Analiz tarihi: 2019-02-11 18:49:54 UTC ( 2 ay, 1 hafta önce)
Antivirus Sonuç Güncelle
CMC Client-IRC.Win32.mIRC!O 20190211
Trapmine suspicious.low.ml.score 20190123
Acronis 20190208
Ad-Aware 20190211
AegisLab 20190211
AhnLab-V3 20190211
Alibaba 20180921
ALYac 20190211
Antiy-AVL 20190211
Arcabit 20190211
Avast 20190211
Avast-Mobile 20190211
AVG 20190211
Avira (no cloud) 20190211
Babable 20180918
Baidu 20190202
BitDefender 20190211
Bkav 20190201
CAT-QuickHeal 20190210
ClamAV 20190211
Comodo 20190211
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190211
Cyren 20190211
DrWeb 20190211
eGambit 20190211
Emsisoft 20190211
Endgame 20181108
ESET-NOD32 20190211
F-Prot 20190211
F-Secure 20190211
Fortinet 20190211
GData 20190211
Ikarus 20190211
Sophos ML 20181128
Jiangmin 20190211
K7AntiVirus 20190211
K7GW 20190211
Kaspersky 20190211
Kingsoft 20190211
Malwarebytes 20190211
MAX 20190211
McAfee 20190211
McAfee-GW-Edition 20190211
Microsoft 20190211
eScan 20190211
NANO-Antivirus 20190211
Palo Alto Networks (Known Signatures) 20190211
Panda 20190211
Qihoo-360 20190211
Rising 20190211
SentinelOne (Static ML) 20190203
Sophos AV 20190211
SUPERAntiSpyware 20190206
Symantec 20190211
Symantec Mobile Insight 20190207
TACHYON 20190211
Tencent 20190211
TheHacker 20190203
TrendMicro 20190211
TrendMicro-HouseCall 20190211
Trustlook 20190211
VBA32 20190211
ViRobot 20190211
Webroot 20190211
Yandex 20190210
Zillya 20190211
ZoneAlarm by Check Point 20190211
Zoner 20190211
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Setup Engine Copyright © 2004 Indigo Rose Corporation

Product Setup Factory 7.0 Runtime
Original name suf70_launch.exe
Internal name suf70_launch
File version 7.0.2.0
Description Setup Application
Comments Created with Setup Factory 7.0
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-04-11 14:52:41
Entry Point 0x00001D9D
Number of sections 4
PE sections
Overlays
MD5 5647b5aa4c150ecc8d45eee73de2b472
File type data
Offset 69632
Size 11284169
Entropy 7.98
PE imports
GetLastError
GetEnvironmentVariableA
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
GetStartupInfoA
LoadLibraryA
lstrlenA
GetFileAttributesA
GetExitCodeProcess
LCMapStringA
HeapReAlloc
HeapDestroy
ExitProcess
TlsAlloc
GetVersionExA
GetEnvironmentStringsW
GetTempPathA
RemoveDirectoryA
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
GetCurrentProcess
_lwrite
GetEnvironmentStrings
lstrcatA
CreateDirectoryA
DeleteFileA
GetCurrentDirectoryA
UnhandledExceptionFilter
InterlockedDecrement
_llseek
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineA
GetProcAddress
_lread
GetModuleHandleA
_lclose
WideCharToMultiByte
lstrcmpiA
GetStringTypeA
_lcreat
lstrcpyA
_lopen
CloseHandle
GetACP
GetDiskFreeSpaceA
GetStringTypeW
GetCurrentThreadId
GetOEMCP
TerminateProcess
CreateProcessA
SetHandleCount
InitializeCriticalSection
HeapCreate
WriteFile
VirtualFree
TlsGetValue
GetFileType
MultiByteToWideChar
TlsSetValue
HeapAlloc
GetVersion
InterlockedIncrement
VirtualAlloc
SetCurrentDirectoryA
SetLastError
LeaveCriticalSection
wsprintfA
LoadCursorA
DispatchMessageA
MessageBoxA
PeekMessageA
MsgWaitForMultipleObjects
TranslateMessage
SetCursor
Number of PE resources by type
RT_ICON 9
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 11
PE resources
ExifTool file metadata
CodeSize
20480

SubsystemVersion
4.0

Comments
Created with Setup Factory 7.0

InitializedDataSize
49152

ImageVersion
0.0

ProductName
Setup Factory 7.0 Runtime

FileVersionNumber
7.0.2.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
suf70_launch.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
7.0.2.0

TimeStamp
2005:04:11 15:52:41+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
suf70_launch

ProductVersion
7.0.2.0

FileDescription
Setup Application

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Setup Engine Copyright 2004 Indigo Rose Corporation

MachineType
Intel 386 or later, and compatibles

LegalTrademarks
Setup Factory is a trademark of Indigo Rose Corporation.

FileSubtype
0

ProductVersionNumber
7.0.2.0

EntryPoint
0x1d9d

ObjectFileType
Executable application

File identification
MD5 61bbe0590efc64e6bcb0d29d538d3da9
SHA1 fda7c674c59a1096a89d15215e78ee4e5c03256d
SHA256 48d124e3b7983dc57850892ebb91e86942452160a4f8b8525fb63a1ca3118171
ssdeep
196608:Mr3wR+0b5BUg0OugttD3ccp2Cy1bjjc4qDoe8gy:Mr3wVkOvBp2CyZjVPbj

authentihash f9333208d5bde65d3249dd98521bb3b9392442414363675a609cb60efb7ae489
imphash a24e57cfb1e35030a9b4252bf1fa8b4b
Dosya boyutu 10.8 MB ( 11353801 bytes )
Dosya türü Win32 EXE
Magic lafzı
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (40.8%)
Win32 Executable MS Visual C++ (generic) (15.5%)
Win64 Executable (generic) (13.7%)
Win32 EXE Yoda's Crypter (13.2%)
Microsoft Visual C++ compiled executable (generic) (8.2%)
Tags
peexe armadillo overlay

VirusTotal metadata
First submission 2010-05-26 15:20:15 UTC ( 8 yıl, 11 ay önce)
Last submission 2019-02-11 18:49:54 UTC ( 2 ay, 1 hafta önce)
Dosya isimleri suf70_launch.exe
suf70_launch
file-4904889_exe
turkcefm2007v2.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Yorum yok.. Henüz hiçbir VirusTotal Topluluğu üyesi bu öğeye yorum yapmadı.Bunu yapan ilk sen ol!

Yorum ekleyin...

?
Yorumu gönder.

Üye girişi yapmadınız..Sadece kayıtlı kullanıcılar yorum yapabilir.Sesinizi duyurmak için giriş yapın.

Oy yok.. Bu öğeyi daha önce hiç kimse oylamadı.Bunu yapan ilk sen ol!