× Çerezler devre dışı bırakılmış! Bu sitenin düzgün bir şekilde çalışabilmesi için çerezlerin açık olması gerekir.
SHA256: 83eb3d113e46b71233f261b033391d75dd83eca29a22f5d005d3d0c66c2877a7
Dosya adı: Hitman_Contracts_Turkce_Yama_v1.00.exe
Tespit edilme orani 3 / 68
Analiz tarihi: 2019-02-11 19:10:57 UTC ( 2 ay, 1 hafta önce) En sonuncusunu görüntüle
Antivirus Sonuç Güncelle
Cyren W32/Zbot.AP.gen!Eldorado 20190211
F-Prot W32/Zbot.AP.gen!Eldorado 20190211
Trapmine suspicious.low.ml.score 20190123
Acronis 20190208
Ad-Aware 20190211
AegisLab 20190211
AhnLab-V3 20190211
Alibaba 20180921
ALYac 20190211
Antiy-AVL 20190211
Arcabit 20190211
Avast 20190211
Avast-Mobile 20190211
AVG 20190211
Avira (no cloud) 20190211
Babable 20180918
Baidu 20190202
BitDefender 20190211
Bkav 20190201
CAT-QuickHeal 20190210
ClamAV 20190211
CMC 20190211
Comodo 20190211
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190211
DrWeb 20190211
eGambit 20190211
Emsisoft 20190211
Endgame 20181108
ESET-NOD32 20190211
F-Secure 20190211
Fortinet 20190211
GData 20190211
Sophos ML 20181128
Jiangmin 20190211
K7AntiVirus 20190211
K7GW 20190211
Kaspersky 20190211
Kingsoft 20190211
Malwarebytes 20190211
MAX 20190211
McAfee 20190211
McAfee-GW-Edition 20190211
Microsoft 20190211
eScan 20190211
NANO-Antivirus 20190211
Palo Alto Networks (Known Signatures) 20190211
Panda 20190211
Qihoo-360 20190211
Rising 20190211
SentinelOne (Static ML) 20190203
Sophos AV 20190211
SUPERAntiSpyware 20190206
Symantec 20190211
Symantec Mobile Insight 20190207
TACHYON 20190211
Tencent 20190211
TheHacker 20190203
TrendMicro 20190211
TrendMicro-HouseCall 20190211
Trustlook 20190211
VBA32 20190211
ViRobot 20190211
Webroot 20190211
Yandex 20190210
Zillya 20190211
ZoneAlarm by Check Point 20190211
Zoner 20190211
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2011 - OyunCeviri.com

Product Hitman Contracts Türkçe Yama
File version 1.00
Description Hitman Contracts TR v1.00
Comments Oyunlar artýk Türkçe :)
Packers identified
Command UPX
F-PROT UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-12-05 22:50:46
Entry Point 0x0003C400
Number of sections 3
PE sections
Overlays
MD5 65578aef33ce2bb51399d7ca7436c56c
File type data
Offset 24576
Size 423969
Entropy 8.00
PE imports
RegEnumKeyA
SetBkMode
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
ShellExecuteA
VerQueryValueA
CoTaskMemFree
Number of PE resources by type
RT_DIALOG 4
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 7
NEUTRAL 1
PE resources
ExifTool file metadata
CodeSize
20480

SubsystemVersion
4.0

Comments
Oyunlar art k T rk e :)

LinkerVersion
6.0

ImageVersion
6.0

CompanyWebsite
http://www.oyunceviri.com

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x0000

FileDescription
Hitman Contracts TR v1.00

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
8192

EntryPoint
0x3c400

MIMEType
application/octet-stream

LegalCopyright
2011 - OyunCeviri.com

FileVersion
1.0

TimeStamp
2009:12:05 14:50:46-08:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0

UninitializedDataSize
225280

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
OyunCeviri.com

LegalTrademarks
Hitman Contracts Eidos Interactive

ProductName
Hitman Contracts T rk e Yama

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 71bf12de01f37c4b6a21df90a6341db7
SHA1 9a369391cd694f7a93187d6f13fbbbab88503100
SHA256 83eb3d113e46b71233f261b033391d75dd83eca29a22f5d005d3d0c66c2877a7
ssdeep
12288:nN4eRQAuiQxmf3wUrBxt7XNsvWZDG85UhHyUdFj:nrmcSUz1NcWo858HyGFj

authentihash 304c56ed05fed025494302003e6d58c715e04b1ff1dc48fae1f2624adda2baba
imphash 2134f794bcda54794e74b7208adb2204
Dosya boyutu 438.0 KB ( 448545 bytes )
Dosya türü Win32 EXE
Magic lafzı
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (38.2%)
Win32 EXE Yoda's Crypter (37.5%)
Win32 Dynamic Link Library (generic) (9.2%)
Win32 Executable (generic) (6.3%)
OS/2 Executable (generic) (2.8%)
Tags
peexe upx overlay

VirusTotal metadata
First submission 2012-10-20 15:59:48 UTC ( 6 yıl, 6 ay önce)
Last submission 2019-02-11 19:10:57 UTC ( 2 ay, 1 hafta önce)
Dosya isimleri Hitman_Contracts_Turkce_Yama.exe
Hitman_Contracts_Turkce_Yama_v1.00.exe
Hitman_Contracts_Turkce_Yama.exe
hitman_contracts_turkce_yama_v1.00.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
keylogger

Yorum yok.. Henüz hiçbir VirusTotal Topluluğu üyesi bu öğeye yorum yapmadı.Bunu yapan ilk sen ol!

Yorum ekleyin...

?
Yorumu gönder.

Üye girişi yapmadınız..Sadece kayıtlı kullanıcılar yorum yapabilir.Sesinizi duyurmak için giriş yapın.

Oy yok.. Bu öğeyi daha önce hiç kimse oylamadı.Bunu yapan ilk sen ol!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Deleted files
Set keys
Created mutexes
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
UDP communications