× Cookies đã bị vô hiệu! Trang này yêu cầu kích hoạt cookies để có thể làm việc bình thường
SHA256: abf3eee0c2556f6efa0d4446df7244778a61d6c3c339a4ecabaccdd85568e4e8
Tên tập tin: ffmpeg-win-2.2.2.exe
Tỷ lệ phát hiện: 0 / 68
Ngày phân tích: 2018-12-10 20:12:24 UTC ( 16 giờ, 57 phút trước )
Chương trình Kết quả Cập nhật
Ad-Aware 20181210
AegisLab 20181210
AhnLab-V3 20181210
Alibaba 20180921
ALYac 20181210
Antiy-AVL 20181210
Arcabit 20181210
Avast 20181210
Avast-Mobile 20181210
AVG 20181210
Avira (no cloud) 20181210
Babable 20180918
Baidu 20181207
BitDefender 20181210
Bkav 20181210
CAT-QuickHeal 20181210
ClamAV 20181210
CMC 20181209
Comodo 20181210
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181210
Cyren 20181210
DrWeb 20181210
eGambit 20181210
Emsisoft 20181210
Endgame 20181108
ESET-NOD32 20181210
F-Prot 20181210
F-Secure 20181210
Fortinet 20181210
GData 20181210
Ikarus 20181210
Sophos ML 20181128
Jiangmin 20181210
K7AntiVirus 20181210
K7GW 20181210
Kaspersky 20181210
Kingsoft 20181210
Malwarebytes 20181210
MAX 20181210
McAfee 20181210
McAfee-GW-Edition 20181210
Microsoft 20181210
eScan 20181210
NANO-Antivirus 20181210
Palo Alto Networks (Known Signatures) 20181210
Panda 20181210
Qihoo-360 20181210
Rising 20181210
SentinelOne (Static ML) 20181011
Sophos AV 20181210
SUPERAntiSpyware 20181205
Symantec 20181210
Symantec Mobile Insight 20181207
TACHYON 20181210
Tencent 20181210
TheHacker 20181210
Trapmine 20181205
TrendMicro 20181210
TrendMicro-HouseCall 20181210
Trustlook 20181210
VBA32 20181210
ViRobot 20181210
Webroot 20181210
Yandex 20181207
Zillya 20181208
ZoneAlarm by Check Point 20181210
Zoner 20181210
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Product FFmpeg (Windows) for Audacity
File version
Description FFmpeg (Windows) for Audacity Setup
Comments This installation was built with Inno Setup.
Packers identified
F-PROT INNO, appended
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-07-09 07:58:13
Entry Point 0x000113BC
Number of sections 8
PE sections
Overlays
MD5 c8b7ebf3e2b31778040f23692da9a451
File type data
Offset 119296
Size 9838651
Entropy 8.00
PE imports
RegCloseKey
OpenProcessToken
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControls
GetLastError
GetStdHandle
GetUserDefaultLangID
GetSystemInfo
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetThreadLocale
VirtualProtect
GetFileAttributesW
RtlUnwind
lstrlenW
GetExitCodeProcess
CreateProcessW
GetStartupInfoA
SizeofResource
GetWindowsDirectoryW
LocalAlloc
LockResource
GetDiskFreeSpaceW
GetCommandLineW
SetErrorMode
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetCPInfo
DeleteFileW
GetProcAddress
InterlockedCompareExchange
GetLocaleInfoW
lstrcpynW
RaiseException
WideCharToMultiByte
RemoveDirectoryW
SetFilePointer
GetFullPathNameW
ReadFile
GetEnvironmentVariableW
InterlockedExchange
CreateDirectoryW
WriteFile
GetCurrentProcess
CloseHandle
FindFirstFileW
GetACP
GetModuleHandleW
SignalObjectAndWait
SetEvent
FormatMessageW
LoadLibraryW
CreateEventW
GetVersion
LoadResource
FindResourceW
CreateFileW
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
VirtualAlloc
GetFileSize
SetLastError
ResetEvent
SysReAllocStringLen
SysFreeString
SysAllocStringLen
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
LoadStringW
MessageBoxA
CreateWindowExW
MsgWaitForMultipleObjects
TranslateMessage
CharUpperBuffW
CallWindowProcW
CharNextW
GetKeyboardType
ExitWindowsEx
DispatchMessageW
DestroyWindow
Number of PE resources by type
RT_STRING 6
RT_ICON 4
RT_RCDATA 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 9
ENGLISH US 4
DUTCH 4
PE resources
ExifTool file metadata
SubsystemVersion
5.0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
FFmpeg (Windows) for Audacity Setup

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Unicode

InitializedDataSize
53248

EntryPoint
0x113bc

MIMEType
application/octet-stream

TimeStamp
2014:07:09 08:58:13+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
2.2.2

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
65024

ProductName
FFmpeg (Windows) for Audacity

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
While monitoring an end-user machine in-the-wild, CarbonBlack noticed this sample wrote the following files to disk.
Execution parents
Compressed bundles
File identification
MD5 811fa859848106f010d39e00583affa8
SHA1 59829411d706b4d64023c9e05fdbc5d6c698d4fa
SHA256 abf3eee0c2556f6efa0d4446df7244778a61d6c3c339a4ecabaccdd85568e4e8
ssdeep
196608:0DeeThYhQBg0S6r7/PK5dqlLU4fh6iz7vsSuQe2Ry:0DecG+BgPSPIqdhXz4Sxemy

authentihash 33cc9387eff49ca976e2641a9cb600eead012b889f443244a8075ce36a8c9598
imphash 48aa5c8931746a9655524f67b25a47ef
File size 9.5 MB ( 9957947 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Delphi generic (42.4%)
Win32 Dynamic Link Library (generic) (19.7%)
Win32 Executable (generic) (13.5%)
Win16/32 Executable Delphi generic (6.2%)
OS/2 Executable (generic) (6.0%)
Tags
peexe overlay via-tor

VirusTotal metadata
First submission 2014-09-18 04:42:30 UTC ( 4 năm, 2 tháng trước )
Last submission 2018-12-04 10:25:30 UTC ( 1 tuần trước )
Tên tập tin ffmpeg-win-2.2.2_2.exe
ffmpeg-win-2.2.2.exe
ffmpeg-win-2.2.2.exe
ffmpeg-win-2.2.2.exe
ffmpeg-win-2.2.2.exe
ffmpeg-win-2.2.2.exe
ffmpeg-win-2.2.2.exe
file.exe
ffmpeg-win-2.2.2.exe
bitbf45.tmp
file-7580162_exe
msi4e4b.tmp
ffmpeg-win-2.2.2.exe
59829411d706b4d64023c9e05fdbc5d6c698d4fa
ffmpeg-win-2.2.2.exe
msid00c.tmp
ffmpeg-win-2.2.2.exe
ffmpeg-win-2.2.2.exe
ffmpeg-win v 2.2.2.exe
filename
ffmpeg-win-2.2.2.exe
msi9fca.tmp
FFmpeg Library for Audacity__ffmpeg-win-2.2.2.exe
ffmpeg-win-2.2.2.exe
ffmpeg-win-2.2.2.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Chưa có ý kiến nào. Chưa có thành viên nào trong Cộng đồng VirusTotal bình luận về đối tượng này, hãy trở thành người đầu tiên đưa ra ý kiến!

Đưa ra ý kiến của bạn...

?
Gửi ý kiến

Bạn chưa đăng nhập.Chỉ có người dùng đã đăng ký mới có thể viết ý kiến, hãy đăng nhập và bắt đầu!

Chưa có đánh giá. Chưa có thành viên nào đánh giá về đối tượng này, hãy trở thành người đầu tiên đánh giá nó!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
UDP communications