× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
VirusTotal
SHA256: aeeab4ffab1df9397d7d3e033ce91e1ee05c5d7c00dc498424bb0a681b265f1f
ファイル名: 動画を見る-gogo706.com-K6F3P36S.exe
検出率: 0 / 61
分析日時: 2017-03-24 00:07:01 UTC (1 分前)
Probably harmless! There are strong indicators suggesting that this file is safe to use.
ウイルス対策ソフト 結果 更新日
Ad-Aware 20170323
AegisLab 20170323
AhnLab-V3 20170323
Alibaba 20170323
ALYac 20170323
Antiy-AVL 20170323
Arcabit 20170323
Avast 20170323
AVG 20170323
Avira (no cloud) 20170323
AVware 20170323
Baidu 20170323
BitDefender 20170323
Bkav 20170323
CAT-QuickHeal 20170322
ClamAV 20170323
CMC 20170317
Comodo 20170323
CrowdStrike Falcon (ML) 20170130
Cyren 20170323
DrWeb 20170324
Emsisoft 20170323
Endgame 20170317
ESET-NOD32 20170323
F-Prot 20170324
F-Secure 20170323
Fortinet 20170323
GData 20170323
Ikarus 20170323
Invincea 20170203
Jiangmin 20170323
K7AntiVirus 20170323
K7GW 20170323
Kaspersky 20170323
Kingsoft 20170324
Malwarebytes 20170323
McAfee 20170323
McAfee-GW-Edition 20170324
Microsoft 20170323
eScan 20170323
NANO-Antivirus 20170323
nProtect 20170323
Palo Alto Networks (Known Signatures) 20170324
Panda 20170323
Qihoo-360 20170324
Rising None
SentinelOne (Static ML) 20170315
Sophos 20170323
SUPERAntiSpyware 20170324
Symantec 20170322
Symantec Mobile Insight 20170324
Tencent 20170324
TheHacker 20170321
TrendMicro 20170323
TrendMicro-HouseCall 20170323
Trustlook 20170324
VBA32 20170323
VIPRE 20170323
ViRobot 20170323
Webroot 20170324
WhiteArmor 20170315
Yandex 20170323
Zillya 20170323
ZoneAlarm by Check Point 20170323
Zoner 20170323
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Signature verification Signed file, verified signature
Signing date 11:02 AM 2/28/2017
Signers
[+] Kirin Inc.
Status Valid
Issuer GlobalSign Extended Validation CodeSigning CA - SHA256 - G3
Valid from 7:19 AM 2/21/2017
Valid to 7:19 AM 2/22/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 449680B1B025058C4DC866841E28346A52A3B688
Serial number 0B C3 D7 95 0C ED 5A DD 5D 39 A2 1C
[+] GlobalSign Extended Validation CodeSigning CA - SHA256 - G3
Status Valid
Issuer GlobalSign
Valid from 1:00 AM 6/15/2016
Valid to 1:00 AM 6/15/2024
Valid usage Code Signing, OCSP Signing
Algorithm sha256RSA
Thumbprint 87A63D9ADB627D777836153C680A3DFCF27DE90C
Serial number 48 1B 6A 07 A9 42 4C 1E AA FE F3 CD F1 0F
[+] GlobalSign
Status Valid
Issuer GlobalSign
Valid from 11:00 AM 3/18/2009
Valid to 11:00 AM 3/18/2029
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha256RSA
Thumbprint D69B561148F01C77C54578C10926DF5B856976AD
Serial number 04 00 00 00 00 01 21 58 53 08 A2
Counter signers
[+] GlobalSign TSA for Advanced - G3 - 001-02
Status Valid
Issuer GlobalSign Timestamping CA - SHA256 - G2
Valid from 11:00 AM 1/24/2017
Valid to 11:00 AM 2/24/2028
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint EA12EB493D731A41FF3ED4CDC69FE4FDC3D5E9C3
Serial number 40 CB 42 89 5C 3E 74 94 26 97 AD 2F
[+] GlobalSign Timestamping CA - SHA256 - G2
Status Valid
Issuer GlobalSign
Valid from 11:00 AM 8/2/2011
Valid to 11:00 AM 3/29/2029
Valid usage All
Algorithm sha256RSA
Thumbrint 91843BBD936D86EAFA42A3AFBF33E92831068F99
Serial number 04 00 00 00 00 01 31 89 C6 50 04
[+] GlobalSign
Status Valid
Issuer GlobalSign
Valid from 11:00 AM 3/18/2009
Valid to 11:00 AM 3/18/2029
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha256RSA
Thumbrint D69B561148F01C77C54578C10926DF5B856976AD
Serial number 04 00 00 00 00 01 21 58 53 08 A2
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-02-09 03:41:25
Entry Point 0x00001A55
Number of sections 6
PE sections
Overlays
MD5 9f4254605ab8e82031bb9fe8ea88e1f9
File type data
Offset 87552
Size 7368
Entropy 7.39
PE imports
[+] ADVAPI32.dll
SystemFunction036
[+] KERNEL32.dll
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetSystemTimeAsFileTime
EnterCriticalSection
LCMapStringW
GetModuleFileNameW
GlobalFree
GetConsoleCP
FreeLibrary
QueryPerformanceCounter
IsDebuggerPresent
ExitProcess
TlsAlloc
GetOEMCP
GetEnvironmentStringsW
GlobalUnlock
GetModuleFileNameA
RtlUnwind
GetStdHandle
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetStringTypeW
GetCurrentProcessId
WriteConsoleW
GetCommandLineW
WideCharToMultiByte
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
GetStartupInfoW
SetFilePointerEx
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineA
GlobalLock
InitializeSListHead
GetProcessHeap
SetStdHandle
RaiseException
GlobalReAlloc
TlsFree
FlushFileBuffers
FindFirstFileExA
ReadFile
SetUnhandledExceptionFilter
WriteFile
CloseHandle
IsProcessorFeaturePresent
FindNextFileA
GetACP
HeapReAlloc
DecodePointer
GetModuleHandleW
ReadConsoleW
TerminateProcess
GetModuleHandleExW
IsValidCodePage
CreateFileW
GlobalAlloc
FindClose
TlsGetValue
GetFileType
SetEndOfFile
TlsSetValue
HeapAlloc
GetCurrentThreadId
GetProcAddress
SetLastError
LeaveCriticalSection
[+] SHELL32.dll
ShellExecuteA
[+] WININET.dll
InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2017:02:09 04:41:25+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
55296

LinkerVersion
14.0

EntryPoint
0x1a55

InitializedDataSize
33792

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 66789689d3eb63e101a07978a42b1dbf
SHA1 2691c3f398f3d221307e61d9213cd2ac37ea9499
SHA256 aeeab4ffab1df9397d7d3e033ce91e1ee05c5d7c00dc498424bb0a681b265f1f
ssdeep
1536:3d/zbCSy4hBRFfDa8ZiSYC+lhArgIeY55haNJ1A5LwsWRcd2BCdZLGFNJXFA0scw:tDDfDF0SYhlhAgZ4eAN2cdZLGxVAFcw

authentihash cccd2a907267b0dce76b003e02368f83f68de696fb61e3573506f4847cfa59a6
imphash 7b3ada4cfff611f923d78ec7e2c3f69c
File size 92.7 KB ( 94920 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.4%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2017-03-01 08:54:19 UTC (3 週間, 1 日前)
Last submission 2017-03-24 00:07:01 UTC (1 分前)
ファイル名 動画を見る-gogo706.com-K6F3P36S.exe
-gogo708.com-838MM74S.exe
動画を見る-gogo708.com-6M6F77MS.exe
movie-hta.hktw88.com-92YV5V9W.exe
-gogo708.com-87KPM3FS.exe
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。
コメントの続き

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

サインイン コミュニティに参加
投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。
投票の続き
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Opened mutexes
Runtime DLLs
Blog | Twitter | | Google グループ | サービス利用規約 | プライバシー ポリシー