Jump to content


Photo

Unknown 'UPS'


  • This topic is locked This topic is locked
1 reply to this topic

#1 Jayton

Jayton

    New Member

  • Members
  • Pip
  • 18 posts

Posted 31 May 2012 - 05:56 AM

Sorry for the formatting below, I hope this is all the information you need.
https://www.virustot...sis/1338458006/



SHA256:
c83fb7049bad3b48555e7c2d46ac667ae557bd2fe3719ff380cd73020466a3b9
SHA1:
5827d4d791ed1fbe5743e4e4432f6749ce3a9eff
MD5:
039a5c24f1ad19440c796d6d1655e685
File size:
39.5 KB ( 40448 bytes )
File name:
Label_Parcel_ER23584US.exe
File type:
Win32 EXE
Detection ratio:
6 / 42
Analysis date:
2012-05-31 09:53:26 UTC ( 0 minutes ago )


ssdeep

768:9tX3gp2xkVJXV5GDcH0GGXHUqObj3X8pBczOOlyV8bMghr:9Gp2yh5+D0qOX838bMgd
TrID

Win64 Executable Generic (88.0%)
Win32 Dynamic Link Library (generic) (7.8%)
Generic Win/DOS Executable (2.0%)
DOS Executable Generic (2.0%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
ExifTool

CodeSize.................: 16384
SubsystemVersion.........: 5.1
InitializedDataSize......: 42496
ImageVersion.............: 0.0
ProductName..............: HarderYears Manager
FileVersionNumber........: 3.1.0.13423
UninitializedDataSize....: 0
LanguageCode.............: English (British)
FileFlagsMask............: 0x0000
CharacterSet.............: Unicode
LinkerVersion............: 10.0
OriginalFilename.........: harderyearsmanager.exe
MIMEType.................: application/octet-stream
Subsystem................: Windows GUI
FileVersion..............: 3.1.0
TimeStamp................: 2012:05:31 07:36:50+02:00
FileType.................: Win32 EXE
PEType...................: PE32
InternalName.............: HarderYears Manager
ProductVersion...........: 3.1.0
FileDescription..........: HarderYears Manager
OSVersion................: 5.1
FileOS...................: Win32
LegalCopyright...........: BallisticSpeech 1999-2006
MachineType..............: Intel 386 or later, and compatibles
CompanyName..............: BallisticSpeech
LegalTrademarks..........: Firefox is a Trademark of The Mozilla Foundation.
FileSubtype..............: 0
ProductVersionNumber.....: 3.1.0.0
EntryPoint...............: 0x4ec3
ObjectFileType...........: Executable application
Sigcheck

publisher................: BallisticSpeech
product..................: HarderYears Manager
internal name............: HarderYears Manager
copyright................: BallisticSpeech 1999-2006
original name............: harderyearsmanager.exe
file version.............: 3.1.0
description..............: HarderYears Manager
Portable Executable structural information

Compilation timedatestamp.....: 2012-05-31 05:36:50
Target machine................: 0x14C (Intel 386 or later processors and compatible processors)
Entry point address...........: 0x00004EC3

PE Sections...................:

Name Virtual Address Virtual Size Raw Size Entropy MD5
.text 4096 16126 16384 6.84 c3fa64585b417ff18ee4240a163e75d6
.rdata 20480 6394 6656 5.48 5c61164b180f6980cde9500d86597f27
.data 28672 24285 5120 5.48 291627e2243ad5e524446d50913a0aea
.rsrc 53248 10824 11264 4.65 f5413672484a9ecbca0476758678843d

PE Imports....................:

KERNEL32.dll
GetACP, SetFileAttributesA, InitializeCriticalSection, EnterCriticalSection, InterlockedExchange, LeaveCriticalSection, DeleteCriticalSection, lstrlenW, GetStartupInfoA, GetModuleHandleA, GetLastError, HeapFree, HeapDestroy, GetEnvironmentStrings, HeapCreate, HeapAlloc

SHLWAPI.dll
AssocCreate

GDI32.dll
GetStockObject, CreateCompatibleBitmap, CreateEllipticRgn, CreatePen, DeleteObject, GetDeviceCaps

USER32.dll
LoadIconA, LoadCursorA, RegisterClassExA, CreateWindowExA, ShowWindow, UpdateWindow, GetMessageA, TranslateMessage, DispatchMessageA, GetDlgCtrlID, SetWindowTextA, BeginPaint, EndPaint, EnableWindow


PE Exports....................:
First seen by VirusTotal

2012-05-31 09:53:26 UTC ( 7 minutes ago )
Last seen by VirusTotal

2012-05-31 09:53:26 UTC ( 7 minutes ago )
File names (max. 25)

1. Label_Parcel_ER23584US.exe

Attached Files



#2 S!Ri

S!Ri

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 10,456 posts
  • Gender:Male

Posted 31 May 2012 - 06:34 AM

Hello.
Attached file will be verified.
Thank you for your help.
Biohazard.gifS!Ri
Research Engineer

staff.png

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users