× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a7c62a81d23cadc5c388b2e287df4d77be4788d8c2471d79e2a425b19ad6d5de
File name: AvenColony.exe
Detection ratio: 0 / 57
Analysis date: 2016-09-21 01:41:17 UTC ( 11 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160921
AegisLab 20160920
AhnLab-V3 20160920
Alibaba 20160920
ALYac 20160921
Antiy-AVL 20160921
Arcabit 20160920
Avast 20160921
AVG 20160920
Avira (no cloud) 20160921
AVware 20160921
Baidu 20160920
BitDefender 20160921
Bkav 20160920
CAT-QuickHeal 20160920
ClamAV 20160920
CMC 20160916
Comodo 20160920
CrowdStrike Falcon (ML) 20160725
Cyren 20160921
DrWeb 20160921
Emsisoft 20160921
ESET-NOD32 20160920
F-Prot 20160921
F-Secure 20160921
Fortinet 20160921
GData 20160921
Ikarus 20160920
Sophos ML 20160917
Jiangmin 20160920
K7AntiVirus 20160920
K7GW 20160921
Kaspersky 20160920
Kingsoft 20160921
Malwarebytes 20160921
McAfee 20160921
McAfee-GW-Edition 20160920
Microsoft 20160920
eScan 20160920
NANO-Antivirus 20160920
nProtect 20160920
Panda 20160920
Qihoo-360 20160921
Rising 20160921
Sophos AV 20160921
SUPERAntiSpyware 20160920
Symantec 20160921
Tencent 20160921
TheHacker 20160920
TrendMicro 20160921
TrendMicro-HouseCall 20160921
VBA32 20160920
VIPRE 20160921
ViRobot 20160920
Yandex 20160920
Zillya 20160920
Zoner 20160921
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
PE header basic information
Target machine x64
Compilation timestamp 2016-09-01 17:38:19
Entry Point 0x00001B70
Number of sections 6
PE sections
PE imports
SystemFunction036
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetSystemTimeAsFileTime
EnterCriticalSection
LCMapStringW
LoadLibraryW
GetConsoleCP
GetExitCodeProcess
QueryPerformanceCounter
IsDebuggerPresent
ExitProcess
TlsAlloc
GetOEMCP
GetEnvironmentStringsW
FlushFileBuffers
GetFileAttributesW
GetCommandLineW
GetProcessHeap
FindFirstFileExW
GetStdHandle
DeleteCriticalSection
GetCurrentProcess
SizeofResource
GetFileType
GetConsoleMode
GetCurrentProcessId
LockResource
RtlUnwindEx
RtlVirtualUnwind
GetCPInfo
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
HeapSize
SetFilePointerEx
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
InitializeSListHead
GetStartupInfoW
SetStdHandle
WriteFile
RaiseException
WideCharToMultiByte
GetModuleFileNameW
TlsFree
FindNextFileW
SetUnhandledExceptionFilter
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObject
IsProcessorFeaturePresent
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
FreeLibrary
TerminateProcess
RtlPcToFileHeader
GetModuleHandleExW
IsValidCodePage
LoadResource
FindResourceW
CreateFileW
CreateProcessW
FindClose
TlsGetValue
SetLastError
TlsSetValue
HeapAlloc
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
CloseHandle
ShellExecuteExW
PathCanonicalizeW
PathRemoveFileSpecW
PathCombineW
MessageBoxW
wsprintfW
Number of PE resources by type
RT_RCDATA 2
RT_ICON 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 4
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
AMD AMD64

TimeStamp
2016:09:01 18:38:19+01:00

FileType
Win64 EXE

PEType
PE32+

CodeSize
43008

LinkerVersion
14.0

FileTypeExtension
exe

InitializedDataSize
316928

SubsystemVersion
6.0

EntryPoint
0x1b70

OSVersion
6.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 69985c939bb83ba41c7ff1a74bd87ff8
SHA1 e36aae8deb8faf39d8c8111f3224b9860516819d
SHA256 a7c62a81d23cadc5c388b2e287df4d77be4788d8c2471d79e2a425b19ad6d5de
ssdeep
3072:55fB248daMj8p8IvPUPYD5m7Hl/Z04unQOuptRWqvXJbynXE69KFP1DRycu:552Lj84FWnXqvIE/d9zu

authentihash 36776e180a23cdbf5ed84f13fbc6502b1f90ea2cd15eb22a8c368d1b3bb1026c
imphash f2631fd6e9b0d996bb0d8a70c4896982
File size 352.5 KB ( 360960 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI) Mono/.Net assembly

TrID Win64 Executable (generic) (87.3%)
Generic Win/DOS Executable (6.3%)
DOS Executable Generic (6.3%)
Tags
64bits peexe assembly

VirusTotal metadata
First submission 2016-09-08 06:31:24 UTC ( 11 months, 2 weeks ago )
Last submission 2017-03-12 06:15:29 UTC ( 5 months, 2 weeks ago )
File names AvenColony.exe
AvenColony.exe
AvenColony.exe
AvenColony.exe
AvenColony.exe
AvenColony.exe
AvenColony.exe
AvenColony.exe
AvenColony.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!