× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 57f38a7bea143bbdd05275196a6761db0078cc859f548f055c64d29cb9456e5f
Имя файла: TankLeader Installer.exe
Показатель выявления: 0 / 56
Дата анализа: 2016-04-04 03:19:14 UTC (1 год, 1 месяц назад) Показать последний анализ
Антивирус Результат Дата обновления
Ad-Aware 20160403
AegisLab 20160404
AhnLab-V3 20160403
Alibaba 20160401
ALYac 20160404
Antiy-AVL 20160403
Arcabit 20160403
Avast 20160404
AVG 20160404
Avira (no cloud) 20160403
AVware 20160404
Baidu 20160403
Baidu-International 20160403
BitDefender 20160404
Bkav 20160402
CAT-QuickHeal 20160402
ClamAV 20160402
CMC 20160401
Comodo 20160403
Cyren 20160404
DrWeb 20160404
Emsisoft 20160404
ESET-NOD32 20160403
F-Prot 20160404
F-Secure 20160404
Fortinet 20160404
GData 20160404
Ikarus 20160403
Jiangmin 20160404
K7AntiVirus 20160403
K7GW 20160404
Kaspersky 20160404
Kingsoft 20160404
Malwarebytes 20160404
McAfee 20160404
McAfee-GW-Edition 20160404
Microsoft 20160404
eScan 20160404
NANO-Antivirus 20160404
nProtect 20160401
Panda 20160403
Qihoo-360 20160404
Rising 20160404
Sophos 20160404
SUPERAntiSpyware 20160403
Symantec 20160331
Tencent 20160404
TheHacker 20160403
TrendMicro 20160404
TrendMicro-HouseCall 20160404
VBA32 20160401
VIPRE 20160404
ViRobot 20160404
Yandex 20160316
Zillya 20160403
Zoner 20160404
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) Bossland GmbH. All rights reserved.

Product TankLeader
Original name TankLeader Installer.exe
Internal name setup
File version 2.0.451.263
Description TankLeader
Packers identified
F-PROT CAB, UTF-8, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-02-26 23:57:12
Entry Point 0x0002C990
Number of sections 7
PE sections
Overlays
MD5 4e1f7a6de768daf532f0aaa4f589cdc1
File type data
Offset 462848
Size 3042080
Entropy 8.00
PE imports
SetSecurityDescriptorOwner
RegCreateKeyExW
RegCloseKey
OpenServiceW
AdjustTokenPrivileges
ControlService
InitializeAcl
LookupPrivilegeValueW
RegDeleteKeyW
CryptHashData
CheckTokenMembership
DecryptFileW
RegQueryValueExW
CryptCreateHash
SetSecurityDescriptorDacl
CloseServiceHandle
ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateWellKnownSid
OpenProcessToken
QueryServiceStatus
RegOpenKeyExW
SystemFunction036
QueryServiceConfigW
GetTokenInformation
CryptReleaseContext
GetUserNameW
RegQueryInfoKeyW
SetEntriesInAclW
RegEnumKeyExW
CryptAcquireContextW
CryptDestroyHash
InitializeSecurityDescriptor
RegDeleteValueW
RegSetValueExW
CryptGetHashParam
OpenSCManagerW
RegEnumValueW
AllocateAndInitializeSid
InitiateSystemShutdownExW
SetEntriesInAclA
ChangeServiceConfigW
SetSecurityDescriptorGroup
SetNamedSecurityInfoW
DeleteDC
SelectObject
GetObjectW
CreateCompatibleDC
DeleteObject
StretchBlt
GetVolumePathNameW
GetStdHandle
ReleaseMutex
WaitForSingleObject
ProcessIdToSessionId
GetFileAttributesW
VerifyVersionInfoW
GetProcessId
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
LoadLibraryExW
FreeEnvironmentStringsW
InitializeSListHead
SetStdHandle
WideCharToMultiByte
InterlockedExchange
WriteFile
GetTimeZoneInformation
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
FormatMessageW
ConnectNamedPipe
GetExitCodeProcess
InitializeCriticalSection
FindClose
InterlockedDecrement
SetFileAttributesW
SetLastError
GetSystemTime
CopyFileW
GetUserDefaultLangID
RemoveDirectoryW
IsDebuggerPresent
HeapAlloc
VerSetConditionMask
HeapSetInformation
LoadLibraryExA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetLocalTime
SetFilePointerEx
GetModuleHandleA
GetFullPathNameW
CreateThread
MoveFileExW
GetSystemDirectoryW
GetExitCodeThread
SetNamedPipeHandleState
SetUnhandledExceptionFilter
CreateMutexW
IsProcessorFeaturePresent
DecodePointer
TerminateProcess
GetModuleHandleExW
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
GetSystemWow64DirectoryW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
TlsAlloc
VirtualProtect
FlushFileBuffers
RtlUnwind
SystemTimeToFileTime
GetWindowsDirectoryW
OpenProcess
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetSystemInfo
GetProcessHeap
GetTempFileNameW
GetComputerNameW
CompareStringW
GetFileSizeEx
GetModuleFileNameW
ExpandEnvironmentStringsW
FindNextFileW
CompareStringA
FindFirstFileW
DuplicateHandle
FindFirstFileExW
WaitForMultipleObjects
CreateFileMappingW
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetNativeSystemInfo
GetLastError
DosDateTimeToFileTime
LCMapStringW
CreateNamedPipeW
lstrlenA
GlobalFree
GetConsoleCP
GetThreadLocale
GetEnvironmentStringsW
VirtualQuery
lstrlenW
VirtualFree
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
CopyFileExW
InterlockedCompareExchange
GetSystemDefaultLangID
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
SetThreadExecutionState
IsValidCodePage
UnmapViewOfFile
GetTempPathW
CreateProcessW
Sleep
SystemTimeToTzSpecificLocalTime
VirtualAlloc
GetOEMCP
ResetEvent
SysFreeString
VariantClear
VariantInit
SysAllocString
UuidCreate
SHGetFolderPathW
ShellExecuteExW
CommandLineToArgvW
GetMonitorInfoW
LoadBitmapW
GetMessageW
DefWindowProcW
PostQuitMessage
SetWindowLongW
IsWindow
PeekMessageW
TranslateMessage
PostMessageW
DispatchMessageW
GetCursorPos
RegisterClassW
UnregisterClassW
MessageBoxW
PostThreadMessageW
MonitorFromPoint
WaitForInputIdle
IsDialogMessageW
LoadCursorW
CreateWindowExW
MsgWaitForMultipleObjects
GetWindowLongW
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
CoInitializeSecurity
CLSIDFromProgID
CoTaskMemFree
StringFromGUID2
Number of PE resources by type
RT_VERSION 1
RT_ICON 1
RT_MANIFEST 1
RT_MESSAGETABLE 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 5
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.0.451.263

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
161280

EntryPoint
0x2c990

OriginalFileName
TankLeader Installer.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) Bossland GmbH. All rights reserved.

FileVersion
2.0.451.263

TimeStamp
2016:02:27 00:57:12+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
setup

ProductVersion
2.0.451.263

FileDescription
TankLeader

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Bossland GmbH

CodeSize
300544

ProductName
TankLeader

ProductVersionNumber
2.0.451.263

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 0c23dd1a11f947d311e76b43651cdc31
SHA1 78d0d4de8a40be42c06d61ba3a23fa936a609452
SHA256 57f38a7bea143bbdd05275196a6761db0078cc859f548f055c64d29cb9456e5f
ssdeep
49152:6+SIN7K2okAPAFiBIOdZ+24gF2JRigcWqKqgWBusDmXZ6PEF83z4gdHm/1+v:6+JcfkCEuI4+2dFctqdDmXZ68O3USmo

authentihash b6bc2c8636301cc329f147a99a2d4cb5c579714869240e64eeffc361ebf7ced1
imphash 2493befdd195b101b538e7cdd3751de7
Размер файла 3.3 MБ ( 3504928 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-04-01 23:08:45 UTC (1 год, 1 месяц назад)
Last submission 2016-04-07 16:55:59 UTC (1 год, 1 месяц назад)
Имена файлов TankLeader Installer.exe
setup
831004
TankLeader%20Installer.exe
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Deleted files
Created processes
Runtime DLLs
UDP communications