Upload files

By using Saferwall you consent to our Terms of Service and Privacy Policy and allow us to share your submission with the security community. Learn more

Summary
Like

Analyse score

13/ 14

13 antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

File type

exe

exe

Basic properties

CRC32

0x4022fcaa

MD5

84c82835a5d21bbcf75a61706d8ab549

Magic

PE32 executable (GUI) Intel 80386, for MS Windows

SHA1

5ff465afaabcbf0150d1a3ab2c2e74f3a4426467

SHA256

ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa

SHA512

90723a50c20ba3643d625595fd6be8dcf88d70ff7f4b4719a88f055d5b3149a4231018ea30d375171507a147e59f73478c0c27948590794554d031e7d54b7244

SSDeep

98304:QqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2g3x:QqPe1Cxcxk3ZAEUadzR8yc4gB

Size

3.35MB

TLSH

73f533f4e221b7acf2550ef64855c59b6a9724b2ebef1e26da8001a70d44f7f8fc0491

Packer
  • PE: compiler: Microsoft Visual C/C++(6.0)[msvcrt]
  • PE: linker: Microsoft Linker(6.0*)[EXE32]
  • PE: archive: Zip(2.0)[encrypted,55.8%,36 files]
TrID
  • 37.8% (.EXE) Win32 Executable MS Visual C++ (generic) (31206/45/13)
  • 20.0% (.EXE) Microsoft Visual C++ compiled executable (generic) (16529/12/5)
  • 12.7% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 7.9% (.DLL) Win32 Dynamic Link Library (generic) (6578/25/2)
  • 6.1% (.EXE) Win16 NE executable (generic) (5038/12/1)
Tags

ExifTool File Metadata

CharacterSet

Unicode

CodeSize

28.00KB

CompanyName

Microsoft Corporation

EntryPoint

0x77ba

ExifToolVersionNumber

12.88

FileDescription

DiskPart

FileFlags

(none)

FileFlagsMask

0x003f

FileOs

Windows NT 32-bit

FileSize

3.5 MB

FileSubtype

0

FileType

Win32 EXE

FileTypeExtension

exe

FileVersion

6.1.7601.17514 (win7sp1_rtm.101119-1850)

FileVersionNumber

6.1.7601.17514

ImageFileCharacteristics

No relocs, Executable, No line numbers, No symbols, 32-bit

ImageVersion

0.0

InitializedDataSize

3.32MB

InternalName

diskpart.exe

LanguageCode

English (U.S.)

LegalCopyright

© Microsoft Corporation. All rights reserved.

LinkerVersion

6.0

MachineType

Intel 386 or later, and compatibles

MimeType

application/octet-stream

ObjectFileType

Dynamic link library

OriginalFileName

diskpart.exe

OsVersion

4.0

PeType

PE32

ProductName

Microsoft® Windows® Operating System

ProductVersion

6.1.7601.17514

ProductVersionNumber

6.1.7601.17514

Subsystem

Windows GUI

SubsystemVersion

4.0

UninitializedDataSize

0

Submissions

Published Name Source Country
ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe web
N/A