| File Path | Type and Hashes |
|---|
| Match Rules |
|---|
| File Name: | HashMyFiles.exe |
| File Type: | PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed |
| SHA1: | 8b38c6aa6ab3a8ace16ef8b4a029f410cb64aa76 |
| MD5: | 53d5111dbf459fc57a63d5c82a666c79 |
| First Seen Date: | 2017-01-27 16:12:45.748929 ( ) |
| Number of Clients Seen: | 2 |
| Last Analysis Date: | 2017-01-27 16:12:45.748929 ( ) |
| Human Expert Analysis Date: | 2017-01-31 19:14:29.909772 ( ) |
| Human Expert Analysis Result: | Clean |
| Property | Value |
|---|---|
| number of sections | 3 |
| compilation time stamp | 0x5857B717 [Mon Dec 19 10:31:51 2016 UTC] |
| LegalCopyright | Copyright \xa9 2007 - 2016 Nir Sofer |
| InternalName | HashMyFiles |
| FileVersion | 2.21 |
| CompanyName | NirSoft |
| ProductName | HashMyFiles |
| ProductVersion | 2.21 |
| FileDescription | HashMyFiles |
| OriginalFilename | HashMyFiles.exe |
| Translation | 0x0409 0x04b0 |
| entry point | 0x41b870 (UPX1) |
| machine type | Intel 386 or later - 32Bit |
| file size | 59088 |
| sha256 | 1f7afe02ba98d36cb062f4db962b5215b0195ddaf5f961431926b02a5c1823a3 |
| mime type | application/x-dosexec |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|---|---|---|---|---|
| UPX0 | 0x1000 | 0x11000 | 0x0 | 0.000000[SUSPICIOUS] | - |
| UPX1 | 0x12000 | 0xa000 | 0x9c00 | 7.888834[SUSPICIOUS] | - |
| .rsrc | 0x1c000 | 0x2000 | 0x1800 | 3.649084 | - |
-
KERNEL32.DLL
- LoadLibraryA
- GetProcAddress
- VirtualProtect
- VirtualAlloc
- VirtualFree
- ExitProcess
-
ADVAPI32.dll
- RegCloseKey
-
COMCTL32.dll
- None
-
comdlg32.dll
- FindTextW
-
GDI32.dll
- SetBkMode
-
msvcrt.dll
- exit
-
ole32.dll
- DoDragDrop
-
SHELL32.dll
- SHGetMalloc
-
USER32.dll
- GetDC
-
VERSION.dll
- VerQueryValueW
RT_CURSOR
RT_BITMAP
RT_ICON
RT_MENU
RT_DIALOG
RT_STRING
RT_ACCELERATOR
RT_GROUP_CURSOR
RT_GROUP_ICON
RT_VERSION
RT_MANIFEST