VisualBoyAdvance.exe

VisualBoyAdvance emulator

http://vba.ngemu.com/

Scan VisualBoyAdvance.exe - Powered by Reason Core Security
Publisher:
http://vba.ngemu.com/

Product:
VisualBoyAdvance emulator

Version:
1, 8, 0, 600

MD5:
52c96287d20c4f62b35c148decd1aab0

SHA-1:
77c9e6cddfa38bcb7f836333c3c5e2672af2ae2b

SHA-256:
4b8c107156d9ffc3dc4a7f25883acda32e3a429192ff27f3abefefdf1dcc319c

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/4/2016 3:02:03 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0911
7.2.161

File size:
1.7 MB (1,777,664 bytes)

Product version:
1, 8, 0, 600

Copyright:
Copyright © 2006 VBA development team

Original file name:
VisualBoyAdvance.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\visualboyadvance.exe

File PE Metadata
Compilation timestamp:
11/5/2007 6:35:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:U3zuxik/qbHpFcHaOYmZR+gFPJBf2qu/59zaFJiAHYe5x6u9PN1QKUTkQsUz/8Tm:+eUeW3wvRPTgoUl6pwT4S

Entry address:
0xCB0F1

Entry point:
E8, 04, BB, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 56, 57, 8B, 7D, 10, 8B, C7, 83, E8, 00, 0F, 84, E5, 15, 00, 00, 48, 0F, 84, CD, 15, 00, 00, 48, 0F, 84, 98, 15, 00, 00, 48, 0F, 84, 49, 15, 00, 00, 48, 0F, 84, B9, 14, 00, 00, 8B, 4D, 0C, 8B, 45, 08, 53, 6A, 20, 5A, E9, 72, 04, 00, 00, 8B, 30, 3B, 31, 74, 7C, 0F, B6, 30, 0F, B6, 19, 2B, F3, 74, 15, 33, DB, 85, F6, 0F, 9F, C3, 8D, 5C, 1B, FF, 8B, F3, 85, F6, 0F, 85, 69, 04, 00, 00, 0F, B6, 70, 01, 0F, B6, 59, 01, 2B, F3, 74, 15, 33, DB, 85, F6, 0F, 9F, C3...
 
[+]

Code size:
968 KB (991,232 bytes)

Scan VisualBoyAdvance.exe - Powered by Reason Core Security