× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 0b4076152f49914c7311dc836ffc6dbd07dbe9eb41abdda69fc3b038e542122f
Dateiname: DesktopSnowOK_x64.exe
Erkennungsrate: 0 / 69
Analyse-Datum: 2018-12-30 10:21:31 UTC ( vor 1 Monat, 3 Wochen )
Antivirus Ergebnis Aktualisierung
Acronis 20181227
Ad-Aware 20181230
AegisLab 20181230
AhnLab-V3 20181229
Alibaba 20180921
ALYac 20181230
Antiy-AVL 20181230
Arcabit 20181230
Avast 20181230
Avast-Mobile 20181229
AVG 20181230
Avira (no cloud) 20181229
Babable 20180918
Baidu 20181207
BitDefender 20181230
Bkav 20181227
CAT-QuickHeal 20181229
ClamAV 20181230
CMC 20181229
Comodo 20181230
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181230
Cyren 20181230
DrWeb 20181230
eGambit 20181230
Emsisoft 20181230
Endgame 20181108
ESET-NOD32 20181230
F-Prot 20181230
F-Secure 20181230
Fortinet 20181230
GData 20181230
Ikarus 20181229
Sophos ML 20181128
Jiangmin 20181230
K7AntiVirus 20181230
K7GW 20181230
Kaspersky 20181230
Kingsoft 20181230
Malwarebytes 20181230
MAX 20181230
McAfee 20181230
McAfee-GW-Edition 20181230
Microsoft 20181230
eScan 20181230
NANO-Antivirus 20181230
Palo Alto Networks (Known Signatures) 20181230
Panda 20181230
Qihoo-360 20181230
Rising 20181230
SentinelOne (Static ML) 20181223
Sophos AV 20181230
SUPERAntiSpyware 20181226
Symantec 20181229
Symantec Mobile Insight 20181225
TACHYON 20181230
Tencent 20181230
TheHacker 20181230
Trapmine 20181205
TrendMicro 20181230
TrendMicro-HouseCall 20181230
Trustlook 20181230
VBA32 20181229
ViRobot 20181230
Webroot 20181230
Yandex 20181229
Zillya 20181228
ZoneAlarm by Check Point 20181230
Zoner 20181230
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
Authenticode signature block and FileVersionInfo properties
Copyright
DesktopSnowOK © 2011-2019

Product DesktopSnowOK SoftwareOK.com
Original name DesktopSnowOK.exe
Internal name DesktopSnowOK
File version 3, 7, 1, 0
Description DesktopSnowOK
Signature verification Signed file, verified signature
Signing date 2:53 PM 12/14/2018
Signers
[+] Nenad Hrg
Status Valid
Issuer COMODO RSA Code Signing CA
Valid from 1:00 AM 4/27/2018
Valid to 12:59 AM 4/27/2021
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 25FF1BAC7A0D55A0A43B09604DEA47766A5F367B
Serial number 1B 4C 1F 56 FC AB 3E 44 8A 41 CC D6 69 B1 B7 5B
[+] COMODO RSA Code Signing CA
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 5/9/2013
Valid to 12:59 AM 5/9/2028
Valid usage Code Signing
Algorithm sha384RSA
Thumbprint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
[+] COMODO SECURE™
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 1/19/2010
Valid to 12:59 AM 1/19/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha384RSA
Thumbprint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
Counter signers
[+] COMODO SHA-1 Time Stamping Signer
Status Valid
Issuer UTN-USERFirst-Object
Valid from 1:00 AM 12/31/2015
Valid to 7:40 PM 7/9/2019
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 03A5B14663EB12023091B84A6D6A68BC871DE66B
Serial number 16 88 F0 39 25 5E 63 8E 69 14 39 07 E6 33 0B
[+] USERTrust (Code Signing)
Status Valid
Issuer UTN-USERFirst-Object
Valid from 7:31 PM 7/9/1999
Valid to 7:40 PM 7/9/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm sha1RSA
Thumbrint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
PE header basic information
Target machine x64
Compilation timestamp 2018-12-14 13:52:50
Entry Point 0x0000FDA0
Number of sections 5
PE sections
Overlays
MD5 1415673870525dc4afb82086748340de
File type data
Offset 276992
Size 11136
Entropy 7.42
PE imports
RegOpenKeyW
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegSetValueExW
Ord(17)
InitCommonControlsEx
GetOpenFileNameW
CreatePatternBrush
DeleteDC
CreateFontIndirectW
CreateBitmap
GetStockObject
SetPixel
DeleteObject
GetObjectW
SelectObject
CreateDIBSection
CreateCompatibleDC
GetPixel
GetTextExtentPointW
GetStdHandle
GetConsoleOutputCP
EncodePointer
FlsGetValue
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
lstrcatW
SetStdHandle
GetCPInfo
GetStringTypeA
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
InitializeCriticalSection
LoadResource
SetFileAttributesW
DebugBreak
SetLastError
GetUserDefaultLangID
OutputDebugStringW
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
lstrcpyW
GetModuleFileNameA
HeapSetInformation
SetThreadPriority
RtlVirtualUnwind
UnhandledExceptionFilter
MultiByteToWideChar
GetPrivateProfileStringW
CreateThread
SetUnhandledExceptionFilter
CreateMutexW
DecodePointer
TerminateProcess
WriteConsoleA
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
GetProcAddress
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
LoadLibraryW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
FlsSetValue
LoadLibraryA
GetStartupInfoA
RtlPcToFileHeader
GetStartupInfoW
GlobalLock
GetProcessHeap
WriteFile
RtlLookupFunctionEntry
lstrcmpW
RtlUnwindEx
CreateFileW
GetFileType
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
lstrlenW
SizeofResource
GetCurrentProcessId
LockResource
GetCommandLineW
WideCharToMultiByte
HeapSize
FlsAlloc
FlsFree
WritePrivateProfileStringW
lstrcpynW
RaiseException
SetFilePointer
ReadFile
RtlCaptureContext
CloseHandle
GetACP
GetModuleHandleW
IsValidCodePage
HeapCreate
FindResourceW
Sleep
SysAllocStringLen
DragQueryFileW
DragFinish
Shell_NotifyIconW
ShellExecuteW
SHAppBarMessage
SHGetSpecialFolderPathW
GetAsyncKeyState
DrawAnimatedRects
GetForegroundWindow
UpdateWindow
EndDialog
EqualRect
GetMessageW
EnumWindows
DefWindowProcW
CreateIconIndirect
CopyIcon
KillTimer
RegisterClassExW
PostQuitMessage
SetWinEventHook
ShowWindow
RegisterWindowMessageW
SetWindowPos
wvsprintfW
GetSystemMetrics
SetWindowLongW
MessageBoxW
DestroyIcon
GetWindowRect
ScreenToClient
CreatePopupMenu
AppendMenuW
TranslateMessage
SendMessageTimeoutW
PostMessageW
SetActiveWindow
GetDC
CreateDialogParamW
ReleaseDC
LoadBitmapW
GetIconInfo
CheckMenuItem
SendMessageW
wsprintfW
IsWindowVisible
LoadStringW
GetClientRect
GetDlgItem
SetForegroundWindow
SystemParametersInfoW
SetDlgItemTextW
DispatchMessageW
ClientToScreen
SetRect
SetTimer
LoadImageW
GetClassNameW
TrackPopupMenu
IsDialogMessageW
GetActiveWindow
SetWindowTextW
CheckDlgButton
GetSysColorBrush
LoadCursorW
LoadIconW
FindWindowExW
CreateWindowExW
LoadAcceleratorsW
GetWindowLongW
GetCursorPos
CharNextW
GetMenu
GdipSetImageAttributesColorMatrix
GdipCreateBitmapFromFile
GdipGetImageType
GdipCreateBitmapFromScan0
GdipTranslateWorldTransform
GdipDisposeImage
GdiplusStartup
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipCreateImageAttributes
GdipCreateFromHDC
GdipDisposeImageAttributes
GdipGetImageWidth
GdipAlloc
GdipResetWorldTransform
GdipDrawImageRectRectI
GdipDrawImageRect
GdipFree
GdipGetImageHeight
GdipCloneImage
GdipRotateWorldTransform
GdipGetImageGraphicsContext
CreateStreamOnHGlobal
OleInitialize
Number of PE resources by type
PNG 29
RT_DIALOG 5
RT_STRING 2
RT_ICON 1
RT_MANIFEST 1
RT_MENU 1
RT_BITMAP 1
TEXTINCLUDE 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
GERMAN 42
NEUTRAL 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.7.1.0

LanguageCode
German

FileFlagsMask
0x003f

FileDescription
DesktopSnowOK

ImageFileCharacteristics
No relocs, Executable, Large address aware

Company
Nenad Hrg (SoftwareOK.de)

CharacterSet
Unicode

InitializedDataSize
750592

EntryPoint
0xfda0

OriginalFileName
DesktopSnowOK.exe

MIMEType
application/octet-stream

LegalCopyright
DesktopSnowOK 2011-2019

FileVersion
3, 7, 1, 0

TimeStamp
2018:12:14 14:52:50+01:00

FileType
Win64 EXE

PEType
PE32+

InternalName
DesktopSnowOK

ProductVersion
3, 7, 1, 0

SubsystemVersion
5.2

OSVersion
5.2

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
AMD AMD64

CompanyName
Nenad Hrg (SoftwareOK.com)

CodeSize
129024

ProductName
DesktopSnowOK SoftwareOK.com

ProductVersionNumber
3.7.1.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 2ce67dbce6974c516034b1d997b0df3b
SHA1 b6689716954f6e6ee59f69e9ca8e0079cb1e8ad8
SHA256 0b4076152f49914c7311dc836ffc6dbd07dbe9eb41abdda69fc3b038e542122f
ssdeep
6144:GWWaz0m3FcYwLWEyUVuI12rdf5yj/BjWtONez0rrnq4oanLEn:GfcFcYk+eLgz0rrnq4on

authentihash 071a222b107016b1b40b7e60f68e1e875053b334aeb3884db0c4f32943cd2c53
imphash f3051130a236f3d002b933c8c7fbbac7
File size 281.4 KB ( 288128 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI) Mono/.Net assembly

TrID Win64 Executable (generic) (82.0%)
OS/2 Executable (generic) (6.0%)
Generic Win/DOS Executable (5.9%)
DOS Executable Generic (5.9%)
Tags
64bits peexe assembly signed overlay

VirusTotal metadata
First submission 2018-12-14 13:56:25 UTC ( vor 2 Monate, 1 Woche )
Last submission 2018-12-30 10:21:31 UTC ( vor 1 Monat, 3 Wochen )
Dateinamen DesktopSnowOK_x64.exe
DesktopSnowOK_x64.exe
DesktopSnowOK_x64.exe
desktopsnowok_x64.exe
desktopsnowok_x64.exe
DesktopSnowOK_x64.exe
DesktopSnowOK_x64.exe
.
DesktopSnowOK.exe
DesktopSnowOK
DesktopSnowOK_x64.exe
DesktopSnowOK_x64.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!