× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 2d0a30d56feed2228dd784920205d6733d2751ce2e0be21aa2461c863ef68a5e
Dateiname: Setup.exe
Erkennungsrate: 4 / 59
Analyse-Datum: 2017-06-29 12:40:59 UTC ( vor 1 Jahr, 7 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
AhnLab-V3 PUP/Win32.StartSurf.C1597206 20170629
Sophos ML heuristic 20170607
Qihoo-360 HEUR/QVM41.1.25EE.Malware.Gen 20170629
SentinelOne (Static ML) static engine - malicious 20170516
Ad-Aware 20170629
AegisLab 20170629
Alibaba 20170629
ALYac 20170629
Antiy-AVL 20170629
Arcabit 20170629
Avast 20170629
AVG 20170629
Avira (no cloud) 20170629
AVware 20170629
Baidu 20170629
BitDefender 20170629
Bkav 20170629
CAT-QuickHeal 20170629
ClamAV 20170629
CMC 20170629
Comodo 20170629
CrowdStrike Falcon (ML) 20170420
Cyren 20170629
DrWeb 20170629
Emsisoft 20170629
Endgame 20170629
ESET-NOD32 20170629
F-Prot 20170629
F-Secure 20170629
Fortinet 20170629
GData 20170629
Ikarus 20170629
Jiangmin 20170628
K7AntiVirus 20170629
K7GW 20170629
Kaspersky 20170629
Kingsoft 20170629
Malwarebytes 20170629
McAfee 20170629
McAfee-GW-Edition 20170629
Microsoft 20170629
eScan 20170629
NANO-Antivirus 20170629
nProtect 20170629
Palo Alto Networks (Known Signatures) 20170629
Panda 20170629
Rising 20170629
Sophos AV 20170629
SUPERAntiSpyware 20170629
Symantec 20170629
Symantec Mobile Insight 20170629
Tencent 20170629
TheHacker 20170628
TrendMicro-HouseCall 20170629
Trustlook 20170629
VBA32 20170629
VIPRE 20170629
ViRobot 20170629
Webroot 20170629
WhiteArmor 20170627
Yandex 20170628
ZoneAlarm by Check Point 20170629
Zoner 20170629
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Setup Engine Copyright © 2004-2015 Indigo Rose Corporation

Product Setup Factory Runtime
Original name suf_launch.exe
Internal name suf_launch
File version 9.5.0.0
Description Setup Application
Comments Created with Setup Factory
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-02-09 21:57:00
Entry Point 0x000029E1
Number of sections 5
PE sections
Overlays
MD5 e561a42ecc13322d99a80dc1de398be2
File type data
Offset 72192
Size 127402806
Entropy 0.40
PE imports
GetTokenInformation
OpenProcessToken
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
lstrlenA
GetFileAttributesA
GetExitCodeProcess
QueryPerformanceCounter
HeapReAlloc
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
GetTempPathA
RemoveDirectoryA
RtlUnwind
LoadLibraryA
HeapSetInformation
GetCurrentProcess
_lwrite
GetFileType
GetStringTypeW
InterlockedIncrement
lstrcatA
CreateDirectoryA
DeleteFileA
GetCurrentDirectoryA
UnhandledExceptionFilter
InterlockedDecrement
_llseek
HeapSize
FreeEnvironmentStringsW
GetCPInfo
MultiByteToWideChar
GetProcAddress
_lread
EncodePointer
GetStartupInfoW
GetModuleFileNameW
_lclose
WideCharToMultiByte
LoadLibraryW
TlsFree
_lcreat
GetSystemTimeAsFileTime
DeleteCriticalSection
GetCurrentProcessId
SetUnhandledExceptionFilter
lstrcpyA
_lopen
DecodePointer
CloseHandle
IsProcessorFeaturePresent
GetCommandLineA
GetACP
GetDiskFreeSpaceA
MoveFileExA
GetModuleHandleW
FreeLibrary
LocalFree
TerminateProcess
GetModuleFileNameA
IsValidCodePage
HeapCreate
WriteFile
TlsGetValue
Sleep
SetLastError
GetTickCount
TlsSetValue
HeapAlloc
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
GetOEMCP
CompareStringA
ShellExecuteExA
wsprintfA
LoadCursorA
DispatchMessageA
MessageBoxA
PeekMessageA
MsgWaitForMultipleObjects
TranslateMessage
SetCursor
Number of PE resources by type
RT_ICON 9
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
PE resources
ExifTool file metadata
LegalTrademarks
Setup Factory is a trademark of Indigo Rose Corporation.

SubsystemVersion
5.1

Comments
Created with Setup Factory

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
9.5.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Setup Application

CharacterSet
Windows, Latin1

InitializedDataSize
48640

EntryPoint
0x29e1

OriginalFileName
suf_launch.exe

MIMEType
application/octet-stream

LegalCopyright
Setup Engine Copyright 2004-2015 Indigo Rose Corporation

FileVersion
9.5.0.0

TimeStamp
2015:02:09 22:57:00+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
suf_launch

ProductVersion
9.5.0.0

UninitializedDataSize
0

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
22528

ProductName
Setup Factory Runtime

ProductVersionNumber
9.5.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 de6d07fcf723381bdc7e74d39f7d557d
SHA1 538432e067589206a25d25be2082b0bd804dab78
SHA256 2d0a30d56feed2228dd784920205d6733d2751ce2e0be21aa2461c863ef68a5e
ssdeep
98304:XzlkbFDVrQMyOr3S3d6cLhIpdrkdv8k+q+Fjs0:JeVUKSN6c1Ipqcq+FI0

authentihash 25d538777e62629d8dfab98002f67ff454dc7c59fbae00872f2fb6c70011fb51
imphash 1ff847646487d56f85778df99ff3728a
File size 121.6 MB ( 127474998 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.8%)
Win32 EXE Yoda's Crypter (36.4%)
Win32 Dynamic Link Library (generic) (9.0%)
Win32 Executable (generic) (6.1%)
Generic Win/DOS Executable (2.7%)
Tags
peexe overlay

VirusTotal metadata
First submission 2017-06-29 08:14:08 UTC ( vor 1 Jahr, 7 Monate )
Last submission 2017-07-03 06:40:12 UTC ( vor 1 Jahr, 7 Monate )
Dateinamen Setup.exe
suf_launch.exe
Setup.exe
suf_launch
Setup.exe (2)
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!