× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 3210d0e8aa929765ecee34c462c6b8788bc546f4f83fb5087bf26e5edda6823b
Dateiname: Audomate-4.10.361.exe
Erkennungsrate: 0 / 54
Analyse-Datum: 2015-12-29 09:36:28 UTC ( vor 2 Jahre, 11 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Ad-Aware 20151224
AegisLab 20151229
Yandex 20151229
AhnLab-V3 20151228
Alibaba 20151208
ALYac 20151229
Antiy-AVL 20151229
Arcabit 20151229
Avast 20151229
AVG 20151229
AVware 20151228
Baidu-International 20151229
BitDefender 20151229
Bkav 20151228
ByteHero 20151229
CAT-QuickHeal 20151228
ClamAV 20151229
CMC 20151228
Comodo 20151229
Cyren 20151229
DrWeb 20151229
Emsisoft 20151229
ESET-NOD32 20151229
F-Prot 20151229
F-Secure 20151229
Fortinet 20151229
GData 20151229
Ikarus 20151229
Jiangmin 20151229
K7AntiVirus 20151229
K7GW 20151229
Kaspersky 20151229
Malwarebytes 20151229
McAfee 20151229
McAfee-GW-Edition 20151229
Microsoft 20151229
eScan 20151229
NANO-Antivirus 20151229
nProtect 20151229
Panda 20151228
Qihoo-360 20151229
Rising 20151229
Sophos AV 20151229
SUPERAntiSpyware 20151229
Symantec 20151228
Tencent 20151229
TheHacker 20151228
TrendMicro 20151229
TrendMicro-HouseCall 20151229
VBA32 20151228
VIPRE 20151229
ViRobot 20151229
Zillya 20151229
Zoner 20151229
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Dieter Pohl

File version 4.10.361
Description Audomate MP3 DJ Datenbank
Signature verification Certificate out of its validity period
Signers
[+] Dieter Pohl
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer StartCom Class 2 Primary Intermediate Object CA
Valid from 8:02 AM 2/26/2014
Valid to 7:47 AM 2/27/2016
Valid usage Code Signing, 1.3.6.1.4.1.311.2.1.21, Lifetime Signing
Algorithm sha1RSA
Thumbprint E9E19E55AB59F598963C025E634DD03170AFFD52
Serial number 0D 43
[+] StartCom Class 2 Primary Intermediate Object CA
Status Valid
Issuer StartCom Certification Authority
Valid from 11:01 PM 10/24/2007
Valid to 11:01 PM 10/24/2017
Valid usage All
Algorithm sha1RSA
Thumbprint D893C4F678F891F2823CD078AA5E1C48FD1DA225
Serial number 24
[+] StartCom Certification Authority
Status Valid
Issuer StartCom Certification Authority
Valid from 8:46 PM 9/17/2006
Valid to 8:46 PM 9/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbprint 3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F
Serial number 01
Counter signers
[+] StartCom Time-Stamping Authority
Status Valid
Issuer StartCom Certification Authority
Valid from 1:00 AM 1/31/2011
Valid to 12:59 AM 2/1/2021
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 962FDDD76C6145ADAFA5E9AD98E3020D0821DD81
Serial number 40
[+] StartCom Certification Authority
Status Valid
Issuer StartCom Certification Authority
Valid from 8:46 PM 9/17/2006
Valid to 8:46 PM 9/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbrint 3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F
Serial number 01
Packers identified
PEiD Wise Installer Stub
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1999-04-08 20:24:47
Entry Point 0x00001000
Number of sections 4
PE sections
Overlays
MD5 e9fd791938d134c6cd88230be344d594
File type data
Offset 15274496
Size 6840
Entropy 7.40
PE imports
GetTempPathA
CreateProcessA
MapViewOfFile
UnmapViewOfFile
WaitForSingleObject
DeleteFileA
WriteFile
CloseHandle
GetTempFileNameA
CreateFileMappingA
CreateFileA
GetCommandLineA
GetModuleFileNameA
GetShortPathNameA
wsprintfA
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_RCDATA 1
Number of PE resources by language
ENGLISH US 4
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileVersionNumber
4.10.361.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
15273472

EntryPoint
0x1000

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.10.361

TimeStamp
1999:04:08 21:24:47+01:00

FileType
Win32 EXE

PEType
PE32

FileDescription
Audomate MP3 DJ Datenbank

OSVersion
4.0

FileOS
Windows 16-bit

LegalCopyright
Dieter Pohl

MachineType
Intel 386 or later, and compatibles

CompanyName
diepol.de

CodeSize
512

FileSubtype
0

ProductVersionNumber
4.10.361.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 8b26480fb83cbf80837832476f4f5fae
SHA1 5cfbdab302275dc539757311cbe2e0ddb0c74250
SHA256 3210d0e8aa929765ecee34c462c6b8788bc546f4f83fb5087bf26e5edda6823b
ssdeep
393216:OCxDShxI1tZ5893Hc5uRo9PVZaaPwe1+vc:OWDShWtZG842PV3Pwoz

authentihash b4897b0eb02370074f59c4c8e203b07e3f5e5e08a3affb06f7094ee9f52a211c
imphash 81638d02019c0bfcaaf23a9c69f2f12c
File size 14.6 MB ( 15281336 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Wise Installer executable (86.4%)
Win32 Executable MS Visual C++ (generic) (5.7%)
Win64 Executable (generic) (5.0%)
Win32 Dynamic Link Library (generic) (1.2%)
Win32 Executable (generic) (0.8%)
Tags
peexe wise signed overlay

VirusTotal metadata
First submission 2015-12-29 09:36:28 UTC ( vor 2 Jahre, 11 Monate )
Last submission 2015-12-29 09:36:28 UTC ( vor 2 Jahre, 11 Monate )
Dateinamen audomate4.exe
Audomate-4.10.361.exe
3210D0E8AA929765ECEE34C462C6B8788BC546F4F83FB5087BF26E5EDDA6823B.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files
Deleted files
Created processes
Runtime DLLs
UDP communications