× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 81998e48200330567e5ed7a6e6f8827b2c0a383ddb4a1ad5529d5833a16fe44c
Dateiname: kiosk_v2017_install.exe
Erkennungsrate: 0 / 61
Analyse-Datum: 2017-05-18 18:45:58 UTC ( vor 1 Monat )
Antivirus Ergebnis Aktualisierung
Ad-Aware 20170518
AegisLab 20170518
AhnLab-V3 20170518
Alibaba 20170518
ALYac 20170518
Antiy-AVL 20170518
Arcabit 20170518
Avast 20170518
AVG 20170518
Avira (no cloud) 20170518
AVware 20170518
Baidu 20170503
BitDefender 20170518
Bkav 20170518
CAT-QuickHeal 20170518
ClamAV 20170518
CMC 20170518
Comodo 20170518
CrowdStrike Falcon (ML) 20170130
Cyren 20170518
DrWeb 20170518
Emsisoft 20170518
Endgame 20170515
ESET-NOD32 20170518
F-Prot 20170518
F-Secure 20170518
Fortinet 20170518
GData 20170518
Ikarus 20170518
Invincea 20170516
Jiangmin 20170518
K7AntiVirus 20170518
K7GW 20170518
Kaspersky 20170518
Kingsoft 20170518
Malwarebytes 20170518
McAfee 20170518
McAfee-GW-Edition 20170518
Microsoft 20170518
eScan 20170518
NANO-Antivirus 20170518
nProtect 20170518
Palo Alto Networks (Known Signatures) 20170518
Panda 20170518
Qihoo-360 20170518
Rising 20170516
SentinelOne (Static ML) 20170516
Sophos 20170518
SUPERAntiSpyware 20170518
Symantec 20170518
Symantec Mobile Insight 20170518
Tencent 20170518
TheHacker 20170516
TrendMicro 20170518
TrendMicro-HouseCall 20170518
Trustlook 20170518
VBA32 20170518
VIPRE 20170518
ViRobot 20170518
Webroot 20170518
WhiteArmor 20170517
Yandex 20170518
Zillya 20170518
ZoneAlarm by Check Point 20170518
Zoner 20170518
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Stefan Kubatzki

Product KIOSK Enterprise
File version 12.2.2.29
Description KIOSK Enterprise Setup
Comments This installation was built with Inno Setup.
Signature verification Signed file, verified signature
Signing date 7:27 PM 5/18/2017
Signers
[+] Stefan Kubatzki
Status Valid
Issuer StartCom Class 2 Primary Intermediate Object CA
Valid from 4:32 PM 8/24/2015
Valid to 11:25 PM 8/23/2017
Valid usage Code Signing, Lifetime Signing
Algorithm sha256RSA
Thumbprint 96AA8F539DD5EA700498DD77E03E662DE226AC6C
Serial number 12 B0 64 F4 3F F8 CE
[+] StartCom Class 2 Primary Intermediate Object CA
Status Valid
Issuer StartCom Certification Authority
Valid from 11:01 PM 10/24/2007
Valid to 11:01 PM 10/24/2017
Valid usage All
Algorithm sha1RSA
Thumbprint D893C4F678F891F2823CD078AA5E1C48FD1DA225
Serial number 24
[+] StartCom Certification Authority
Status Valid
Issuer StartCom Certification Authority
Valid from 8:46 PM 9/17/2006
Valid to 8:46 PM 9/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbprint 3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F
Serial number 01
Counter signers
[+] GlobalSign TSA for MS Authenticode - G2
Status Valid
Issuer GlobalSign Timestamping CA - G2
Valid from 1:00 AM 5/24/2016
Valid to 1:00 AM 6/24/2027
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 63B82FAB61F583909695050B00249C502933EC79
Serial number 11 21 D6 99 A7 64 97 3E F1 F8 42 7E E9 19 CC 53 41 14
[+] GlobalSign Timestamping CA - G2
Status Valid
Issuer GlobalSign Root CA
Valid from 11:00 AM 4/13/2011
Valid to 1:00 PM 1/28/2028
Valid usage All
Algorithm sha1RSA
Thumbrint C0E49D2D7D90A5CD427F02D9125694D5D6EC5B71
Serial number 04 00 00 00 00 01 2F 4E E1 52 D7
[+] GlobalSign
Status Valid
Issuer GlobalSign Root CA
Valid from 1:00 PM 9/1/1998
Valid to 1:00 PM 1/28/2028
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, IPSEC IKE Intermediate
Algorithm sha1RSA
Thumbrint B1BC968BD4F49D622AA89A81F2150152A41D829C
Serial number 04 00 00 00 00 01 15 4B 5A C3 94
Packers identified
F-PROT INNO, appended, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-04-06 14:39:04
Entry Point 0x000117DC
Number of sections 8
PE sections
Overlays
MD5 374a0caf0efe9c408d1954ff307d6452
File type data
Offset 486912
Size 27035792
Entropy 8.00
PE imports
RegCloseKey
OpenProcessToken
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControls
GetLastError
GetStdHandle
GetUserDefaultLangID
GetSystemInfo
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetThreadLocale
VirtualProtect
GetFileAttributesW
RtlUnwind
lstrlenW
GetExitCodeProcess
CreateProcessW
GetStartupInfoA
SizeofResource
GetWindowsDirectoryW
LocalAlloc
LockResource
GetDiskFreeSpaceW
GetCommandLineW
SetErrorMode
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetCPInfo
DeleteFileW
GetProcAddress
InterlockedCompareExchange
GetLocaleInfoW
lstrcpynW
RaiseException
WideCharToMultiByte
RemoveDirectoryW
SetFilePointer
GetSystemDirectoryW
GetFullPathNameW
ReadFile
GetEnvironmentVariableW
InterlockedExchange
CreateDirectoryW
WriteFile
GetCurrentProcess
CloseHandle
FindFirstFileW
GetACP
GetModuleHandleW
SignalObjectAndWait
SetEvent
FormatMessageW
LoadLibraryW
CreateEventW
GetVersion
LoadResource
FindResourceW
CreateFileW
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
VirtualAlloc
GetFileSize
SetLastError
ResetEvent
SysReAllocStringLen
SysFreeString
SysAllocStringLen
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
LoadStringW
MessageBoxA
CreateWindowExW
MsgWaitForMultipleObjects
TranslateMessage
CharUpperBuffW
CallWindowProcW
CharNextW
GetKeyboardType
ExitWindowsEx
DispatchMessageW
DestroyWindow
Number of PE resources by type
RT_ICON 6
RT_STRING 6
RT_RCDATA 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 10
NEUTRAL 9
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
12.2.2.29

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
419328

EntryPoint
0x117dc

MIMEType
application/octet-stream

LegalCopyright
Stefan Kubatzki

FileVersion
12.2.2.29

TimeStamp
2016:04:06 15:39:04+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

ProductVersion
12.2.2.29

FileDescription
KIOSK Enterprise Setup

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
KUBA - EDV

CodeSize
66560

ProductName
KIOSK Enterprise

ProductVersionNumber
12.2.2.29

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 d3a5081ddd2fecdc73473a9ce46bbee3
SHA1 4fc82ad5a8265b6b0db35e08471f2324a209a137
SHA256 81998e48200330567e5ed7a6e6f8827b2c0a383ddb4a1ad5529d5833a16fe44c
ssdeep
786432:7rC1yrlgUU7TWXP6CFrVo92Tfp0F7HGpbi:frqUU7i/6CJVtpqgbi

authentihash 6369705ba987fab5c96c85e34ef8e23de1932ae029e133671156266040b4fe07
imphash 20dd26497880c05caed9305b3c8b9109
File size 26.2 MB ( 27522704 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.6%)
Win16/32 Executable Delphi generic (19.5%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2017-05-18 18:45:58 UTC ( vor 1 Monat )
Last submission 2017-05-18 18:45:58 UTC ( vor 1 Monat )
Dateinamen kiosk_v2017_install.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!