× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: aa1049a9ca32c65f3c3de9e37cf69149450d92061a03fb081978d6c6f79cbcba
Dateiname: kiosk_v2017_install.exe
Erkennungsrate: 0 / 61
Analyse-Datum: 2017-07-06 00:03:26 UTC ( vor 3 Monate, 2 Wochen ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Ad-Aware 20170705
AegisLab 20170705
AhnLab-V3 20170705
Alibaba 20170705
ALYac 20170705
Antiy-AVL 20170705
Arcabit 20170705
Avast 20170705
AVG 20170705
Avira (no cloud) 20170705
AVware 20170705
Baidu 20170705
BitDefender 20170705
CAT-QuickHeal 20170705
ClamAV 20170705
CMC 20170705
Comodo 20170705
CrowdStrike Falcon (ML) 20170420
Cyren 20170705
DrWeb 20170705
Emsisoft 20170705
Endgame 20170629
ESET-NOD32 20170705
F-Prot 20170705
F-Secure 20170705
Fortinet 20170629
GData 20170706
Ikarus 20170705
Sophos ML 20170607
Jiangmin 20170705
K7AntiVirus 20170705
K7GW 20170706
Kaspersky 20170705
Kingsoft 20170706
Malwarebytes 20170705
MAX 20170705
McAfee 20170706
McAfee-GW-Edition 20170705
Microsoft 20170705
eScan 20170705
NANO-Antivirus 20170705
nProtect 20170705
Palo Alto Networks (Known Signatures) 20170706
Panda 20170705
Qihoo-360 20170706
Rising 20170705
SentinelOne (Static ML) 20170516
Sophos AV 20170705
SUPERAntiSpyware 20170706
Symantec 20170705
Symantec Mobile Insight 20170705
Tencent 20170706
TheHacker 20170704
TrendMicro 20170706
TrendMicro-HouseCall 20170706
Trustlook 20170706
VBA32 20170705
VIPRE 20170705
ViRobot 20170705
Webroot 20170706
WhiteArmor 20170627
Yandex 20170705
Zillya 20170705
ZoneAlarm by Check Point 20170705
Zoner 20170705
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Stefan Kubatzki

Product KIOSK Enterprise
File version 12.2.2.44
Description KIOSK Enterprise Setup
Comments This installation was built with Inno Setup.
Signature verification Signed file, verified signature
Signing date 1:00 AM 7/6/2017
Signers
[+] Stefan Kubatzki
Status Valid
Issuer StartCom Class 2 Primary Intermediate Object CA
Valid from 4:32 PM 8/24/2015
Valid to 11:25 PM 8/23/2017
Valid usage Code Signing, Lifetime Signing
Algorithm sha256RSA
Thumbprint 96AA8F539DD5EA700498DD77E03E662DE226AC6C
Serial number 12 B0 64 F4 3F F8 CE
[+] StartCom Class 2 Primary Intermediate Object CA
Status Valid
Issuer StartCom Certification Authority
Valid from 11:01 PM 10/14/2007
Valid to 11:01 PM 10/14/2022
Valid usage All
Algorithm sha256RSA
Thumbprint C2624B5B53F73EC2911D4479072B9255BB85A2DF
Serial number 10 00 F5 EB E0 39 43
[+] StartCom Certification Authority
Status Valid
Issuer StartCom Certification Authority
Valid from 8:46 PM 9/17/2006
Valid to 8:46 PM 9/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbprint 3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F
Serial number 01
Counter signers
[+] GlobalSign TSA for MS Authenticode - G2
Status Valid
Issuer GlobalSign Timestamping CA - G2
Valid from 1:00 AM 5/24/2016
Valid to 1:00 AM 6/24/2027
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 63B82FAB61F583909695050B00249C502933EC79
Serial number 11 21 D6 99 A7 64 97 3E F1 F8 42 7E E9 19 CC 53 41 14
[+] GlobalSign Timestamping CA - G2
Status Valid
Issuer GlobalSign Root CA
Valid from 11:00 AM 4/13/2011
Valid to 1:00 PM 1/28/2028
Valid usage All
Algorithm sha1RSA
Thumbrint C0E49D2D7D90A5CD427F02D9125694D5D6EC5B71
Serial number 04 00 00 00 00 01 2F 4E E1 52 D7
[+] GlobalSign
Status Valid
Issuer GlobalSign Root CA
Valid from 1:00 PM 9/1/1998
Valid to 1:00 PM 1/28/2028
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, IPSEC IKE Intermediate
Algorithm sha1RSA
Thumbrint B1BC968BD4F49D622AA89A81F2150152A41D829C
Serial number 04 00 00 00 00 01 15 4B 5A C3 94
Packers identified
F-PROT INNO, appended, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-04-06 14:39:04
Entry Point 0x000117DC
Number of sections 8
PE sections
Overlays
MD5 49ed06e081baa9e9ecd43805b06ec527
File type data
Offset 486912
Size 33760344
Entropy 8.00
PE imports
RegCloseKey
OpenProcessToken
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControls
GetLastError
GetStdHandle
GetUserDefaultLangID
GetSystemInfo
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetThreadLocale
VirtualProtect
GetFileAttributesW
RtlUnwind
lstrlenW
GetExitCodeProcess
CreateProcessW
GetStartupInfoA
SizeofResource
GetWindowsDirectoryW
LocalAlloc
LockResource
GetDiskFreeSpaceW
GetCommandLineW
SetErrorMode
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetCPInfo
DeleteFileW
GetProcAddress
InterlockedCompareExchange
GetLocaleInfoW
lstrcpynW
RaiseException
WideCharToMultiByte
RemoveDirectoryW
SetFilePointer
GetSystemDirectoryW
GetFullPathNameW
ReadFile
GetEnvironmentVariableW
InterlockedExchange
CreateDirectoryW
WriteFile
GetCurrentProcess
CloseHandle
FindFirstFileW
GetACP
GetModuleHandleW
SignalObjectAndWait
SetEvent
FormatMessageW
LoadLibraryW
CreateEventW
GetVersion
LoadResource
FindResourceW
CreateFileW
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
VirtualAlloc
GetFileSize
SetLastError
ResetEvent
SysReAllocStringLen
SysFreeString
SysAllocStringLen
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
LoadStringW
MessageBoxA
CreateWindowExW
MsgWaitForMultipleObjects
TranslateMessage
CharUpperBuffW
CallWindowProcW
CharNextW
GetKeyboardType
ExitWindowsEx
DispatchMessageW
DestroyWindow
Number of PE resources by type
RT_ICON 6
RT_STRING 6
RT_RCDATA 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 10
NEUTRAL 9
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
12.2.2.44

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
419328

EntryPoint
0x117dc

MIMEType
application/octet-stream

LegalCopyright
Stefan Kubatzki

FileVersion
12.2.2.44

TimeStamp
2016:04:06 15:39:04+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

ProductVersion
12.2.2.44

FileDescription
KIOSK Enterprise Setup

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
KUBA - EDV

CodeSize
66560

ProductName
KIOSK Enterprise

ProductVersionNumber
12.2.2.44

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 cdfb1cf088cfdb7e08bebb0f3612134b
SHA1 5d2b4bb6e852fad8d3d6f8212d9a9b55cf023956
SHA256 aa1049a9ca32c65f3c3de9e37cf69149450d92061a03fb081978d6c6f79cbcba
ssdeep
786432:fJfPaKgEB+GT7DISy/dUTe3E1VxdRuCpvyu74ZaYfWO91JdqpbP:fJfPhB+YDnyFAeutFBP74ZZWOTJdIbP

authentihash dc5eb1b8265de0c37e3d43f42d07ea50b50ea4f84fbfa03db05f02b0252112cb
imphash 20dd26497880c05caed9305b3c8b9109
File size 32.7 MB ( 34247256 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.6%)
Win16/32 Executable Delphi generic (19.5%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2017-07-06 00:03:26 UTC ( vor 3 Monate, 2 Wochen )
Last submission 2017-07-06 00:03:26 UTC ( vor 3 Monate, 2 Wochen )
Dateinamen AA1049A9CA32C65F3C3DE9E37CF69149450D92061A03FB081978D6C6F79CBCBA.exe
kiosk_v2017_install.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!