× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0424fae4e1f11c6a8fab185b410fa6c2e7ceb68dfe2cc583aa6a6fb7b1540cc3
File name: filename
Detection ratio: 0 / 53
Analysis date: 2016-01-04 10:08:49 UTC ( 2 years, 10 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160104
AegisLab 20160104
Yandex 20160103
AhnLab-V3 20160104
Alibaba 20160104
Antiy-AVL 20160104
Arcabit 20160104
Avast 20160104
AVG 20160104
Avira (no cloud) 20160103
AVware 20160104
Baidu-International 20160103
BitDefender 20160104
Bkav 20151231
ByteHero 20160104
CAT-QuickHeal 20160104
ClamAV 20160103
CMC 20160104
Comodo 20160104
Cyren 20160101
DrWeb 20160104
Emsisoft 20160104
ESET-NOD32 20151231
F-Prot 20160104
F-Secure 20160104
Fortinet 20160104
GData 20160104
Ikarus 20151231
Jiangmin 20160104
K7AntiVirus 20160104
K7GW 20160104
Kaspersky 20160103
Malwarebytes 20160103
McAfee 20160104
McAfee-GW-Edition 20160104
Microsoft 20160104
eScan 20160104
NANO-Antivirus 20160104
nProtect 20151231
Panda 20160103
Rising 20160104
Sophos AV 20160104
SUPERAntiSpyware 20160104
Symantec 20160104
TheHacker 20160103
TotalDefense 20160104
TrendMicro 20160104
TrendMicro-HouseCall 20160104
VBA32 20160102
VIPRE 20160102
ViRobot 20160104
Zillya 20151231
Zoner 20160104
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (C) 2004 - 2008. Voicent Communications, Inc. All rights reserved.

Product Voicent Smart Download and Install Application
Original name vginstall.EXE
Internal name vginstall
File version 6, 0, 0, 1
Description Voicent Smart Download and Install
Comments Voicent Smart Download Program
Signature verification Certificate out of its validity period
Signers
[+] Voicent Communications, Inc
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer GlobalSign CodeSigning CA - G2
Valid from 10:19 PM 2/1/2012
Valid to 12:20 AM 4/24/2015
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 81D444EFA156E14ECB879E3B02725CB927B7DDD7
Serial number 11 21 22 B5 C9 67 46 0F D7 D6 FE 79 2C 13 8A B3 E7 E0
[+] GlobalSign CodeSigning CA - G2
Status Valid
Issuer GlobalSign Root CA
Valid from 11:00 AM 4/13/2011
Valid to 11:00 AM 4/13/2019
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 9000401777DD2B43393D7B594D2FF4CBA4516B38
Serial number 04 00 00 00 00 01 2F 4E E1 35 5C
[+] GlobalSign Root CA - R1
Status Valid
Issuer GlobalSign Root CA
Valid from 1:00 PM 9/1/1998
Valid to 1:00 PM 1/28/2028
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, IPSEC IKE Intermediate
Algorithm sha1RSA
Thumbprint B1BC968BD4F49D622AA89A81F2150152A41D829C
Serial number 04 00 00 00 00 01 15 4B 5A C3 94
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-03-20 05:42:46
Entry Point 0x001309E5
Number of sections 4
PE sections
Overlays
MD5 fa176002abdecc43373930fb73ae766a
File type data
Offset 1814016
Size 2920
Entropy 7.40
PE imports
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
GetSecurityDescriptorControl
GetAce
InitializeAcl
RegCreateKeyExA
GetAclInformation
SetSecurityDescriptorDacl
LookupAccountNameA
EqualSid
RegQueryValueA
AddAccessAllowedAce
GetFileSecurityA
RegOpenKeyExA
RegDeleteValueA
GetSecurityDescriptorDacl
RegEnumKeyA
SetFileSecurityA
GetLengthSid
RegEnumKeyExA
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegSetValueExA
RegEnumValueA
AddAce
SetMapMode
GetWindowOrgEx
GetTextMetricsA
CombineRgn
GetViewportOrgEx
GetObjectType
GetBoundsRect
SetLayout
SetPixel
DeleteObject
SetPaletteEntries
OffsetWindowOrgEx
CreateEllipticRgn
CreatePalette
CreateDIBitmap
SetTextAlign
StretchBlt
GetTextFaceA
ScaleViewportExtEx
GetPaletteEntries
SetWindowExtEx
SetBkColor
GetBkColor
SetRectRgn
GetTextCharsetInfo
GetSystemPaletteEntries
OffsetRgn
TextOutA
CreateFontIndirectA
CreateRectRgnIndirect
LPtoDP
GetPixel
GetLayout
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
PtInRegion
BitBlt
EnumFontFamiliesA
GetDeviceCaps
FillRgn
FrameRgn
ScaleWindowExtEx
PtVisible
ExtSelectClipRgn
SelectPalette
SetROP2
GetNearestPaletteIndex
SetDIBColorTable
GetTextColor
SetPixelV
SetViewportExtEx
CreateCompatibleDC
GetWindowExtEx
PatBlt
CreatePen
GetClipBox
Rectangle
GetObjectA
CreateDCA
LineTo
DeleteDC
GetMapMode
RealizePalette
CreateHatchBrush
CreatePatternBrush
IntersectClipRect
CreateBitmap
RectVisible
GetStockObject
ExtTextOutA
SelectClipRgn
RoundRect
GetTextExtentPoint32A
SetWindowOrgEx
GetViewportExtEx
CreatePolygonRgn
Polygon
GetRgnBox
SaveDC
RestoreDC
CreateDIBSection
SetTextColor
ExtFloodFill
MoveToEx
SetViewportOrgEx
CreateRoundRectRgn
EnumFontFamiliesExA
CreateRectRgn
Escape
SelectObject
SetPolyFillMode
CreateCompatibleBitmap
CreateSolidBrush
Polyline
DPtoLP
CopyMetaFileA
Ellipse
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
GetStdHandle
VerifyVersionInfoA
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
EncodePointer
GetFileAttributesW
lstrcmpW
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetFileTime
GetTempPathA
GetCPInfo
lstrcmpiA
InterlockedExchange
FindResourceExW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
SetEvent
LocalFree
ResumeThread
InitializeCriticalSection
OutputDebugStringW
GlobalHandle
FindClose
TlsGetValue
GetProfileIntA
OutputDebugStringA
SetLastError
GetUserDefaultUILanguage
LoadResource
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetVersionExA
GetModuleFileNameA
VerSetConditionMask
GetVolumeInformationA
GetPrivateProfileStringA
SetThreadPriority
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
SetFilePointerEx
FormatMessageA
SetFilePointer
CreateThread
GetSystemDirectoryW
GetSystemDefaultUILanguage
GlobalAddAtomA
SetUnhandledExceptionFilter
MulDiv
IsProcessorFeaturePresent
ExitThread
DecodePointer
SetEnvironmentVariableA
TerminateProcess
GetModuleHandleExW
VirtualQuery
SearchPathA
SetEndOfFile
GetVersion
LeaveCriticalSection
WriteConsoleW
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
FreeLibrary
GlobalSize
UnlockFile
GetFileSize
GlobalDeleteAtom
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetStartupInfoW
GlobalLock
GetProcessHeap
CompareStringW
WriteFile
GetFileSizeEx
GlobalReAlloc
lstrcmpA
FindFirstFileA
GetCurrentThreadId
lstrcpyA
CompareStringA
GetTempFileNameA
FindNextFileA
DuplicateHandle
GetProcAddress
GlobalAlloc
ReadConsoleW
GetTimeZoneInformation
CreateFileW
CreateEventA
GlobalFindAtomA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
LocalReAlloc
DosDateTimeToFileTime
LCMapStringW
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
GlobalGetAtomNameA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
RemoveDirectoryA
FileTimeToLocalFileTime
SizeofResource
LocalFileTimeToFileTime
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
SetFileTime
HeapQueryInformation
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
SuspendThread
RaiseException
TlsFree
GetModuleHandleA
ReadFile
GlobalFlags
LoadLibraryExW
CloseHandle
GetACP
CopyFileA
GetModuleHandleW
FreeResource
WideCharToMultiByte
IsValidCodePage
FindResourceW
Sleep
GetFileAttributesExA
FindResourceA
VirtualAlloc
TransparentBlt
AlphaBlend
LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SystemTimeToVariantTime
VarBstrFromDate
SysAllocStringLen
OleCreateFontIndirect
VariantClear
SysAllocString
SafeArrayDestroy
VariantCopy
SysFreeString
SysAllocStringByteLen
VariantInit
SHGetFileInfoA
SHBrowseForFolderA
DragFinish
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHAppBarMessage
DragQueryFileA
SHGetPathFromIDListA
ShellExecuteA
StrFormatKBSizeA
PathFindExtensionA
PathIsUNCA
PathRemoveFileSpecW
PathStripToRootA
PathFindFileNameA
RedrawWindow
GetForegroundWindow
SetWindowRgn
SetMenuItemBitmaps
LoadBitmapW
DrawStateA
MoveWindow
EnableScrollBar
DestroyMenu
PostQuitMessage
GetMessagePos
SetWindowPos
SetScrollPos
IsWindow
DispatchMessageA
EndPaint
SetMenuItemInfoA
CharUpperBuffA
GrayStringA
WindowFromPoint
GetClassLongA
GetMessageTime
SetActiveWindow
GetDC
GetCursorPos
MapDialogRect
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
GetWindowTextLengthA
DefFrameProcA
IsWindowEnabled
GetClientRect
SetWindowContextHelpId
SetMenuDefaultItem
LoadImageW
GetNextDlgTabItem
CallNextHookEx
LoadAcceleratorsA
IsClipboardFormatAvailable
CharUpperA
CopyAcceleratorTableA
GetKeyboardState
GetActiveWindow
GetSubMenu
LoadImageA
LoadAcceleratorsW
GetTopWindow
MapVirtualKeyExA
InvalidateRgn
GetKeyState
PtInRect
DrawEdge
GetParent
SystemParametersInfoA
SetPropA
EqualRect
DefMDIChildProcA
GetClassInfoExA
ShowWindow
SetClassLongA
DrawFrameControl
GetNextDlgGroupItem
EnumDisplayMonitors
TranslateMDISysAccel
EnableWindow
SetWindowPlacement
LockWindowUpdate
PeekMessageA
TranslateMessage
GetAsyncKeyState
GetWindow
GetMenuDefaultItem
InsertMenuItemA
GetIconInfo
SetParent
SetClipboardData
ScrollWindow
IsCharLowerA
IsZoomed
GetWindowPlacement
GetWindowTextA
DrawMenuBar
EnableMenuItem
InvertRect
GetMenuItemCount
TabbedTextOutA
DrawFocusRect
SetTimer
GetKeyboardLayout
FillRect
MonitorFromPoint
CharNextA
GetSysColorBrush
RealChildWindowFromPoint
ReleaseDC
GetUpdateRect
DestroyWindow
IsChild
IsDialogMessageA
MapWindowPoints
CreateWindowExA
MapVirtualKeyA
GetMessageA
PostMessageA
BeginPaint
OffsetRect
SetFocus
GetScrollPos
CopyIcon
KillTimer
GetMonitorInfoA
TrackMouseEvent
GetComboBoxInfo
RegisterWindowMessageA
DefWindowProcA
ToAsciiEx
SendDlgItemMessageA
GetSystemMetrics
IsIconic
SetScrollRange
GetWindowRect
InflateRect
RegisterClassA
UpdateWindow
SetCapture
ReleaseCapture
GetScrollRange
SetWindowLongA
CheckDlgButton
WaitMessage
CreatePopupMenu
CheckMenuItem
GetWindowLongA
GetLastActivePopup
DrawIconEx
CreateMenu
GetDlgItem
GetMenuCheckMarkDimensions
BringWindowToTop
ClientToScreen
GetScrollInfo
InsertMenuA
GetCapture
DrawIcon
LoadCursorA
LoadIconA
TrackPopupMenu
SetWindowsHookExA
GetMenuItemInfoA
DestroyAcceleratorTable
BeginDeferWindowPos
GetDesktopWindow
ShowOwnedPopups
LoadCursorW
GetSystemMenu
ReuseDDElParam
GetMenuItemID
SetForegroundWindow
NotifyWinEvent
PostThreadMessageA
OpenClipboard
EmptyClipboard
DrawTextA
IntersectRect
SetLayeredWindowAttributes
EndDialog
LoadMenuA
HideCaret
CopyRect
CreateDialogIndirectParamA
RemovePropA
ScreenToClient
SetWindowTextA
MessageBeep
LoadMenuW
DrawTextExA
RemoveMenu
GetWindowThreadProcessId
DeferWindowPos
ShowScrollBar
AppendMenuA
GetMenuState
GetPropA
UnhookWindowsHookEx
RegisterClipboardFormatA
SetRectEmpty
GetMenuStringA
CallWindowProcA
MessageBoxA
GetClassNameA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
SetScrollInfo
CopyImage
EndDeferWindowPos
GetWindowRgn
UpdateLayeredWindow
GetDoubleClickTime
DestroyIcon
GetKeyNameTextA
IsWindowVisible
SubtractRect
UnpackDDElParam
SetCursorPos
WinHelpA
LoadIconW
UnionRect
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
InvalidateRect
SendMessageA
CreateAcceleratorTableA
TranslateAcceleratorA
ValidateRect
IsRectEmpty
IsMenu
GetFocus
CloseClipboard
ModifyMenuA
SetMenu
SetCursor
IsAppThemed
GetThemeSysColor
GetThemeColor
GetCurrentThemeName
DrawThemeText
OpenThemeData
DrawThemeParentBackground
CloseThemeData
DrawThemeBackground
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
HttpSendRequestA
InternetSetStatusCallback
InternetQueryDataAvailable
InternetWriteFile
HttpOpenRequestA
InternetReadFile
InternetCloseHandle
InternetOpenA
InternetGetLastResponseInfoA
InternetConnectA
InternetQueryOptionA
InternetSetOptionExA
HttpQueryInfoA
InternetSetFilePointer
PlaySoundA
OpenPrinterA
DocumentPropertiesA
ClosePrinter
WSAStartup
WSASetLastError
WSACleanup
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipGetImagePalette
GdipDisposeImage
GdipBitmapUnlockBits
GdiplusStartup
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipGetImageWidth
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipGetImagePaletteSize
GdipDrawImageI
GdipDrawImageRectI
GdipSetInterpolationMode
GdipFree
GdipGetImageHeight
GdipCloneImage
GdipGetImageGraphicsContext
OleLockRunning
CLSIDFromProgID
OleTranslateAccelerator
OleUninitialize
OleDestroyMenuDescriptor
DoDragDrop
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
OleFlushClipboard
IsAccelerator
CoCreateGuid
RegisterDragDrop
RevokeDragDrop
CoRegisterMessageFilter
OleGetClipboard
OleDuplicateData
CLSIDFromString
CreateILockBytesOnHGlobal
CoGetClassObject
CoInitialize
OleInitialize
CoLockObjectExternal
CoCreateInstance
CoTaskMemAlloc
CoInitializeEx
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CoUninitialize
OleCreateMenuDescriptor
CoFreeUnusedLibraries
ReleaseStgMedium
OleIsCurrentClipboard
CoTaskMemFree
Number of PE resources by type
RT_STRING 18
RT_CURSOR 16
RT_GROUP_CURSOR 15
RT_DIALOG 6
RT_ICON 4
RT_BITMAP 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 65
PE resources
ExifTool file metadata
SubsystemVersion
5.1

Comments
Voicent Smart Download Program

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.0.0.1

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Voicent Smart Download and Install

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
427008

EntryPoint
0x1309e5

OriginalFileName
vginstall.EXE

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2004 - 2008. Voicent Communications, Inc. All rights reserved.

FileVersion
6, 0, 0, 1

TimeStamp
2014:03:20 06:42:46+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
vginstall

ProductVersion
6, 0, 0, 1

UninitializedDataSize
0

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Voicent Communications, Inc

CodeSize
1416704

ProductName
Voicent Smart Download and Install Application

ProductVersionNumber
6.0.0.1

FileTypeExtension
exe

ObjectFileType
Executable application

Execution parents
File identification
MD5 ef6613fc6a6899ed13530a3f1d62dcf9
SHA1 335ce429ad8c0d1eba681942f7c50a74cfbb0059
SHA256 0424fae4e1f11c6a8fab185b410fa6c2e7ceb68dfe2cc583aa6a6fb7b1540cc3
ssdeep
49152:yRE34Eeu20Igq4L+LPIhoQQWNpOgW9bEnACdET75e:ym34Ee10IgR+LPIhbTvOgW9bEnAE

authentihash 0f0389509edc1ff731fa3d57a72c927c25c4581fd896c11cb228a5fe833e4808
imphash 5f04228d868d21b249e05822720ab65b
File size 1.7 MB ( 1816936 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (47.7%)
Windows screen saver (22.6%)
Win32 Dynamic Link Library (generic) (11.3%)
Win32 Executable (generic) (7.7%)
OS/2 Executable (generic) (3.5%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2014-03-24 02:14:50 UTC ( 4 years, 8 months ago )
Last submission 2018-04-29 06:59:10 UTC ( 6 months, 3 weeks ago )
File names voicent6.exe
0424FAE4E1F11C6A8FAB185B410FA6C2E7CEB68DFE2CC583AA6A6FB7B1540CC3
voicent9a.exe
52063088
voicent8.exe
voicent8a.exe
voicent5.exe
voicent8a.exe
voicent6.exe
voicent5.exe
output.52063088.txt
voicent8a.exe
filename
vginstall.EXE
voicent8.exe
myfile
vginstall
voicent7.exe
voicent7.exe
451415
1421950683-voicent8.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Hooking activity
Runtime DLLs
Additional details
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.