× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 072cbd957c6c2208ea8bf0c2d2609597b19d994e25a4b5e082806c43c7157faf
File name: hddinsp.exe
Detection ratio: 0 / 57
Analysis date: 2016-03-27 02:50:04 UTC ( 3 years, 1 month ago ) View latest
Antivirus Result Update
Ad-Aware 20160326
AegisLab 20160327
Yandex 20160316
AhnLab-V3 20160326
ALYac 20160327
Antiy-AVL 20160327
Arcabit 20160326
Avast 20160327
AVG 20160327
Avira (no cloud) 20160326
AVware 20160327
Baidu 20160325
Baidu-International 20160326
BitDefender 20160327
Bkav 20160327
ByteHero 20160327
CAT-QuickHeal 20160326
ClamAV 20160326
CMC 20160322
Comodo 20160327
Cyren 20160327
DrWeb 20160327
Emsisoft 20160327
ESET-NOD32 20160327
F-Prot 20160327
F-Secure 20160326
Fortinet 20160327
GData 20160327
Ikarus 20160326
Jiangmin 20160327
K7AntiVirus 20160326
K7GW 20160323
Kaspersky 20160327
Kingsoft 20160327
Malwarebytes 20160326
McAfee 20160327
McAfee-GW-Edition 20160327
Microsoft 20160326
eScan 20160327
NANO-Antivirus 20160327
nProtect 20160325
Panda 20160326
Qihoo-360 20160327
Rising 20160327
Sophos AV 20160327
SUPERAntiSpyware 20160326
Symantec 20160327
Tencent 20160327
TheHacker 20160325
TotalDefense 20160327
TrendMicro 20160327
TrendMicro-HouseCall 20160327
VBA32 20160326
VIPRE 20160326
ViRobot 20160327
Zillya 20160326
Zoner 20160327
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
© AltrixSoft company

Product Hard Drive Inspector
File version 4.35.243.0
Description Hard Drive Inspector
Signature verification Signed file, verified signature
Signing date 8:24 PM 7/27/2015
Signers
[+] Altrix Software Ltd
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer COMODO RSA Code Signing CA
Valid from 12:00 AM 03/26/2015
Valid to 11:59 PM 03/25/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint E7B713D273206B42ED040940B6BA625AD03A356A
Serial number 00 C1 2D E6 FB 9F 4C 72 ED E1 18 1F 83 14 4C 34 94
[+] COMODO RSA Code Signing CA
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 12:00 AM 05/09/2013
Valid to 11:59 PM 05/08/2028
Valid usage Code Signing
Algorithm sha384RSA
Thumbprint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
[+] COMODO SECURE™
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 12:00 AM 01/19/2010
Valid to 11:59 PM 01/18/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha384RSA
Thumbprint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 12:00 AM 10/18/2012
Valid to 11:59 PM 12/29/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 12/21/2012
Valid to 11:59 PM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 01/01/1997
Valid to 11:59 PM 12/31/2020
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT NSIS, appended, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-01-13 18:26:12
Entry Point 0x000032D4
Number of sections 5
PE sections
Overlays
MD5 4cdc9ec61f913e5758acca7796868867
File type data
Offset 48128
Size 2734016
Entropy 8.00
PE imports
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyA
RegDeleteValueA
ImageList_Create
Ord(17)
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
SetBkMode
CreateBrushIndirect
CreateFontIndirectA
SelectObject
SetBkColor
DeleteObject
SetTextColor
GetLastError
LoadLibraryA
lstrlenA
lstrcmpiA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
CopyFileA
ExitProcess
SetFileTime
GlobalUnlock
GetModuleFileNameA
RemoveDirectoryA
GetShortPathNameA
GetCurrentProcess
CompareFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileSize
lstrcatA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GlobalLock
SetFileAttributesA
SetFilePointer
GetTempPathA
CreateThread
GetFileAttributesA
GetModuleHandleA
lstrcmpA
ReadFile
WriteFile
FindFirstFileA
CloseHandle
GetTempFileNameA
lstrcpynA
FindNextFileA
GetSystemDirectoryA
GetDiskFreeSpaceA
ExpandEnvironmentStringsA
GetFullPathNameA
FreeLibrary
MoveFileA
CreateProcessA
GetEnvironmentVariableA
GlobalAlloc
SearchPathA
FindClose
Sleep
CreateFileA
GetTickCount
GetProcAddress
SetCurrentDirectoryA
MulDiv
SHGetFileInfoA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHFileOperationA
EmptyClipboard
GetMessagePos
EndPaint
CharPrevA
EndDialog
DestroyWindow
PostQuitMessage
DefWindowProcA
SetWindowTextA
SetClassLongA
LoadBitmapA
SetWindowPos
GetSystemMetrics
IsWindow
AppendMenuA
GetWindowRect
DispatchMessageA
RegisterClassA
SetDlgItemTextA
LoadImageA
GetDlgItemTextA
MessageBoxA
PeekMessageA
SetWindowLongA
IsWindowEnabled
GetSysColor
CheckDlgButton
GetDC
FindWindowExA
SystemParametersInfoA
BeginPaint
CreatePopupMenu
wsprintfA
DialogBoxParamA
SetClipboardData
IsWindowVisible
GetClassInfoA
SetForegroundWindow
GetClientRect
CreateWindowExA
GetDlgItem
CreateDialogParamA
DrawTextA
ScreenToClient
InvalidateRect
GetWindowLongA
SendMessageTimeoutA
SetTimer
LoadCursorA
TrackPopupMenu
SendMessageA
FillRect
ShowWindow
CharNextA
CallWindowProcA
EnableWindow
CloseClipboard
SetCursor
ExitWindowsEx
OpenClipboard
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
OleUninitialize
CoCreateInstance
OleInitialize
Number of PE resources by type
RT_ICON 7
RT_DIALOG 6
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 16
PE resources
ExifTool file metadata
LegalTrademarks
Hard Drive Inspector is a trademark of AltrixSoft company

SubsystemVersion
4.0

InitializedDataSize
122368

ImageVersion
0.0

ProductName
Hard Drive Inspector

FileVersionNumber
4.35.243.0

UninitializedDataSize
1024

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
ASCII

LinkerVersion
6.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.35.243.0

TimeStamp
2007:01:13 19:26:12+01:00

FileType
Win32 EXE

PEType
PE32

FileDescription
Hard Drive Inspector

OSVersion
4.0

FileOS
Win32

LegalCopyright
AltrixSoft company

MachineType
Intel 386 or later, and compatibles

CompanyName
AltrixSoft

CodeSize
23552

FileSubtype
0

ProductVersionNumber
4.35.243.0

EntryPoint
0x32d4

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 ce168ee142c8dd431e6fbc6c8a9884bc
SHA1 27b553a81ebcae8e1d46b50a988d86d7863a33c3
SHA256 072cbd957c6c2208ea8bf0c2d2609597b19d994e25a4b5e082806c43c7157faf
ssdeep
49152:LdmTnUFs74ky7qKpTBw+gG4qG4zlpfsF5tCYKk8bMozEreqnlqOQu4t:gRskU1TS64qG4zkF6T7Mb

authentihash e47afc4898fe29827bff53b6d0f132955404f6453647a11dac9137aebeb9a7f8
imphash 9c523d8653da5455667e3f82274f2f88
File size 2.7 MB ( 2782144 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID NSIS - Nullsoft Scriptable Install System (94.6%)
Win32 Executable MS Visual C++ (generic) (3.4%)
Win32 Dynamic Link Library (generic) (0.7%)
Win32 Executable (generic) (0.5%)
OS/2 Executable (generic) (0.2%)
Tags
nsis peexe signed overlay

VirusTotal metadata
First submission 2015-07-28 00:12:25 UTC ( 3 years, 10 months ago )
Last submission 2018-09-04 09:20:28 UTC ( 8 months, 2 weeks ago )
File names hddinsp.exe
Hddinsp.Exe
hardinspector.exe
Hard Drive Inspector.exe
072cbd957c6c2208ea8bf0c2d2609597b19d994e25a4b5e082806c43c7157faf
filename
704978
072CBD957C6C2208EA8BF0C2D2609597B19D994E25A4B5E082806C43C7157FAF
hddinsp.exe
Hddinsp.Exe
hddinsp.exe
hddinsp.exe
hard drive inspector trial altrixsoft.com hddinsp.exe
1439215205-hddinsp.exe
hddinsp.exe
hddinsp.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Deleted files
Created mutexes
Runtime DLLs