× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0777a860be68a2d1abc99332a020e0a2656c7c664d302ee417e3765032b43ee3
File name: 593825
Detection ratio: 0 / 57
Analysis date: 2016-04-03 09:03:08 UTC ( 2 years, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160403
AegisLab 20160403
AhnLab-V3 20160402
Alibaba 20160401
ALYac 20160403
Antiy-AVL 20160403
Arcabit 20160403
Avast 20160403
AVG 20160403
Avira (no cloud) 20160402
AVware 20160403
Baidu 20160402
Baidu-International 20160402
BitDefender 20160403
Bkav 20160402
CAT-QuickHeal 20160402
ClamAV 20160402
CMC 20160401
Comodo 20160402
Cyren 20160403
DrWeb 20160403
Emsisoft 20160403
ESET-NOD32 20160403
F-Prot 20160403
F-Secure 20160403
Fortinet 20160403
GData 20160403
Ikarus 20160403
Jiangmin 20160403
K7AntiVirus 20160403
K7GW 20160403
Kaspersky 20160403
Kingsoft 20160403
Malwarebytes 20160403
McAfee 20160403
McAfee-GW-Edition 20160403
Microsoft 20160403
eScan 20160403
NANO-Antivirus 20160403
nProtect 20160401
Panda 20160402
Qihoo-360 20160403
Rising 20160403
Sophos AV 20160403
SUPERAntiSpyware 20160403
Symantec 20160331
Tencent 20160403
TheHacker 20160403
TotalDefense 20160402
TrendMicro 20160403
TrendMicro-HouseCall 20160403
VBA32 20160401
VIPRE 20160403
ViRobot 20160402
Yandex 20160316
Zillya 20160402
Zoner 20160403
The file being studied is a Windows Installer file! These types of files are software components used for the installation, maintenance, and removal of software on modern Microsoft Windows systems.
Authenticode signature block
Signature verification Certificate out of its validity period
Signers
[+] Tekplus LLC
Status This certificate or one of the certificates in the certificate chain is not time valid.
Valid from 6:45 PM 6/27/2014
Valid to 8:15 PM 7/14/2017
Valid usage Code Signing
Algorithm sha256RSA
Thumbrint A082268D4FFD57471C9275D3F492DC8F951F5A5C
Serial number 04 1F 72 D3 04 D9 27
[+] Go Daddy Secure Certificate Authority - G2
Status Valid
Valid from 8:00 AM 5/3/2011
Valid to 8:00 AM 5/3/2031
Valid usage All
Algorithm sha256RSA
Thumbrint 27AC9369FAF25207BB2627CEFACCBE4EF9C319B8
Serial number 07
[+] Go Daddy Root Certificate Authority - G2
Status Valid
Valid from 8:00 AM 1/1/2014
Valid to 8:00 AM 5/30/2031
Valid usage All
Algorithm sha256RSA
Thumbrint 340B2880F446FCC04E59ED33F52B3D08D6242964
Serial number 1B E7 15
[+] Go Daddy Class 2 Certification Authority
Status Valid
Valid from 6:06 PM 6/29/2004
Valid to 6:06 PM 6/29/2034
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbrint 2796BAE63F1801E277261BA0D77770028F20EEE4
Serial number 00
OLE structured storage summary
creation_datetime
1999-06-21 08:00:00
author
Halfpricesoft.com
comments
ezCheckPersonal
title
ezCheckPersonalSetup
page_count
200
last_saved
2014-12-05 17:19:35
word_count
2
revision_number
{B7007A20-4679-40ED-BFE3-7EDD2B5C9E31}
last_printed
2014-12-05 17:19:35
application_name
Windows Installer
security
1
code_page
Latin I
template
Intel;1033
OLE Streams
name
Root Entry
clsid
000c1084-0000-0000-c000-000000000046
type_literal
root
clsid_literal
on
sid
0
size
13696
type_literal
stream
size
5540
name
\x05DigitalSignature
sid
50
type_literal
stream
size
20
name
\x05MsiDigitalSignatureEx
sid
49
type_literal
stream
size
448
name
\x05SummaryInformation
sid
1
type_literal
stream
size
1354700
name
\u383f\u3884\u3b0f\u3b49\u39cf\u3acb\u3b02\u398d\u3b0c\u3b89\u38c7\u3a8d\u3943\u39c2\u3bca\u38c1\u480b
sid
48
type_literal
stream
size
10134
name
\u4192\u4472\u47fe\u3801\u3885\u3a8e\u3ac9\u398c\u394e\u398a\u3b4c\u38c0\u3bc0\u3847\u423e\u423b
sid
29
type_literal
stream
size
766
name
\u4192\u4472\u47fe\u38c4\u3ace\u39c4\u3883\u3a47\u3941\u3bc3\u3948\u390a\u3bc8\u3886\u423e\u423b
sid
33
type_literal
stream
size
766
name
\u4192\u4472\u47fe\u394e\u3805\u3904\u3a40\u3b85\u3a0d\u39c1\u39c6\u3904\u3a41\u3845\u423e\u423b
sid
32
type_literal
stream
size
10134
name
\u4192\u4472\u47fe\u3b08\u3a8a\u38c8\u3b83\u3801\u398f\u3841\u3800\u3803\u38c9\u3ac2\u423e\u423b
sid
31
type_literal
stream
size
5088
name
\u430b\u4131\u4735\u3b7e\u4268\u410b\u4471\u4568\u430b\u4437\u44e4
sid
45
type_literal
stream
size
214016
name
\u430b\u4131\u4735\u3dbe\u3fdc\u3b4b\u3b19\u3b4a\u3d55
sid
23
type_literal
stream
size
318
name
\u430b\u4131\u4735\u3dfe\u46a8\u43cf\u4567\u45cb\u4831
sid
36
type_literal
stream
size
318
name
\u430b\u4131\u4735\u3fbe\u3bf3\u41ef\u3af5\u4477
sid
35
type_literal
stream
size
11225
name
\u430b\u4131\u4735\u3ffe\u3b5c\u3b97\u3b1d\u3c0f
sid
25
type_literal
stream
size
3328
name
\u4840\u3b3f\u43f2\u4438\u45b1
sid
4
type_literal
stream
size
204
name
\u4840\u3c9e\u421d\u45fb
sid
44
type_literal
stream
size
58196
name
\u4840\u3f3f\u4577\u446c\u3b6a\u45e4\u4824
sid
6
type_literal
stream
size
5088
name
\u4840\u3f3f\u4577\u446c\u3e6a\u44b2\u482f
sid
5
type_literal
stream
size
176
name
\u4840\u3f7f\u4164\u422f\u4836
sid
3
type_literal
stream
size
6
name
\u4840\u3fff\u41f6\u4115\u4478\u42e6\u448c\u41f1\u45ec\u44ac\u4831
sid
21
type_literal
stream
size
10248
name
\u4840\u3fff\u43e4\u41ec\u45e4\u44ac\u4831
sid
2
type_literal
stream
size
144
name
\u4840\u411b\u4327\u3af2\u45f8\u44b7\u4831
sid
43
type_literal
stream
size
16
name
\u4840\u4192\u4472
sid
28
type_literal
stream
size
54
name
\u4840\u41ca\u4330\u3bb1\u423b\u4626\u4237\u421c\u4634\u4468\u4226
sid
18
type_literal
stream
size
72
name
\u4840\u41ca\u4330\u3fb1\u3f12\u4528\u4238\u41b1\u4828
sid
20
type_literal
stream
size
96
name
\u4840\u41ca\u45f9\u46ce\u41a8\u45f8\u3f28\u4528\u4238\u41b1\u4828
sid
17
type_literal
stream
size
48
name
\u4840\u420f\u45e4\u4578\u3b28\u4432\u44b3\u4231\u45f1\u4836
sid
46
type_literal
stream
size
16
name
\u4840\u420f\u45e4\u4578\u4828
sid
7
type_literal
stream
size
12
name
\u4840\u4216\u4327\u4824
sid
47
type_literal
stream
size
24
name
\u4840\u421b\u432a\u45f6\u4735
sid
27
type_literal
stream
size
10
name
\u4840\u421b\u44b0\u4239\u430f\u422f
sid
14
type_literal
stream
size
48
name
\u4840\u421d\u45fb\u45dc\u43fc\u4828
sid
41
type_literal
stream
size
96
name
\u4840\u42dc\u4572\u41b7\u45f8
sid
30
type_literal
stream
size
20
name
\u4840\u430b\u4131\u4735
sid
22
type_literal
stream
size
30
name
\u4840\u430d\u4235\u45e6\u4572\u483c
sid
13
type_literal
stream
size
550
name
\u4840\u430d\u43e4\u42b2
sid
40
type_literal
stream
size
162
name
\u4840\u430f\u422f
sid
9
type_literal
stream
size
414
name
\u4840\u4452\u45f6\u43e4\u3baf\u423b\u4626\u4237\u421c\u4634\u4468\u4226
sid
16
type_literal
stream
size
132
name
\u4840\u4452\u45f6\u43e4\u3faf\u3f12\u4528\u4238\u41b1\u4828
sid
19
type_literal
stream
size
144
name
\u4840\u448c\u44f0\u4472\u4468\u4837
sid
8
type_literal
stream
size
592
name
\u4840\u448c\u45f1\u44b5\u3b2f\u4472\u4327\u4337\u4472
sid
38
type_literal
stream
size
1104
name
\u4840\u448c\u45f1\u44b5\u3baf\u4239\u45f1
sid
39
type_literal
stream
size
5642
name
\u4840\u448c\u45f1\u44b5\u482f
sid
37
type_literal
stream
size
4
name
\u4840\u448f\u45f1
sid
10
type_literal
stream
size
84
name
\u4840\u4496\u4627\u422f\u431c\u446a\u45e4\u4578\u4828
sid
34
type_literal
stream
size
32
name
\u4840\u44de\u456a\u41e4\u4828
sid
26
type_literal
stream
size
152
name
\u4840\u4559\u44f2\u4568\u4737
sid
24
type_literal
stream
size
78
name
\u4840\u4596\u3aac\u45b6\u4428\u43e5\u3dfc\u4424\u4828
sid
12
type_literal
stream
size
30
name
\u4840\u4596\u3aac\u45b6\u4428\u43e5\u483c
sid
11
type_literal
stream
size
56
name
\u4840\u460c\u45f6\u4432\u418a\u4337\u4472
sid
15
type_literal
stream
size
200
name
\u4840\u464e\u4468\u3db7\u44e4\u4333\u42b1
sid
42
ExifTool file metadata
MIMEType
image/vnd.fpx

ModifyDate
2014:12:05 16:19:35

Words
2

Author
Halfpricesoft.com

FileType
FPX

Title
ezCheckPersonalSetup

Comments
ezCheckPersonal

Pages
200

FileTypeExtension
fpx

Template
Intel;1033

CreateDate
1999:06:21 07:00:00

LastPrinted
2014:12:05 16:19:35

Security
Password protected

CodePage
Windows Latin 1 (Western European)

RevisionNumber
{B7007A20-4679-40ED-BFE3-7EDD2B5C9E31}

Software
Windows Installer

File identification
MD5 d560420be24ce926acc58756ce3e759d
SHA1 7c451630c642b18588cf2f0815e76b78951ff893
SHA256 0777a860be68a2d1abc99332a020e0a2656c7c664d302ee417e3765032b43ee3
ssdeep
49152:P9ftffB9pvCv796BMP2lUPW8TnGbudpvq:Ntf5CjvP2ldWG/

File size 1.6 MB ( 1727488 bytes )
File type Windows Installer
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.2, Create Time/Date: Sun Jun 20 07:00:00 1999, Name of Creating Application: Windows Installer, Security: 1, Code page: 1252, Template: Intel

TrID Microsoft Windows Installer (77.2%)
Windows SDK Setup Transform Script (10.6%)
Windows Installer Patch (7.5%)
Microsoft Word document (old ver.) (3.2%)
Generic OLE2 / Multistream Compound File (1.3%)
Tags
msi signed

VirusTotal metadata
First submission 2015-01-22 15:46:53 UTC ( 3 years, 9 months ago )
Last submission 2017-11-10 02:59:59 UTC ( 11 months, 2 weeks ago )
File names ezCheckPersonalSetup.msi
1420744503-ezCheckPersonalSetup.msi
19afe27b.msi
ezCheckPersonalSetupV3.msi
filename
4a045.msi
ezCheckPersonalSetup.msi
ezCheckPersonalSetup.msi
1418948103-ezCheckPersonalSetup.msi
593825
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!