× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0777a860be68a2d1abc99332a020e0a2656c7c664d302ee417e3765032b43ee3
File name: 593825
Detection ratio: 0 / 57
Analysis date: 2016-04-03 09:03:08 UTC ( 2 years, 1 month ago ) View latest
Antivirus Result Update
Ad-Aware 20160403
AegisLab 20160403
AhnLab-V3 20160402
Alibaba 20160401
ALYac 20160403
Antiy-AVL 20160403
Arcabit 20160403
Avast 20160403
AVG 20160403
Avira (no cloud) 20160402
AVware 20160403
Baidu 20160402
Baidu-International 20160402
BitDefender 20160403
Bkav 20160402
CAT-QuickHeal 20160402
ClamAV 20160402
CMC 20160401
Comodo 20160402
Cyren 20160403
DrWeb 20160403
Emsisoft 20160403
ESET-NOD32 20160403
F-Prot 20160403
F-Secure 20160403
Fortinet 20160403
GData 20160403
Ikarus 20160403
Jiangmin 20160403
K7AntiVirus 20160403
K7GW 20160403
Kaspersky 20160403
Kingsoft 20160403
Malwarebytes 20160403
McAfee 20160403
McAfee-GW-Edition 20160403
Microsoft 20160403
eScan 20160403
NANO-Antivirus 20160403
nProtect 20160401
Panda 20160402
Qihoo-360 20160403
Rising 20160403
Sophos AV 20160403
SUPERAntiSpyware 20160403
Symantec 20160331
Tencent 20160403
TheHacker 20160403
TotalDefense 20160402
TrendMicro 20160403
TrendMicro-HouseCall 20160403
VBA32 20160401
VIPRE 20160403
ViRobot 20160402
Yandex 20160316
Zillya 20160402
Zoner 20160403
The file being studied is a Windows Installer file! These types of files are software components used for the installation, maintenance, and removal of software on modern Microsoft Windows systems.
Authenticode signature block
Signature verification Certificate out of its validity period
Signers
[+] Tekplus LLC
Status This certificate or one of the certificates in the certificate chain is not time valid.
Valid from 6:45 PM 6/27/2014
Valid to 8:15 PM 7/14/2017
Valid usage Code Signing
Algorithm sha256RSA
Thumbrint A082268D4FFD57471C9275D3F492DC8F951F5A5C
Serial number 04 1F 72 D3 04 D9 27
[+] Go Daddy Secure Certificate Authority - G2
Status Valid
Valid from 8:00 AM 5/3/2011
Valid to 8:00 AM 5/3/2031
Valid usage All
Algorithm sha256RSA
Thumbrint 27AC9369FAF25207BB2627CEFACCBE4EF9C319B8
Serial number 07
[+] Go Daddy Root Certificate Authority - G2
Status Valid
Valid from 8:00 AM 1/1/2014
Valid to 8:00 AM 5/30/2031
Valid usage All
Algorithm sha256RSA
Thumbrint 340B2880F446FCC04E59ED33F52B3D08D6242964
Serial number 1B E7 15
[+] Go Daddy Class 2 Certification Authority
Status Valid
Valid from 6:06 PM 6/29/2004
Valid to 6:06 PM 6/29/2034
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbrint 2796BAE63F1801E277261BA0D77770028F20EEE4
Serial number 00
OLE structured storage summary
creation_datetime
1999-06-21 08:00:00
author
Halfpricesoft.com
title
ezCheckPersonalSetup
page_count
200
word_count
2
last_saved
2014-12-05 17:19:35
revision_number
{B7007A20-4679-40ED-BFE3-7EDD2B5C9E31}
last_printed
2014-12-05 17:19:35
application_name
Windows Installer
security
1
template
Intel;1033
code_page
Latin I
comments
ezCheckPersonal
OLE Streams
name
Root Entry
clsid
000c1084-0000-0000-c000-000000000046
type_literal
root
clsid_literal
on
sid
0
size
13696
type_literal
stream
sid
50
name
\x05DigitalSignature
size
5540
type_literal
stream
sid
49
name
\x05MsiDigitalSignatureEx
size
20
type_literal
stream
sid
1
name
\x05SummaryInformation
size
448
type_literal
stream
sid
48
name
\u383f\u3884\u3b0f\u3b49\u39cf\u3acb\u3b02\u398d\u3b0c\u3b89\u38c7\u3a8d\u3943\u39c2\u3bca\u38c1\u480b
size
1354700
type_literal
stream
sid
29
name
\u4192\u4472\u47fe\u3801\u3885\u3a8e\u3ac9\u398c\u394e\u398a\u3b4c\u38c0\u3bc0\u3847\u423e\u423b
size
10134
type_literal
stream
sid
33
name
\u4192\u4472\u47fe\u38c4\u3ace\u39c4\u3883\u3a47\u3941\u3bc3\u3948\u390a\u3bc8\u3886\u423e\u423b
size
766
type_literal
stream
sid
32
name
\u4192\u4472\u47fe\u394e\u3805\u3904\u3a40\u3b85\u3a0d\u39c1\u39c6\u3904\u3a41\u3845\u423e\u423b
size
766
type_literal
stream
sid
31
name
\u4192\u4472\u47fe\u3b08\u3a8a\u38c8\u3b83\u3801\u398f\u3841\u3800\u3803\u38c9\u3ac2\u423e\u423b
size
10134
type_literal
stream
sid
45
name
\u430b\u4131\u4735\u3b7e\u4268\u410b\u4471\u4568\u430b\u4437\u44e4
size
5088
type_literal
stream
sid
23
name
\u430b\u4131\u4735\u3dbe\u3fdc\u3b4b\u3b19\u3b4a\u3d55
size
214016
type_literal
stream
sid
36
name
\u430b\u4131\u4735\u3dfe\u46a8\u43cf\u4567\u45cb\u4831
size
318
type_literal
stream
sid
35
name
\u430b\u4131\u4735\u3fbe\u3bf3\u41ef\u3af5\u4477
size
318
type_literal
stream
sid
25
name
\u430b\u4131\u4735\u3ffe\u3b5c\u3b97\u3b1d\u3c0f
size
11225
type_literal
stream
sid
4
name
\u4840\u3b3f\u43f2\u4438\u45b1
size
3328
type_literal
stream
sid
44
name
\u4840\u3c9e\u421d\u45fb
size
204
type_literal
stream
sid
6
name
\u4840\u3f3f\u4577\u446c\u3b6a\u45e4\u4824
size
58196
type_literal
stream
sid
5
name
\u4840\u3f3f\u4577\u446c\u3e6a\u44b2\u482f
size
5088
type_literal
stream
sid
3
name
\u4840\u3f7f\u4164\u422f\u4836
size
176
type_literal
stream
sid
21
name
\u4840\u3fff\u41f6\u4115\u4478\u42e6\u448c\u41f1\u45ec\u44ac\u4831
size
6
type_literal
stream
sid
2
name
\u4840\u3fff\u43e4\u41ec\u45e4\u44ac\u4831
size
10248
type_literal
stream
sid
43
name
\u4840\u411b\u4327\u3af2\u45f8\u44b7\u4831
size
144
type_literal
stream
sid
28
name
\u4840\u4192\u4472
size
16
type_literal
stream
sid
18
name
\u4840\u41ca\u4330\u3bb1\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
54
type_literal
stream
sid
20
name
\u4840\u41ca\u4330\u3fb1\u3f12\u4528\u4238\u41b1\u4828
size
72
type_literal
stream
sid
17
name
\u4840\u41ca\u45f9\u46ce\u41a8\u45f8\u3f28\u4528\u4238\u41b1\u4828
size
96
type_literal
stream
sid
46
name
\u4840\u420f\u45e4\u4578\u3b28\u4432\u44b3\u4231\u45f1\u4836
size
48
type_literal
stream
sid
7
name
\u4840\u420f\u45e4\u4578\u4828
size
16
type_literal
stream
sid
47
name
\u4840\u4216\u4327\u4824
size
12
type_literal
stream
sid
27
name
\u4840\u421b\u432a\u45f6\u4735
size
24
type_literal
stream
sid
14
name
\u4840\u421b\u44b0\u4239\u430f\u422f
size
10
type_literal
stream
sid
41
name
\u4840\u421d\u45fb\u45dc\u43fc\u4828
size
48
type_literal
stream
sid
30
name
\u4840\u42dc\u4572\u41b7\u45f8
size
96
type_literal
stream
sid
22
name
\u4840\u430b\u4131\u4735
size
20
type_literal
stream
sid
13
name
\u4840\u430d\u4235\u45e6\u4572\u483c
size
30
type_literal
stream
sid
40
name
\u4840\u430d\u43e4\u42b2
size
550
type_literal
stream
sid
9
name
\u4840\u430f\u422f
size
162
type_literal
stream
sid
16
name
\u4840\u4452\u45f6\u43e4\u3baf\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
414
type_literal
stream
sid
19
name
\u4840\u4452\u45f6\u43e4\u3faf\u3f12\u4528\u4238\u41b1\u4828
size
132
type_literal
stream
sid
8
name
\u4840\u448c\u44f0\u4472\u4468\u4837
size
144
type_literal
stream
sid
38
name
\u4840\u448c\u45f1\u44b5\u3b2f\u4472\u4327\u4337\u4472
size
592
type_literal
stream
sid
39
name
\u4840\u448c\u45f1\u44b5\u3baf\u4239\u45f1
size
1104
type_literal
stream
sid
37
name
\u4840\u448c\u45f1\u44b5\u482f
size
5642
type_literal
stream
sid
10
name
\u4840\u448f\u45f1
size
4
type_literal
stream
sid
34
name
\u4840\u4496\u4627\u422f\u431c\u446a\u45e4\u4578\u4828
size
84
type_literal
stream
sid
26
name
\u4840\u44de\u456a\u41e4\u4828
size
32
type_literal
stream
sid
24
name
\u4840\u4559\u44f2\u4568\u4737
size
152
type_literal
stream
sid
12
name
\u4840\u4596\u3aac\u45b6\u4428\u43e5\u3dfc\u4424\u4828
size
78
type_literal
stream
sid
11
name
\u4840\u4596\u3aac\u45b6\u4428\u43e5\u483c
size
30
type_literal
stream
sid
15
name
\u4840\u460c\u45f6\u4432\u418a\u4337\u4472
size
56
type_literal
stream
sid
42
name
\u4840\u464e\u4468\u3db7\u44e4\u4333\u42b1
size
200
ExifTool file metadata
MIMEType
image/vnd.fpx

ModifyDate
2014:12:05 16:19:35

Words
2

Author
Halfpricesoft.com

FileType
FPX

Title
ezCheckPersonalSetup

Comments
ezCheckPersonal

Pages
200

FileTypeExtension
fpx

Template
Intel;1033

CreateDate
1999:06:21 07:00:00

LastPrinted
2014:12:05 16:19:35

Security
Password protected

CodePage
Windows Latin 1 (Western European)

RevisionNumber
{B7007A20-4679-40ED-BFE3-7EDD2B5C9E31}

Software
Windows Installer

File identification
MD5 d560420be24ce926acc58756ce3e759d
SHA1 7c451630c642b18588cf2f0815e76b78951ff893
SHA256 0777a860be68a2d1abc99332a020e0a2656c7c664d302ee417e3765032b43ee3
ssdeep
49152:P9ftffB9pvCv796BMP2lUPW8TnGbudpvq:Ntf5CjvP2ldWG/

File size 1.6 MB ( 1727488 bytes )
File type Windows Installer
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.2, Create Time/Date: Sun Jun 20 07:00:00 1999, Name of Creating Application: Windows Installer, Security: 1, Code page: 1252, Template: Intel

TrID Microsoft Windows Installer (80.5%)
Windows SDK Setup Transform Script (9.1%)
Windows Installer Patch (6.4%)
Microsoft Word document (old ver.) (2.7%)
Generic OLE2 / Multistream Compound File (1.1%)
Tags
msi signed

VirusTotal metadata
First submission 2015-01-22 15:46:53 UTC ( 3 years, 4 months ago )
Last submission 2017-11-10 02:59:59 UTC ( 6 months, 2 weeks ago )
File names ezCheckPersonalSetup.msi
1420744503-ezCheckPersonalSetup.msi
19afe27b.msi
ezCheckPersonalSetupV3.msi
filename
4a045.msi
ezCheckPersonalSetup.msi
ezCheckPersonalSetup.msi
1418948103-ezCheckPersonalSetup.msi
593825
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!