× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 077bfbb56056becc2b984ee6c0eb487c02bf7c05f9e2f758655d6551e06a2736
File name: USBGuard6.6.0.0.exe
Detection ratio: 4 / 69
Analysis date: 2019-01-15 17:53:37 UTC ( 1 month ago ) View latest
Antivirus Result Update
Comodo ApplicUnwnt@#2j1oeg77cp0m1 20190114
Cyren W32/GenBl.D9E70716!Olympus 20190115
ESET-NOD32 a variant of Win32/Adware.Linkzb.A 20190114
Ikarus PUA.Linkzb 20190115
Acronis 20190111
Ad-Aware 20190115
AegisLab 20190115
AhnLab-V3 20190114
Alibaba 20180921
ALYac 20190115
Antiy-AVL 20190115
Arcabit 20190115
Avast 20190115
Avast-Mobile 20190115
AVG 20190115
Avira (no cloud) 20190115
Babable 20180918
Baidu 20190115
BitDefender 20190115
Bkav 20190108
CAT-QuickHeal 20190114
ClamAV 20190115
CMC 20190114
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190115
DrWeb 20190114
eGambit 20190115
Emsisoft 20190114
Endgame 20181108
F-Prot 20190115
F-Secure 20190114
Fortinet 20190114
GData 20190115
Sophos ML 20181128
Jiangmin 20190114
K7AntiVirus 20190114
K7GW 20190114
Kaspersky 20190114
Kingsoft 20190115
Malwarebytes 20190114
MAX 20190115
McAfee 20190114
McAfee-GW-Edition 20190114
Microsoft 20190114
eScan 20190114
NANO-Antivirus 20190114
Palo Alto Networks (Known Signatures) 20190115
Panda 20190114
Qihoo-360 20190115
Rising 20190115
SentinelOne (Static ML) 20181223
Sophos AV 20190115
SUPERAntiSpyware 20190109
Symantec 20190115
TACHYON 20190115
Tencent 20190115
TheHacker 20190115
Trapmine 20190103
TrendMicro 20190115
TrendMicro-HouseCall 20190115
Trustlook 20190115
VBA32 20190115
ViRobot 20190115
Webroot 20190115
Yandex 20190111
Zillya 20190115
ZoneAlarm by Check Point 20190115
Zoner 20190115
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright

Product USB Disk Security
File version 6.6.0.0
Description USB Disk Security Setup
Comments This installation was built with Inno Setup.
Signature verification Signed file, verified signature
Signing date 8:43 PM 4/7/2018
Signers
[+] Bo Zheng
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer StartCom Class 2 Object CA
Valid from 12:08 PM 07/11/2016
Valid to 12:08 PM 07/11/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint BCC83EF4A2B5374CEF1B7998A343082DF0104069
Serial number 36 A5 20 0F CF 2B 5F 39 F5 0E 10 BE 55 E6 8D B9
[+] StartCom Class 2 Object CA
Status Valid
Issuer StartCom Certification Authority
Valid from 01:00 AM 12/16/2015
Valid to 01:00 AM 12/16/2030
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 1F6421C176CF03ED52CC37F21B587F166CEB828B
Serial number 6C 3B D2 7E DD 3C 94 9E 95 8E 28 A9 B3 C7 57 A0
[+] StartCom Certification Authority
Status Valid
Issuer StartCom Certification Authority
Valid from 06:46 PM 09/17/2006
Valid to 06:46 PM 09/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbprint 3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F
Serial number 01
Counter signers
[+] StartCom Time Stamping Signer
Status Valid
Issuer StartCom Class 3 Primary Intermediate Object CA
Valid from 01:00 AM 12/28/2015
Valid to 12:00 AM 10/12/2022
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint CD78DC95DE34612F8893B35B2C71489A8B6002D1
Serial number 60 2B 71 7F 8B BA 95 76 CC 0B 59 C7 92 76 D4 82
[+] StartCom Class 3 Primary Intermediate Object CA
Status Valid
Issuer StartCom Certification Authority
Valid from 09:03 PM 10/14/2007
Valid to 09:03 PM 10/14/2022
Valid usage All
Algorithm sha256RSA
Thumbrint F960E82855F1C52C8B162DD93EDA220B3DFF1389
Serial number 1B 86 12 67 7A E1 9D
[+] StartCom Certification Authority
Status Valid
Issuer StartCom Certification Authority
Valid from 06:46 PM 09/17/2006
Valid to 06:46 PM 09/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbrint 3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F
Serial number 01
Packers identified
F-PROT INNO, appended, UTF-8, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-07-09 07:58:13
Entry Point 0x000113BC
Number of sections 8
PE sections
Overlays
MD5 9b49025fd2349d6e33d2f0daa981e57a
File type data
Offset 124416
Size 8487096
Entropy 8.00
PE imports
RegCloseKey
OpenProcessToken
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControls
GetLastError
GetStdHandle
GetUserDefaultLangID
GetSystemInfo
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetThreadLocale
VirtualProtect
GetFileAttributesW
RtlUnwind
lstrlenW
GetExitCodeProcess
CreateProcessW
GetStartupInfoA
SizeofResource
GetWindowsDirectoryW
LocalAlloc
LockResource
GetDiskFreeSpaceW
GetCommandLineW
SetErrorMode
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetCPInfo
DeleteFileW
GetProcAddress
InterlockedCompareExchange
GetLocaleInfoW
lstrcpynW
RaiseException
WideCharToMultiByte
RemoveDirectoryW
SetFilePointer
GetFullPathNameW
ReadFile
GetEnvironmentVariableW
InterlockedExchange
CreateDirectoryW
WriteFile
GetCurrentProcess
CloseHandle
FindFirstFileW
GetACP
GetModuleHandleW
SignalObjectAndWait
SetEvent
FormatMessageW
LoadLibraryW
CreateEventW
GetVersion
LoadResource
FindResourceW
CreateFileW
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
VirtualAlloc
GetFileSize
SetLastError
ResetEvent
SysReAllocStringLen
SysFreeString
SysAllocStringLen
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
LoadStringW
MessageBoxA
CreateWindowExW
MsgWaitForMultipleObjects
TranslateMessage
CharUpperBuffW
CallWindowProcW
CharNextW
GetKeyboardType
ExitWindowsEx
DispatchMessageW
DestroyWindow
Number of PE resources by type
RT_ICON 6
RT_STRING 6
RT_RCDATA 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 10
NEUTRAL 9
PE resources
ExifTool file metadata
SubsystemVersion
5.0

Comments
This installation was built with Inno Setup.

InitializedDataSize
58368

ImageVersion
6.0

ProductName
USB Disk Security

FileVersionNumber
6.6.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Unicode

LinkerVersion
2.25

FileTypeExtension
exe

MIMEType
application/octet-stream

FileVersion
6.6.0.0

TimeStamp
2014:07:09 00:58:13-07:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
6.6.0.0

FileDescription
USB Disk Security Setup

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Zbshareware Lab

CodeSize
65024

FileSubtype
0

ProductVersionNumber
6.6.0.0

EntryPoint
0x113bc

ObjectFileType
Executable application

File identification
MD5 d9e7071623c26a11e2db868360651dab
SHA1 b36bbcb78cd8268a9f961d5dd5e4a899b9790475
SHA256 077bfbb56056becc2b984ee6c0eb487c02bf7c05f9e2f758655d6551e06a2736
ssdeep
196608:3rZEwMZlefOKWtqcpFVVNY4VwGrl9Y3FHkIRy4zdC9JCfGwqQzn0i+LmohV:1EfZlGOLqMTP9c3FRRrzdC9OQkkhV

authentihash 7b7213bda6c6a18b5f8e0788dcb246ccb4d472b0b5f1fbd7d9b45087c0db44a6
imphash 48aa5c8931746a9655524f67b25a47ef
File size 8.2 MB ( 8611512 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Delphi generic (42.4%)
Win32 Dynamic Link Library (generic) (19.7%)
Win32 Executable (generic) (13.5%)
Win16/32 Executable Delphi generic (6.2%)
OS/2 Executable (generic) (6.0%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2018-04-08 08:09:25 UTC ( 10 months, 2 weeks ago )
Last submission 2019-02-15 21:13:10 UTC ( 5 days, 6 hours ago )
File names USB Disk Security _ 6.6.0.0 Full Version.exe
USBGuard6.6.0.0 (2).exe
USB_Disk_Security_v6.6.0.0.exe
USB.Disk_Security.6.6.0.0.sanet.cd.exe
USBGuard6.6.0.0 (1).exe
077BFBB56056BECC2B984EE6C0EB487C02BF7C05F9E2F758655D6551E06A2736.exe
usb-disk-security_6-6-0_fr_178172.exe
USBGuard6.6.0.0.exe
USB_Disk_Security_v6.6.0.0(1).exe
usb-disk-security_6600.exe
USB Disk Security 6.6.0.exe
USB.Disk_Security.6.6.0.0.exe
USB.Disk_Security.6.6.0.0.rsload.net.exe
USB Disk Security 6.6.0.0.exe
6.6.0.0.exe
USBGuard6.6.0.0_2.exe
USB Disk Security USBGuard6.6.0.0.exe
setup.exe
USBGuard6.6.0.0 защита usb от вирусов.exe
ae6d19a24d0ee2537e5c43fc62022914312a4d6a
USBGuard6.6.0.0.exe
USBGuard6.6.0.0(1).exe
USBGuard6.6.0.0.exe
USBGuard6.6.0.0.exe
USB.Disk_Security.6.6.0.0.www.P30Day.com.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Runtime DLLs