× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 078f72c2e4c686d0bd3f27055603f761dfc9df4ddbcaf06eb139e78157f1bf69
File name: PCRemoteSetup.msi
Detection ratio: 0 / 60
Analysis date: 2018-01-13 06:51:02 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
Ad-Aware 20180113
AegisLab 20180113
AhnLab-V3 20180112
Alibaba 20180113
ALYac 20180113
Antiy-AVL 20180113
Arcabit 20180113
Avast 20180113
Avast-Mobile 20180112
AVG 20180113
Avira (no cloud) 20180112
AVware 20180103
Baidu 20180112
BitDefender 20180113
Bkav 20180112
CAT-QuickHeal 20180112
ClamAV 20180113
CMC 20180111
Comodo 20180113
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20180113
Cyren 20180113
DrWeb 20180113
eGambit 20180113
Emsisoft 20180113
Endgame 20171130
ESET-NOD32 20180113
F-Prot 20180113
F-Secure 20180113
Fortinet 20180113
GData 20180113
Ikarus 20180112
Sophos ML 20170914
Jiangmin 20180113
K7AntiVirus 20180113
K7GW 20180112
Kaspersky 20180113
Kingsoft 20180113
Malwarebytes 20180113
MAX 20180113
McAfee 20180113
McAfee-GW-Edition 20180113
Microsoft 20180113
eScan 20180113
NANO-Antivirus 20180113
nProtect 20180113
Palo Alto Networks (Known Signatures) 20180113
Panda 20180112
Qihoo-360 20180113
Rising 20180113
SentinelOne (Static ML) 20171224
Sophos AV 20180113
SUPERAntiSpyware 20180113
Symantec 20180112
Symantec Mobile Insight 20180112
Tencent 20180113
TheHacker 20180112
TotalDefense 20180113
TrendMicro 20180113
TrendMicro-HouseCall 20180113
Trustlook 20180113
VBA32 20180112
VIPRE 20180113
ViRobot 20180113
Webroot 20180113
WhiteArmor 20180110
Yandex 20180112
Zillya 20180112
ZoneAlarm by Check Point 20180113
Zoner 20180113
The file being studied is a Windows Installer file! These types of files are software components used for the installation, maintenance, and removal of software on modern Microsoft Windows systems.
Authenticode signature block
Signature verification Signed file, verified signature
Signing date 10:19 AM 10/12/2014
Signers
[+] PC Remote
Status This certificate or one of the certificates in the certificate chain is not time valid.
Valid from 11:05 PM 5/6/2014
Valid to 11:05 PM 5/6/2015
Valid usage Code Signing
Algorithm sha256RSA
Thumbrint 543610EFB07A4258BAEF8A333D76576CEA017CCD
Serial number 2B 2F 2D CB BD 5B 48
[+] Go Daddy Secure Certificate Authority - G2
Status Valid
Valid from 8:00 AM 5/3/2011
Valid to 8:00 AM 5/3/2031
Valid usage All
Algorithm sha256RSA
Thumbrint 27AC9369FAF25207BB2627CEFACCBE4EF9C319B8
Serial number 07
[+] Go Daddy Root Certificate Authority – G2
Status Valid
Valid from 1:00 AM 9/1/2009
Valid to 12:59 AM 1/1/2038
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha256RSA
Thumbrint 47BEABC922EAE80E78783462A79F45C254FDE68B
Serial number 00
Counter signers
[+] Starfield Timestamp Authority - G2
Status Valid
Valid from 8:00 AM 4/1/2014
Valid to 8:00 AM 4/1/2019
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint C1ECE31AD10ED55433A735AAE0295AB82E3D0B0C
Serial number 1E 8D FE
[+] Starfield Root Certificate Authority – G2
Status Valid
Valid from 1:00 AM 9/1/2009
Valid to 12:59 AM 1/1/2038
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha256RSA
Thumbrint B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E
Serial number 00
OLE structured storage summary
creation_datetime
2014-10-12 10:20:40
author
PC Remote
comments
Copyright PC Remote Partnership
title
Installation Database
page_count
100
word_count
2
application_name
Windows Installer XML (3.6.3303.0)
last_saved
2014-10-12 10:20:40
revision_number
{B75749D5-FCFC-4343-BE72-3C7BF0CB1D9E}
keywords
Installer
security
2
template
Intel;1033
code_page
Latin I
subject
PC Remote Server - Installer
OLE Streams
name
Root Entry
clsid
000c1084-0000-0000-c000-000000000046
type_literal
root
clsid_literal
on
sid
0
size
19008
type_literal
stream
size
5385
name
\x05DigitalSignature
sid
50
type_literal
stream
size
20
name
\x05MsiDigitalSignatureEx
sid
49
type_literal
stream
size
488
name
\x05SummaryInformation
sid
2
type_literal
stream
size
668981
name
\u411c\u44f0\u422f\u41be\u4164
sid
1
type_literal
stream
size
99678
name
\u4192\u4472\u3e7e\u3ecc\u4428\u45f2\u3ca8\u44a6\u47b1\u46e8\u4828
sid
30
type_literal
stream
size
167424
name
\u430b\u4131\u4735\u403e\u46ec\u3a8c
sid
16
type_literal
stream
size
2746
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3aff\u4464\u4231\u4835
sid
10
type_literal
stream
size
68468
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3b7f\u412c\u44af\u482a
sid
11
type_literal
stream
size
318
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3dff\u46a8
sid
14
type_literal
stream
size
318
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3fbf\u4833
sid
15
type_literal
stream
size
766
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3cbf\u44a6\u3bbf\u41bb\u412f\u4830
sid
12
type_literal
stream
size
1078
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3cbf\u44a6\u3cbf\u4271\u4832
sid
13
type_literal
stream
size
68096
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u4320\u41bb\u4824
sid
9
type_literal
stream
size
1496
name
\u4840\u3b3f\u43f2\u4438\u45b1
sid
46
type_literal
stream
size
204
name
\u4840\u3c9e\u421d\u45fb
sid
43
type_literal
stream
size
34392
name
\u4840\u3f3f\u4577\u446c\u3b6a\u45e4\u4824
sid
48
type_literal
stream
size
3228
name
\u4840\u3f3f\u4577\u446c\u3e6a\u44b2\u482f
sid
47
type_literal
stream
size
72
name
\u4840\u3f7f\u4164\u422f\u4836
sid
45
type_literal
stream
size
4536
name
\u4840\u3fff\u43e4\u41ec\u45e4\u44ac\u4831
sid
3
type_literal
stream
size
8
name
\u4840\u4115\u4478\u42e6\u448c\u41f1\u45ec\u44ac\u4831
sid
33
type_literal
stream
size
36
name
\u4840\u411b\u4327\u3af2\u45f8\u44b7\u4831
sid
37
type_literal
stream
size
4
name
\u4840\u4192\u4472
sid
29
type_literal
stream
size
48
name
\u4840\u41ca\u4330\u3bb1\u423b\u4626\u4237\u421c\u4634\u4468\u4226
sid
4
type_literal
stream
size
42
name
\u4840\u41ca\u4330\u3fb1\u3f12\u4528\u4238\u41b1\u4828
sid
5
type_literal
stream
size
48
name
\u4840\u41ca\u45f9\u46ce\u41a8\u45f8\u3f28\u4528\u4238\u41b1\u4828
sid
6
type_literal
stream
size
32
name
\u4840\u420f\u45e4\u4578\u3b28\u4432\u44b3\u4231\u45f1\u4836
sid
27
type_literal
stream
size
16
name
\u4840\u420f\u45e4\u4578\u4828
sid
26
type_literal
stream
size
14
name
\u4840\u4216\u4327\u4824
sid
34
type_literal
stream
size
10
name
\u4840\u421b\u3d6a\u41b2\u45e4\u4572
sid
39
type_literal
stream
size
84
name
\u4840\u421b\u432a\u45f6\u4735
sid
38
type_literal
stream
size
10
name
\u4840\u421b\u44b0\u4239\u430f\u422f
sid
40
type_literal
stream
size
36
name
\u4840\u421d\u45fb\u45dc\u43fc\u4828
sid
42
type_literal
stream
size
8
name
\u4840\u42cc\u41a8\u3aee\u46f2
sid
17
type_literal
stream
size
64
name
\u4840\u42dc\u4572\u41b7\u45f8
sid
41
type_literal
stream
size
32
name
\u4840\u430b\u4131\u4735
sid
8
type_literal
stream
size
42
name
\u4840\u430d\u4235\u45e6\u4572\u483c
sid
24
type_literal
stream
size
396
name
\u4840\u430d\u43e4\u42b2
sid
23
type_literal
stream
size
100
name
\u4840\u430f\u422f
sid
28
type_literal
stream
size
150
name
\u4840\u4452\u45f6\u43e4\u3baf\u423b\u4626\u4237\u421c\u4634\u4468\u4226
sid
31
type_literal
stream
size
108
name
\u4840\u4452\u45f6\u43e4\u3faf\u3f12\u4528\u4238\u41b1\u4828
sid
32
type_literal
stream
size
96
name
\u4840\u448c\u44f0\u4472\u4468\u4837
sid
18
type_literal
stream
size
536
name
\u4840\u448c\u45f1\u44b5\u3b2f\u4472\u4327\u4337\u4472
sid
20
type_literal
stream
size
1416
name
\u4840\u448c\u45f1\u44b5\u3baf\u4239\u45f1
sid
21
type_literal
stream
size
4628
name
\u4840\u448c\u45f1\u44b5\u482f
sid
19
type_literal
stream
size
4
name
\u4840\u44ca\u3f33\u4128\u41b5\u482b
sid
7
type_literal
stream
size
32
name
\u4840\u44de\u456a\u41e4\u4828
sid
44
type_literal
stream
size
76
name
\u4840\u4559\u44f2\u4568\u4737
sid
36
type_literal
stream
size
20
name
\u4840\u4596\u3bec\u43ec\u3c68\u45a4\u482b
sid
35
type_literal
stream
size
36
name
\u4840\u460c\u45f6\u4432\u418a\u4337\u4472
sid
22
type_literal
stream
size
32
name
\u4840\u464e\u4468\u3db7\u44e4\u4333\u42b1
sid
25
ExifTool file metadata
MIMEType
image/vnd.fpx

ModifyDate
2014:10:12 09:20:40

Words
2

Author
PC Remote

FileType
FPX

Title
Installation Database

Comments
Copyright PC Remote Partnership

Pages
100

FileTypeExtension
fpx

Template
Intel;1033

Keywords
Installer

CreateDate
2014:10:12 09:20:40

Security
Read-only recommended

Subject
PC Remote Server - Installer

CodePage
Windows Latin 1 (Western European)

RevisionNumber
{B75749D5-FCFC-4343-BE72-3C7BF0CB1D9E}

Software
Windows Installer XML (3.6.3303.0)

File identification
MD5 2e62a656aace90995cdcf9039c9bfc8f
SHA1 cbd233747c6faeaa5508131dba4fbdcf708daf01
SHA256 078f72c2e4c686d0bd3f27055603f761dfc9df4ddbcaf06eb139e78157f1bf69
ssdeep
12288:tNpUJ/ypMdeQf0vvtKLppSiJfEXU1uNLnS6Gg52l8Iv75dkx9NXWPQZMrW+9q1IQ:9PPYpS4h1CnKa+kx9NXWP2wW1IWr

File size 1.1 MB ( 1183744 bytes )
File type Windows Installer
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1252, Title: Installation Database, Subject: PC Remote Server - Installer, Author: PC Remote, Keywords: Installer, Comments: Copyright PC Remote Partnership, Template: Intel

TrID Microsoft Windows Installer (89.6%)
Windows Installer Patch (8.7%)
Generic OLE2 / Multistream Compound File (1.5%)
Tags
msi signed

VirusTotal metadata
First submission 2014-10-14 19:41:36 UTC ( 4 years, 5 months ago )
Last submission 2019-01-05 17:23:40 UTC ( 2 months, 1 week ago )
File names PCRemoteSetup.msi
PCRemoteSetup.msi
file-7606402_msi
a0eea8.msi
PCRemoteSetup.msi
PCRemoteSetup (3).msi
PCRemoteSetup(1).msi
filename
PCRemoteSetup.msi
b5fae.msi
5be543e.msi
PCRemoteSetup (1).msi
174a721.msi
741936
PC Remote A Windows Phone.msi
65ac11a.msi
PCRemoteSetup.msi
9e156d.msi
900140
c936d.msi
12f3b73.msi
1d9eb01.msi
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!