× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 083885215faf412b97ccd38e6f09ef3f3310af1cc22399edd584ada99e7168b1
File name: Mulberry.msi
Detection ratio: 0 / 54
Analysis date: 2017-01-28 18:18:04 UTC ( 1 year, 11 months ago ) View latest
Antivirus Result Update
Ad-Aware 20170128
AegisLab 20170128
AhnLab-V3 20170128
Alibaba 20170122
ALYac 20170128
Antiy-AVL 20170128
Arcabit 20170128
Avast 20170128
AVG 20170128
Avira (no cloud) 20170128
AVware 20170128
Baidu 20170125
BitDefender 20170128
CAT-QuickHeal 20170128
ClamAV 20170128
CMC 20170128
Comodo 20170128
CrowdStrike Falcon (ML) 20161024
Cyren 20170128
DrWeb 20170128
Emsisoft 20170128
ESET-NOD32 20170128
F-Prot 20170128
F-Secure 20170128
Fortinet 20170128
GData 20170128
Ikarus 20170128
Sophos ML 20170111
Jiangmin 20170128
K7AntiVirus 20170128
K7GW 20170128
Kaspersky 20170128
Kingsoft 20170128
Malwarebytes 20170128
McAfee 20170128
McAfee-GW-Edition 20170128
Microsoft 20170128
eScan 20170128
NANO-Antivirus 20170128
nProtect 20170128
Panda 20170128
Qihoo-360 20170128
Rising 20170128
Sophos AV 20170128
SUPERAntiSpyware 20170128
Symantec 20170127
Tencent 20170128
TheHacker 20170128
TotalDefense 20170128
TrendMicro 20170128
TrendMicro-HouseCall 20170128
Trustlook 20170128
VBA32 20170127
VIPRE 20170128
ViRobot 20170128
WhiteArmor 20170123
Yandex 20170127
Zillya 20170128
Zoner 20170128
The file being studied is a Windows Installer file! These types of files are software components used for the installation, maintenance, and removal of software on modern Microsoft Windows systems.
OLE structured storage summary
creation_datetime
1999-06-21 08:00:00
author
Cyrus Daboo
title
Mulberry
page_count
200
word_count
2
last_saved
2007-03-07 06:31:57
revision_number
{284228C3-FBC4-452B-BA1D-DB97BFA8F9A0}
last_printed
2007-03-07 06:31:57
application_name
Windows Installer
security
1
template
Intel;1033
code_page
Latin I
comments
Mulberry email client
OLE Streams
name
Root Entry
clsid
000c1084-0000-0000-c000-000000000046
type_literal
root
clsid_literal
on
sid
0
size
16384
type_literal
stream
sid
1
name
\x05SummaryInformation
size
436
type_literal
stream
sid
52
name
\u3abf\u3a48\u3bc3\u3b87\u39c8\u3acb\u3848\u3b47\u39cc\u3a07\u3b47\u394a\u3bcf\u3808\u3b84\u398b\u480b
size
13619151
type_literal
stream
sid
25
name
\u4192\u4472\u47fe\u3803\u3848\u380a\u3a03\u3844\u384b\u3a48\u39c2\u3884\u39c8\u394e\u423e\u423b
size
10134
type_literal
stream
sid
27
name
\u4192\u4472\u47fe\u3b47\u3acf\u3b4d\u3b4d\u3a44\u3809\u3b81\u3b8a\u380b\u3b05\u3ac1\u423e\u423b
size
10134
type_literal
stream
sid
23
name
\u4192\u4472\u47fe\u3bc6\u3bce\u3a4f\u398b\u3888\u3a01\u3844\u3bc7\u3a09\u394f\u3a44\u423e\u423b
size
25214
type_literal
stream
sid
40
name
\u430b\u4131\u4735\u3b7e\u4268\u410b\u4471\u4568\u430b\u4437\u44e4
size
5088
type_literal
stream
sid
19
name
\u430b\u4131\u4735\u3dbe\u3fdc\u3b4b\u3b19\u3b4a\u3d55
size
214016
type_literal
stream
sid
38
name
\u430b\u4131\u4735\u3dfe\u46a8\u43cf\u4567\u45cb\u4831
size
318
type_literal
stream
sid
42
name
\u430b\u4131\u4735\u3f3e\u45bb\u445e\u446c\u45f6\u43e4\u3b2f\u480a
size
24576
type_literal
stream
sid
37
name
\u430b\u4131\u4735\u3fbe\u3bf3\u41ef\u3af5\u4477
size
318
type_literal
stream
sid
21
name
\u430b\u4131\u4735\u3ffe\u3b5c\u3b97\u3b1d\u3c0f
size
11225
type_literal
stream
sid
36
name
\u430b\u4131\u4735\u47fe\u3807\u38ca\u3a46\u3884\u3983\u3ac2\u3805\u3940\u3a85\u38cd\u3a4d\u3bc7\u3941\u3bc4\u3846\u3b4d
size
418614
type_literal
stream
sid
4
name
\u4840\u3b3f\u43f2\u4438\u45b1
size
3392
type_literal
stream
sid
39
name
\u4840\u3c9e\u421d\u45fb
size
204
type_literal
stream
sid
6
name
\u4840\u3f3f\u4577\u446c\u3b6a\u45e4\u4824
size
76815
type_literal
stream
sid
5
name
\u4840\u3f3f\u4577\u446c\u3e6a\u44b2\u482f
size
7736
type_literal
stream
sid
3
name
\u4840\u3f7f\u4164\u422f\u4836
size
182
type_literal
stream
sid
17
name
\u4840\u3fff\u41f6\u4115\u4478\u42e6\u448c\u41f1\u45ec\u44ac\u4831
size
6
type_literal
stream
sid
2
name
\u4840\u3fff\u43e4\u41ec\u45e4\u44ac\u4831
size
10560
type_literal
stream
sid
35
name
\u4840\u411b\u4327\u3af2\u45f8\u44b7\u4831
size
180
type_literal
stream
sid
22
name
\u4840\u4192\u4472
size
12
type_literal
stream
sid
14
name
\u4840\u41ca\u4330\u3bb1\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
102
type_literal
stream
sid
16
name
\u4840\u41ca\u4330\u3fb1\u3f12\u4528\u4238\u41b1\u4828
size
120
type_literal
stream
sid
13
name
\u4840\u41ca\u45f9\u46ce\u41a8\u45f8\u3f28\u4528\u4238\u41b1\u4828
size
144
type_literal
stream
sid
50
name
\u4840\u420f\u45e4\u4578\u3b28\u4432\u44b3\u4231\u45f1\u4836
size
524
type_literal
stream
sid
7
name
\u4840\u420f\u45e4\u4578\u4828
size
16
type_literal
stream
sid
51
name
\u4840\u4216\u4327\u4824
size
12
type_literal
stream
sid
44
name
\u4840\u421b\u432a\u45f6\u4735
size
96
type_literal
stream
sid
33
name
\u4840\u421d\u45fb\u45dc\u43fc\u4828
size
48
type_literal
stream
sid
26
name
\u4840\u42dc\u4572\u41b7\u45f8
size
48
type_literal
stream
sid
18
name
\u4840\u430b\u4131\u4735
size
28
type_literal
stream
sid
10
name
\u4840\u430d\u4235\u45e6\u4572\u483c
size
270
type_literal
stream
sid
32
name
\u4840\u430d\u43e4\u42b2
size
616
type_literal
stream
sid
9
name
\u4840\u430f\u422f
size
2808
type_literal
stream
sid
12
name
\u4840\u4452\u45f6\u43e4\u3baf\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
474
type_literal
stream
sid
15
name
\u4840\u4452\u45f6\u43e4\u3faf\u3f12\u4528\u4238\u41b1\u4828
size
180
type_literal
stream
sid
8
name
\u4840\u448c\u44f0\u4472\u4468\u4837
size
1572
type_literal
stream
sid
30
name
\u4840\u448c\u45f1\u44b5\u3b2f\u4472\u4327\u4337\u4472
size
640
type_literal
stream
sid
31
name
\u4840\u448c\u45f1\u44b5\u3baf\u4239\u45f1
size
1236
type_literal
stream
sid
29
name
\u4840\u448c\u45f1\u44b5\u482f
size
6136
type_literal
stream
sid
49
name
\u4840\u4496\u4627\u422f\u420d\u4233\u41f1\u4468\u4726
size
20
type_literal
stream
sid
28
name
\u4840\u4496\u4627\u422f\u431c\u446a\u45e4\u4578\u4828
size
126
type_literal
stream
sid
48
name
\u4840\u4496\u4627\u422f\u448c\u44f0\u4472\u4468\u45b7
size
72
type_literal
stream
sid
24
name
\u4840\u44de\u456a\u41e4\u4828
size
32
type_literal
stream
sid
20
name
\u4840\u4559\u44f2\u4568\u4737
size
184
type_literal
stream
sid
47
name
\u4840\u4596\u3aac\u45b6\u4428\u43e5\u3dfc\u4424\u4828
size
120
type_literal
stream
sid
46
name
\u4840\u4596\u3aac\u45b6\u4428\u43e5\u483c
size
40
type_literal
stream
sid
41
name
\u4840\u4596\u3bec\u43ec\u3c68\u45a4\u482b
size
320
type_literal
stream
sid
45
name
\u4840\u4596\u3f2c\u3b0f\u470b\u4133\u45b6
size
74
type_literal
stream
sid
11
name
\u4840\u460c\u45f6\u4432\u418a\u4337\u4472
size
128
type_literal
stream
sid
34
name
\u4840\u464e\u4468\u3db7\u44e4\u4333\u42b1
size
208
type_literal
stream
sid
43
name
\u4840\u46dc\u3db6\u4436\u4210\u3b31\u4432\u44b3\u4231\u45f1\u4836
size
40
ExifTool file metadata
MIMEType
image/vnd.fpx

ModifyDate
2007:03:07 05:31:57

Template
Intel;1033

Title
Mulberry

FileType
FPX

Author
Cyrus Daboo

Comments
Mulberry email client

CodePage
Windows Latin 1 (Western European)

FileTypeExtension
fpx

Words
2

CreateDate
1999:06:21 07:00:00

LastPrinted
2007:03:07 05:31:57

Security
Password protected

Pages
200

RevisionNumber
{284228C3-FBC4-452B-BA1D-DB97BFA8F9A0}

Software
Windows Installer

File identification
MD5 d49910ca4dd8001ded726172e8c04a3a
SHA1 bfa4b20598ffe7b1b61a906c258746e970b423a4
SHA256 083885215faf412b97ccd38e6f09ef3f3310af1cc22399edd584ada99e7168b1
ssdeep
393216:P6id4q9uCfuYwDTWS9tbfPGth8zdGAuI9BDS3Nn:P6BgucuYItbnGh8QAuIPDSd

File size 13.9 MB ( 14581248 bytes )
File type Windows Installer
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 5.0, Create Time/Date: Sun Jun 20 07:00:00 1999, Name of Creating Application: Windows Installer, Security: 1, Code page: 1252, Template: Intel

TrID Microsoft Windows Installer (89.6%)
Windows Installer Patch (8.7%)
Generic OLE2 / Multistream Compound File (1.5%)
Tags
msi

VirusTotal metadata
First submission 2013-01-19 04:59:08 UTC ( 6 years ago )
Last submission 2018-02-15 05:27:31 UTC ( 11 months, 1 week ago )
File names Mulberry-v4.0.9a1.msi
1029846
1ac40f.msi
Mulberry.msi
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!