× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0a20d6c063a0af925fa15bd13b954fb0f72804bc2cb5f10a7a0dcc3c0777756a
File name: setup.exe
Detection ratio: 0 / 55
Analysis date: 2015-10-10 17:55:34 UTC ( 3 years, 4 months ago ) View latest
Antivirus Result Update
Ad-Aware 20151010
AegisLab 20151010
Yandex 20151009
AhnLab-V3 20151010
Alibaba 20151010
ALYac 20151010
Antiy-AVL 20151010
Arcabit 20151010
Avast 20151010
AVG 20151010
AVware 20151010
Baidu-International 20151010
BitDefender 20151010
Bkav 20151010
ByteHero 20151010
CAT-QuickHeal 20151010
ClamAV 20151009
CMC 20151009
Comodo 20151010
Cyren 20151010
DrWeb 20151010
Emsisoft 20151010
ESET-NOD32 20151010
F-Prot 20151010
F-Secure 20151010
Fortinet 20151010
GData 20151010
Ikarus 20151010
Jiangmin 20151008
K7AntiVirus 20151010
K7GW 20151010
Kaspersky 20151010
Kingsoft 20151010
Malwarebytes 20151010
McAfee 20151010
McAfee-GW-Edition 20151010
Microsoft 20151010
eScan 20151010
NANO-Antivirus 20151010
nProtect 20151008
Panda 20151010
Qihoo-360 20151010
Rising 20151009
Sophos AV 20151010
SUPERAntiSpyware 20151010
Symantec 20151010
Tencent 20151010
TheHacker 20151010
TrendMicro 20151010
TrendMicro-HouseCall 20151010
VBA32 20151009
VIPRE 20151010
ViRobot 20151010
Zillya 20151010
Zoner 20151010
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Product Far Cry 4 Gold Edition
File version
Description Far Cry 4 Gold Edition Setup
Comments This installation was built with Inno Setup.
Packers identified
F-PROT INNO, UPX, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-10-02 05:04:04
Entry Point 0x00016478
Number of sections 8
PE sections
Overlays
MD5 2cca1bda3c1a187f6fd845a1f0b86413
File type data
Offset 614400
Size 2262130
Entropy 8.00
PE imports
RegCloseKey
OpenProcessToken
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControls
GetLastError
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
GetSystemInfo
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetThreadLocale
VirtualProtect
GetFileAttributesW
RtlUnwind
lstrlenW
GetLocalTime
CreateProcessW
DeleteCriticalSection
GetStartupInfoA
SizeofResource
GetWindowsDirectoryW
LocalAlloc
LockResource
GetDiskFreeSpaceW
GetCommandLineW
SetErrorMode
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetCPInfo
DeleteFileW
GetProcAddress
GetDateFormatW
InterlockedCompareExchange
GetLocaleInfoW
lstrcpynW
CompareStringW
RaiseException
WideCharToMultiByte
RemoveDirectoryW
SetFilePointer
GetFullPathNameW
ReadFile
GetEnvironmentVariableW
InterlockedExchange
CreateDirectoryW
WriteFile
GetCurrentProcess
CloseHandle
FindFirstFileW
GetACP
GetModuleHandleW
SignalObjectAndWait
SetEvent
FormatMessageW
LoadLibraryW
CreateEventW
GetExitCodeProcess
GetVersion
InitializeCriticalSection
LoadResource
FindResourceW
CreateFileW
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
LeaveCriticalSection
VirtualAlloc
GetFileSize
SetLastError
ResetEvent
VariantChangeType
SafeArrayGetLBound
SafeArrayPtrOfIndex
SysAllocStringLen
VariantClear
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
SysFreeString
VariantInit
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
LoadStringW
MessageBoxA
CreateWindowExW
MsgWaitForMultipleObjects
TranslateMessage
CharUpperBuffW
CallWindowProcW
CharNextW
GetKeyboardType
ExitWindowsEx
DispatchMessageW
DestroyWindow
Number of PE resources by type
RT_ICON 12
RT_STRING 6
RT_RCDATA 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 16
NEUTRAL 9
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
527360

EntryPoint
0x16478

MIMEType
application/octet-stream

TimeStamp
2012:10:02 06:04:04+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

ProductVersion
1.10.0

FileDescription
Far Cry 4 Gold Edition Setup

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
GMT-MAX.ORG

CodeSize
86016

ProductName
Far Cry 4 Gold Edition

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Execution parents
File identification
MD5 4143a6920c47e1838dc31aee170caf3c
SHA1 4a8fb016d2dba89f47b72edb6b75587a09932718
SHA256 0a20d6c063a0af925fa15bd13b954fb0f72804bc2cb5f10a7a0dcc3c0777756a
ssdeep
49152:SGlxS61LSC0JJrCn/DWU0oo9uPicpr6BBDsLl9cUF6F8RwnQ0iIDwjKSMYPWvr3Y:wEDqKPicpr6BSLLnRC5PDS9MYPWvM

authentihash 335be69aeffeb803a952456cddaf15316fa5fb5ab3fa76580bf28ce33dc8ff16
imphash 483f0c4259a9148c34961abbda6146c1
File size 2.7 MB ( 2876530 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Inno Setup installer (80.3%)
Win32 Executable Delphi generic (10.3%)
Win32 Executable (generic) (3.3%)
Win16/32 Executable Delphi generic (1.5%)
OS/2 Executable (generic) (1.4%)
Tags
peexe upx overlay

VirusTotal metadata
First submission 2015-10-10 17:55:34 UTC ( 3 years, 4 months ago )
Last submission 2018-03-28 03:29:51 UTC ( 10 months, 3 weeks ago )
File names setup.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Runtime DLLs