× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0a6e6305f3e2d71f1dec1af86d7877accd6f51e997a27a709e064f413a4137cb
File name: lcam-hd-en-552_setup.exe
Detection ratio: 0 / 68
Analysis date: 2017-11-16 15:37:17 UTC ( 1 year, 5 months ago ) View latest
Antivirus Result Update
Ad-Aware 20171116
AegisLab 20171116
AhnLab-V3 20171116
Alibaba 20170911
ALYac 20171116
Antiy-AVL 20171116
Arcabit 20171116
Avast 20171116
Avast-Mobile 20171116
AVG 20171116
Avira (no cloud) 20171116
AVware 20171116
Baidu 20171116
BitDefender 20171116
Bkav 20171116
CAT-QuickHeal 20171116
ClamAV 20171115
CMC 20171109
Comodo 20171116
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20171116
Cyren 20171116
DrWeb 20171116
eGambit 20171116
Emsisoft 20171116
Endgame 20171024
ESET-NOD32 20171116
F-Prot 20171116
F-Secure 20171116
Fortinet 20171116
GData 20171116
Ikarus 20171116
Sophos ML 20170914
Jiangmin 20171116
K7AntiVirus 20171116
K7GW 20171116
Kaspersky 20171116
Kingsoft 20171116
Malwarebytes 20171116
MAX 20171116
McAfee 20171116
McAfee-GW-Edition 20171116
Microsoft 20171116
eScan 20171116
NANO-Antivirus 20171116
nProtect 20171116
Palo Alto Networks (Known Signatures) 20171116
Panda 20171116
Qihoo-360 20171116
Rising 20171116
SentinelOne (Static ML) 20171113
Sophos AV 20171116
SUPERAntiSpyware 20171116
Symantec 20171116
Symantec Mobile Insight 20171116
Tencent 20171116
TheHacker 20171112
TotalDefense 20171116
TrendMicro 20171116
TrendMicro-HouseCall 20171116
Trustlook 20171116
VBA32 20171116
VIPRE 20171116
ViRobot 20171116
Webroot 20171116
WhiteArmor 20171104
Yandex 20171116
Zillya 20171116
ZoneAlarm by Check Point 20171116
Zoner 20171116
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.

Product InstallShield
Original name Setup.exe
Internal name Setup
File version 16.0.328
Description InstallScript Setup Launcher
Signature verification Signed file, verified signature
Signing date 2:25 PM 9/22/2017
Signers
[+] Rsupport Co., Ltd.
Status This certificate or one of the certificates in the certificate chain is not time valid., Trust for this certificate or one of the certificates in the certificate chain has been revoked.
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 12:00 AM 10/22/2015
Valid to 11:59 PM 10/21/2018
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 6D55ACB343A0401617CCEA07076C685AC171D147
Serial number 65 E6 AD E3 9A 41 70 72 3E CE 56 7D 63 5F E2 EB
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 12:00 AM 02/08/2010
Valid to 11:59 PM 02/07/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 12:00 AM 11/08/2006
Valid to 11:59 PM 07/16/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 12:00 AM 10/18/2012
Valid to 11:59 PM 12/29/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 12/21/2012
Valid to 11:59 PM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 01/01/1997
Valid to 11:59 PM 12/31/2020
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-06-10 17:24:16
Entry Point 0x0003D474
Number of sections 4
PE sections
Overlays
MD5 af00ee595edaf0b1947881b9dd2e27c5
File type data
Offset 801792
Size 41629016
Entropy 8.00
PE imports
RegDeleteKeyA
SetSecurityDescriptorOwner
LookupPrivilegeValueA
RegCloseKey
RegEnumValueA
RegQueryValueExA
AdjustTokenPrivileges
RegCreateKeyExA
SetSecurityDescriptorDacl
RegOpenKeyA
OpenProcessToken
RegOpenKeyExA
EqualSid
GetTokenInformation
OpenThreadToken
RegEnumKeyA
RegEnumKeyExA
FreeSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegSetValueExA
RegDeleteValueA
SetSecurityDescriptorGroup
GetDIBColorTable
SetMapMode
GetSystemPaletteEntries
CreateHalftonePalette
PlayMetaFile
SaveDC
TextOutA
CreateFontIndirectA
SetStretchBltMode
GetDeviceCaps
CreateDCA
TranslateCharsetInfo
DeleteDC
RestoreDC
SetBkMode
SetMetaFileBitsEx
SetPixel
SetWindowOrgEx
BitBlt
RealizePalette
SetTextColor
CreatePatternBrush
GetObjectA
CreateBitmap
CreatePalette
GetStockObject
CreateDIBitmap
SetViewportOrgEx
SelectPalette
UnrealizeObject
SelectClipRgn
CreateCompatibleDC
StretchBlt
CreateRectRgn
SelectObject
GetTextExtentPoint32A
PatBlt
SetWindowExtEx
CreateSolidBrush
SetViewportExtEx
SetBkColor
DeleteObject
CreateCompatibleBitmap
DeleteMetaFile
GetPrivateProfileSectionNamesA
GetStdHandle
ReleaseMutex
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
lstrcatA
SetErrorMode
FreeEnvironmentStringsW
GetThreadContext
SetStdHandle
GetFileTime
GetTempPathA
WideCharToMultiByte
GetStringTypeA
InterlockedExchange
WriteFile
GetDiskFreeSpaceA
GetStringTypeW
SetFileAttributesA
FreeLibrary
LocalFree
ResumeThread
GetEnvironmentVariableA
LoadResource
FindClose
InterlockedDecrement
FormatMessageA
SetLastError
VerLanguageNameA
InitializeCriticalSection
WriteProcessMemory
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
RaiseException
GetPrivateProfileStringA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FlushInstructionCache
CreateMutexA
GetModuleHandleA
CreateThread
SetUnhandledExceptionFilter
MulDiv
ExitThread
MoveFileExA
SetThreadContext
TerminateProcess
VirtualQuery
SearchPathA
GetVersion
LeaveCriticalSection
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
GetSystemDirectoryA
GetStartupInfoA
GetDateFormatA
GetFileSize
OpenProcess
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetEvent
GetProcAddress
VirtualProtectEx
GetProcessHeap
CompareStringW
lstrcmpA
FindFirstFileA
lstrcpyA
CompareStringA
GetTempFileNameA
CreateFileMappingA
FindNextFileA
DuplicateHandle
ExpandEnvironmentStringsA
RemoveDirectoryA
CreateEventA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
SystemTimeToFileTime
LCMapStringW
HeapCreate
GetSystemInfo
lstrlenA
GlobalFree
LCMapStringA
HeapReAlloc
GetProcessTimes
GlobalUnlock
GetEnvironmentStringsW
FindResourceExA
IsDBCSLeadByte
GlobalAlloc
lstrlenW
GetCPInfo
FileTimeToLocalFileTime
GetEnvironmentStrings
CompareFileTime
GetCurrentProcessId
LockResource
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
GetSystemDefaultLangID
QueryPerformanceFrequency
MapViewOfFile
SetFilePointer
ReadFile
CloseHandle
GetTimeFormatA
lstrcpynA
GetACP
GlobalLock
GetCurrentThreadId
FreeResource
SizeofResource
CreateProcessA
UnmapViewOfFile
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
VirtualAlloc
GetOEMCP
ResetEvent
LZCopy
LZClose
LZOpenFileA
VariantChangeType
SysStringLen
SysAllocStringLen
VariantClear
SysAllocString
SysReAllocStringLen
GetErrorInfo
SysFreeString
RpcStringFreeA
UuidToStringA
UuidCreate
ShellExecuteExA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
SetFocus
GetMessageA
SetDlgItemTextA
GetParent
MapDialogRect
ReleaseDC
SetPropA
EndDialog
BeginPaint
DrawIcon
CreateDialogIndirectParamA
DefWindowProcA
ShowWindow
DrawFocusRect
GetPropA
MapWindowPoints
SendDlgItemMessageA
GetSystemMetrics
IsWindow
GetWindowRect
InflateRect
EndPaint
UpdateWindow
PostMessageA
MoveWindow
EnumChildWindows
GetDlgItemTextA
CallWindowProcA
IntersectRect
MessageBoxA
PeekMessageA
GetWindowDC
SetWindowLongA
GetWindowLongA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
SetActiveWindow
GetDC
RegisterClassExA
SystemParametersInfoA
RemovePropA
SetWindowTextA
LoadStringA
IsWindowVisible
SendMessageA
GetWindowTextA
GetClientRect
CreateWindowExA
GetDlgItem
CreateDialogParamA
SetWindowPos
EnableMenuItem
ScreenToClient
InvalidateRect
wsprintfA
FindWindowExA
GetSysColor
LoadIconA
DrawTextA
FillRect
CopyRect
WaitForInputIdle
GetDesktopWindow
DispatchMessageA
LoadImageA
GetClassNameA
IsDialogMessageA
MsgWaitForMultipleObjects
EnableWindow
SetForegroundWindow
ExitWindowsEx
DialogBoxIndirectParamA
DestroyWindow
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Ord(136)
Ord(87)
Ord(8)
Ord(141)
Ord(168)
CoUninitialize
CoInitialize
CoInitializeSecurity
Number of PE resources by type
RT_STRING 25
RT_DIALOG 23
RT_ICON 11
RT_BITMAP 6
RT_GROUP_ICON 3
GIF 1
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 45
ENGLISH US 26
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
16.0.0.328

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
InstallScript Setup Launcher

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
385024

InternalBuildNumber
90563

OriginalFileName
Setup.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.

FileVersion
16.0.328

TimeStamp
2009:06:10 18:24:16+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Setup

ProductVersion
16.0

UninitializedDataSize
0

OSVersion
4.0

EntryPoint
0x3d474

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Acresso Software Inc.

CodeSize
415744

ProductName
InstallShield

ProductVersionNumber
16.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 0aca67be934f802a539c3898bbf1cea6
SHA1 8a7c7312df2c2f9391082e427a56b4cb692de300
SHA256 0a6e6305f3e2d71f1dec1af86d7877accd6f51e997a27a709e064f413a4137cb
ssdeep
786432:zU3hc4wza8Dtxgbp9qrpt5WKSketQzBRZ4/Cw6VSPFLIBuSHkuA:zURcDbtebp9qrpt5HSkjtRZw6VSPGBNG

authentihash 33368b4ef4441a59e45c515dea164384c425fc9dbe90dfbf97eb7d214ada9c82
imphash fc349687b82a59bedb5788849f9f2c0e
File size 40.5 MB ( 42430808 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID DirectShow filter (42.5%)
Windows ActiveX control (24.6%)
Win32 EXE PECompact compressed (v2.x) (12.4%)
Win32 EXE PECompact compressed (generic) (8.7%)
Win64 Executable (generic) (5.8%)
Tags
revoked-cert peexe signed overlay

VirusTotal metadata
First submission 2017-10-25 05:19:40 UTC ( 1 year, 5 months ago )
Last submission 2017-10-25 05:19:40 UTC ( 1 year, 5 months ago )
File names patch.exe
lcam-hd-en-552_setup.exe
Setup
lcam-hd-en-552_setup.exe
Setup.exe
lcam-hd-en-552_setup.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!