× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0c301c74d8591c3238f5e41e77a4384f7667aad6249893aa8ef7d58dd66ff79a
File name: powersuite-downloader.exe
Detection ratio: 0 / 61
Analysis date: 2017-06-02 18:37:04 UTC ( 1 year, 5 months ago ) View latest
Antivirus Result Update
Ad-Aware 20170602
AegisLab 20170602
AhnLab-V3 20170602
Alibaba 20170602
ALYac 20170602
Arcabit 20170602
Avast 20170602
AVG 20170602
Avira (no cloud) 20170602
AVware 20170602
Baidu 20170601
BitDefender 20170602
Bkav 20170602
CAT-QuickHeal 20170602
ClamAV 20170602
CMC 20170602
Comodo 20170602
CrowdStrike Falcon (ML) 20170420
Cyren 20170602
DrWeb 20170602
Emsisoft 20170602
Endgame 20170515
ESET-NOD32 20170602
F-Prot 20170602
F-Secure 20170602
Fortinet 20170602
GData 20170602
Ikarus 20170602
Sophos ML 20170519
Jiangmin 20170602
K7AntiVirus 20170602
K7GW 20170602
Kaspersky 20170602
Kingsoft 20170602
Malwarebytes 20170602
McAfee 20170602
McAfee-GW-Edition 20170602
Microsoft 20170602
eScan 20170602
NANO-Antivirus 20170602
nProtect 20170602
Palo Alto Networks (Known Signatures) 20170602
Panda 20170602
Qihoo-360 20170602
Rising 20170602
SentinelOne (Static ML) 20170516
Sophos AV 20170602
SUPERAntiSpyware 20170602
Symantec 20170602
Symantec Mobile Insight 20170601
Tencent 20170602
TheHacker 20170602
TotalDefense 20170602
TrendMicro 20170602
TrendMicro-HouseCall 20170602
Trustlook 20170602
VBA32 20170602
VIPRE 20170602
ViRobot 20170602
Webroot 20170602
WhiteArmor 20170601
Yandex 20170602
Zillya 20170602
ZoneAlarm by Check Point 20170602
Zoner 20170602
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 2011 Wondershare Corporation

Product PowerSuite Golden Downloader
Original name PowerSuite Golden Downloader.exe
Internal name PowerSuite Golden Downloader
File version 7, 0, 1, 2
Description Wondershare PowerSuite Golden Downloader
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-10-13 08:42:42
Entry Point 0x0002129C
Number of sections 5
PE sections
PE imports
InitCommonControlsEx
_TrackMouseEvent
GetDeviceCaps
GetBkColor
SelectObject
CreateBrushIndirect
GetStockObject
CreateFontIndirectA
SetBkMode
DeleteObject
SetTextColor
GetObjectA
GetStdHandle
GetConsoleOutputCP
WaitForSingleObject
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
FindResourceExA
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
GetOEMCP
LocalFree
MoveFileA
InitializeCriticalSection
LoadResource
TlsGetValue
FormatMessageA
SetLastError
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
EnumSystemLocalesA
GetUserDefaultLCID
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
SetFilePointerEx
GetModuleHandleA
CreateSemaphoreA
CreateThread
SetUnhandledExceptionFilter
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetFileSize
DeleteFileA
GlobalLock
GetProcessHeap
CompareStringW
GetFileSizeEx
CompareStringA
IsValidLocale
WaitForMultipleObjects
GetProcAddress
GetTimeZoneInformation
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
lstrlenA
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
SizeofResource
GetCurrentProcessId
LockResource
WideCharToMultiByte
HeapSize
GetCommandLineA
GetTempPathA
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
FreeResource
GetEnvironmentStrings
IsValidCodePage
HeapCreate
VirtualFree
Sleep
GetFileAttributesExA
FindResourceA
VirtualAlloc
VariantTimeToSystemTime
SystemTimeToVariantTime
SHCreateDirectoryExA
SHBrowseForFolderA
SHGetFolderPathA
SHGetPathFromIDListA
ShellExecuteA
Shell_NotifyIconA
PathIsRelativeA
PathFileExistsA
GetMessageA
GetParent
UpdateWindow
EndDialog
RegisterWindowMessageA
KillTimer
ShowWindow
DefWindowProcA
FindWindowA
SetWindowPos
GetSystemMetrics
GetWindowRect
DispatchMessageA
EndPaint
MoveWindow
MessageBoxA
GetWindowDC
SetWindowLongA
TranslateMessage
PostQuitMessage
GetDC
RegisterClassExA
DrawTextA
BeginPaint
SetWindowTextA
LoadStringA
GetLastActivePopup
SendMessageA
GetWindowTextA
GetClientRect
SetTimer
GetDlgItem
CreateDialogParamA
IsIconic
ScreenToClient
InvalidateRect
GetWindowLongA
FindWindowExA
CreateWindowExA
LoadCursorA
LoadIconA
FillRect
GetDesktopWindow
CallWindowProcA
ReleaseDC
SetForegroundWindow
SetCursor
socket
recv
send
WSACleanup
WSAStartup
gethostbyname
ioctlsocket
select
htons
closesocket
WSAGetLastError
connect
GdipCreateBitmapFromScan0
GdipDrawImageRectRect
GdiplusShutdown
GdipCreateFromHDC
GdiplusStartup
GdipLoadImageFromStream
GdipFree
GdipGetImageHeight
GdipAlloc
GdipCloneBitmapAreaI
GdipCloneImage
GdipReleaseDC
GdipDrawImageRect
GdipGetImageWidth
GdipDisposeImage
GdipDrawImageRectI
GdipDeleteGraphics
GdipGetImageGraphicsContext
CreateStreamOnHGlobal
Number of PE resources by type
PNG 6
RT_DIALOG 3
RT_ICON 3
RT_STRING 3
RT_MANIFEST 1
RT_ACCELERATOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 17
CHINESE SIMPLIFIED 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.0.1.2

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

FileDescription
Wondershare PowerSuite Golden Downloader

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
138240

EntryPoint
0x2129c

OriginalFileName
PowerSuite Golden Downloader.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2011 Wondershare Corporation

FileVersion
7, 0, 1, 2

TimeStamp
2011:10:13 09:42:42+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
PowerSuite Golden Downloader

ProductVersion
7, 0, 1, 2

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Wondershare

CodeSize
232960

ProductName
PowerSuite Golden Downloader

ProductVersionNumber
7.0.1.2

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 2d4e73d38623f71fd2112b3abc6722c3
SHA1 441c9937788f5a9baa30ac4af80e7682bd4e12f0
SHA256 0c301c74d8591c3238f5e41e77a4384f7667aad6249893aa8ef7d58dd66ff79a
ssdeep
6144:W+ni3YRv5SeW3ErqsGJUYrdXHE8h9HmvDIC:WN3YR4eWUfJYRfhRyDI

authentihash 0ae5705e7b859ffbc73688235f22b167c04d7ebdc224bb630aa6335f6240cdc5
imphash f36790688e73af40fc23691c09dca5e9
File size 363.5 KB ( 372224 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2012-03-05 03:11:17 UTC ( 6 years, 8 months ago )
Last submission 2018-11-04 06:24:15 UTC ( 2 weeks, 2 days ago )
File names file-4184095_exe
Wondershare PowerSuite Golden.exe
PowerSuite Golden Downloader
PowerSuite Golden Downloader.exe
powersuite-downloader.exe
0C301C74D8591C3238F5E41E77A4384F7667AAD6249893AA8EF7D58DD66FF79A.exe
powersuite-downloader.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!