× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0d9b0a9ffd2a2933d7b23b03885e5bbc3c6455ec59bde26b4193bce317f25716
File name: JPEGmicroSetup.exe
Detection ratio: 0 / 65
Analysis date: 2018-09-17 00:48:09 UTC ( 2 months ago )
Antivirus Result Update
Ad-Aware 20180913
AegisLab 20180916
AhnLab-V3 20180916
Alibaba 20180713
ALYac 20180916
Antiy-AVL 20180916
Arcabit 20180916
Avast 20180916
Avast-Mobile 20180916
AVG 20180916
Avira (no cloud) 20180916
AVware 20180916
Babable 20180907
Baidu 20180914
BitDefender 20180916
Bkav 20180915
CAT-QuickHeal 20180915
ClamAV 20180916
CMC 20180916
Comodo 20180917
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180917
Cyren 20180916
DrWeb 20180916
eGambit 20180917
Emsisoft 20180916
Endgame 20180730
ESET-NOD32 20180917
F-Prot 20180916
F-Secure 20180916
Fortinet 20180916
GData 20180916
Sophos ML 20180717
Jiangmin 20180916
K7AntiVirus 20180916
K7GW 20180916
Kaspersky 20180916
Kingsoft 20180917
Malwarebytes 20180916
MAX 20180917
McAfee 20180916
McAfee-GW-Edition 20180917
Microsoft 20180916
eScan 20180916
NANO-Antivirus 20180917
Palo Alto Networks (Known Signatures) 20180917
Panda 20180916
Qihoo-360 20180917
Rising 20180916
SentinelOne (Static ML) 20180830
Sophos AV 20180916
SUPERAntiSpyware 20180907
Symantec 20180916
Symantec Mobile Insight 20180911
TACHYON 20180917
Tencent 20180917
TheHacker 20180914
TotalDefense 20180915
TrendMicro 20180917
TrendMicro-HouseCall 20180917
Trustlook 20180917
VBA32 20180914
VIPRE 20180917
ViRobot 20180916
Webroot 20180917
Yandex 20180915
Zillya 20180914
Zoner 20180916
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2013 Flexera Software LLC. All Rights Reserved.

Product JPEGmicro
Original name InstallShield Setup.exe
Internal name Setup
File version 2.4
Description Setup Launcher Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-10-30 06:48:02
Entry Point 0x0006B0FB
Number of sections 4
PE sections
Overlays
MD5 91df1af19e13e0b313d32b09aa262c26
File type data
Offset 1216512
Size 7324400
Entropy 8.00
PE imports
SetSecurityDescriptorOwner
RegCreateKeyExW
RegCloseKey
RegCreateKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
SetSecurityDescriptorDacl
OpenProcessToken
RegEnumKeyW
RegOpenKeyW
GetTokenInformation
RegQueryInfoKeyW
RegEnumKeyExW
OpenThreadToken
RegEnumValueW
RegSetValueExW
FreeSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
EqualSid
SetSecurityDescriptorGroup
GetDIBColorTable
GetSystemPaletteEntries
CreateHalftonePalette
GetDeviceCaps
TranslateCharsetInfo
DeleteDC
SetBkMode
CreateFontIndirectW
GetObjectW
BitBlt
RealizePalette
SetTextColor
CreatePalette
GetStockObject
CreateDIBitmap
SelectPalette
UnrealizeObject
CreateCompatibleDC
CreateFontW
SelectObject
CreateSolidBrush
DeleteObject
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
SetEvent
HeapDestroy
GetFileAttributesW
DuplicateHandle
GetLocalTime
HeapAlloc
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
lstrcatW
GetThreadContext
GetLocaleInfoW
SetStdHandle
GetFileTime
GetCPInfo
GetStringTypeA
GetDiskFreeSpaceW
InterlockedExchange
FindResourceExW
WaitForSingleObject
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetExitCodeProcess
LocalFree
FormatMessageW
ResumeThread
CreateEventW
LoadResource
FindClose
InterlockedDecrement
MoveFileW
SetFileAttributesW
GetEnvironmentVariableW
SetLastError
InitializeCriticalSection
CopyFileW
GetUserDefaultLangID
RemoveDirectoryW
IsDebuggerPresent
ExitProcess
VerLanguageNameW
GetModuleFileNameA
LoadLibraryA
QueryPerformanceFrequency
EnumSystemLocalesA
SetConsoleCtrlHandler
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
FatalAppExitA
FlushInstructionCache
GetPrivateProfileStringW
SetFilePointer
CreateThread
MoveFileExW
GetSystemDirectoryW
GetExitCodeThread
SetUnhandledExceptionFilter
MulDiv
SetEnvironmentVariableA
SetThreadContext
TerminateProcess
SearchPathW
WriteConsoleA
SetCurrentDirectoryW
GlobalAlloc
SetEndOfFile
GetVersion
InterlockedIncrement
WriteConsoleW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
lstrcmpiW
RtlUnwind
GetStartupInfoA
GetDateFormatA
GetWindowsDirectoryW
GetFileSize
WriteProcessMemory
OpenProcess
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
VirtualProtectEx
GetProcessHeap
GetTempFileNameW
CreateFileMappingW
WriteFile
CompareStringW
lstrcpyW
GetModuleFileNameW
ExpandEnvironmentStringsW
lstrcmpA
FindNextFileW
lstrcpyA
GetTimeFormatA
ResetEvent
FindFirstFileW
IsValidLocale
lstrcmpW
GetProcAddress
GetTempPathW
GetCurrentDirectoryW
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
GetCurrentThreadId
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
LCMapStringW
UnmapViewOfFile
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GetTimeFormatW
GetProcessTimes
GetEnvironmentStringsW
GlobalUnlock
VirtualQuery
lstrlenW
Process32NextW
CreateProcessW
SizeofResource
CompareFileTime
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
WideCharToMultiByte
HeapSize
Process32FirstW
GetCurrentThread
lstrcpynW
GetSystemDefaultLangID
RaiseException
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
lstrcpynA
GetACP
GlobalLock
GetModuleHandleW
TlsGetValue
IsValidCodePage
HeapCreate
FindResourceW
VirtualFree
Sleep
IsBadReadPtr
VirtualAlloc
GetOEMCP
CompareStringA
VarUI4FromStr
VariantChangeType
SysStringLen
SystemTimeToVariantTime
VarBstrFromDate
CreateErrorInfo
SysStringByteLen
VarBstrCat
VariantClear
SysAllocStringLen
SysAllocStringByteLen
SysReAllocStringLen
RegisterTypeLib
SysAllocString
GetErrorInfo
SysFreeString
LoadTypeLib
SetErrorInfo
UuidFromStringW
UuidCreate
UuidToStringW
RpcStringFreeW
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetMalloc
CommandLineToArgvW
SetFocus
EndPaint
CreateDialogIndirectParamW
IntersectRect
EndDialog
BeginPaint
SetWindowTextW
TranslateMessage
DefWindowProcW
MoveWindow
KillTimer
CharPrevW
PostQuitMessage
ShowWindow
GetMessageW
SetWindowPos
wvsprintfW
GetDesktopWindow
GetSystemMetrics
SetWindowLongW
IsWindow
PeekMessageW
GetWindowRect
EnableWindow
CharUpperW
GetWindowDC
SendDlgItemMessageW
GetWindow
PostMessageW
GetSysColor
DispatchMessageW
SetActiveWindow
GetDC
CreateDialogParamW
ReleaseDC
GetDlgCtrlID
SendMessageW
RegisterClassW
wsprintfW
SubtractRect
SetTimer
GetDlgItem
GetDlgItemTextW
MessageBoxW
FindWindowW
ClientToScreen
SetRect
CharNextW
LoadImageW
IsDialogMessageW
FillRect
GetClientRect
WaitForInputIdle
SetDlgItemTextW
GetSysColorBrush
DialogBoxIndirectParamW
LoadCursorW
LoadIconW
CreateWindowExW
MsgWaitForMultipleObjects
GetWindowLongW
SetForegroundWindow
DestroyWindow
ExitWindowsEx
SetCursor
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
ProgIDFromCLSID
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoCreateInstance
CoCreateGuid
CoTaskMemRealloc
CLSIDFromProgID
CoInitializeSecurity
GetRunningObjectTable
CoTaskMemFree
StringFromGUID2
CreateItemMoniker
Number of PE resources by type
RT_STRING 25
RT_DIALOG 23
RT_ICON 11
RT_BITMAP 6
RT_GROUP_ICON 3
GIF 2
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 46
ENGLISH US 26
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
499712

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.4.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Setup Launcher Unicode

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
9.0

InternalBuildNumber
134369

ISInternalVersion
20.0.529

OriginalFileName
InstallShield Setup.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
2.4

TimeStamp
2013:10:30 07:48:02+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Setup

ProductVersion
2.4

SubsystemVersion
5.0

ISInternalDescription
Setup Launcher Unicode

OSVersion
5.0

EntryPoint
0x6b0fb

FileOS
Win32

LegalCopyright
Copyright (c) 2013 Flexera Software LLC. All Rights Reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Romeolight

CodeSize
715776

ProductName
JPEGmicro

ProductVersionNumber
2.4.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 eac0baabfe19a7e7e9cee945d8d2b86f
SHA1 7d7a3e392111d60e678089b36e048c3f047527b3
SHA256 0d9b0a9ffd2a2933d7b23b03885e5bbc3c6455ec59bde26b4193bce317f25716
ssdeep
196608:NaVciA0igCfHq+1p4TQJ0PEEaRYBGePU7AKQyW/kId1sa:N+pigCC+16g0PEEaktiWcu15

authentihash 2dd95cd59c9bca247960fee885a3516fbf3aeb33d71c4ef733c9075f3b981d00
imphash 8716dfcb53e9237687620dc5ebbd5d82
File size 8.1 MB ( 8540912 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (36.1%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win64 Executable (generic) (23.2%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.7%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-04-04 05:53:06 UTC ( 3 years, 7 months ago )
Last submission 2018-05-28 09:42:36 UTC ( 5 months, 3 weeks ago )
File names InstallShield Setup.exe
JPEGmicroSetup.exe
JPEGmicroSetup.exe
JPEGmicroSetup.exe
Setup
JPEGmicro 2.4.0.0.exe
JPEGmicroSetup.exe
965120
JPEGmicroSetup.exe
0d9b0a9ffd2a2933d7b23b03885e5bbc3c6455ec59bde26b4193bce317f25716
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Copied files
Deleted files
Created processes
Code injections in the following processes
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.