× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0f5df430b54a377a6cfd1e253169de2cf8a60a1751d6e8b72718d297bd45174c
File name: age-of-empires-2-230-jetelecharge.exe
Detection ratio: 1 / 68
Analysis date: 2017-12-22 03:47:01 UTC ( 7 months, 3 weeks ago ) View latest
Antivirus Result Update
Zillya Adware.iBryte.Win32.10234 20171221
Ad-Aware 20171222
AegisLab 20171222
AhnLab-V3 20171221
Alibaba 20171222
ALYac 20171222
Antiy-AVL 20171222
Arcabit 20171222
Avast 20171222
Avast-Mobile 20171221
AVG 20171222
Avira (no cloud) 20171221
AVware 20171222
Baidu 20171221
BitDefender 20171222
Bkav 20171221
CAT-QuickHeal 20171221
ClamAV 20171221
CMC 20171221
Comodo 20171222
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20171222
Cyren 20171222
DrWeb 20171222
eGambit 20171222
Emsisoft 20171222
Endgame 20171130
ESET-NOD32 20171222
F-Prot 20171222
F-Secure 20171222
Fortinet 20171222
GData 20171222
Ikarus 20171221
Sophos ML 20170914
Jiangmin 20171221
K7AntiVirus 20171221
K7GW 20171221
Kaspersky 20171222
Kingsoft 20171222
Malwarebytes 20171222
MAX 20171222
McAfee 20171222
McAfee-GW-Edition 20171222
Microsoft 20171222
eScan 20171222
NANO-Antivirus 20171222
nProtect 20171222
Palo Alto Networks (Known Signatures) 20171222
Panda 20171221
Qihoo-360 20171222
Rising 20171222
SentinelOne (Static ML) 20171207
Sophos AV 20171222
SUPERAntiSpyware 20171222
Symantec 20171222
Symantec Mobile Insight 20171222
Tencent 20171222
TheHacker 20171219
TotalDefense 20171221
TrendMicro 20171222
TrendMicro-HouseCall 20171222
Trustlook 20171222
VBA32 20171219
VIPRE 20171222
ViRobot 20171222
Webroot 20171222
WhiteArmor 20171204
Yandex 20171221
ZoneAlarm by Check Point 20171222
Zoner 20171222
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © 1999

Product setup
Original name setup.exe
Internal name setup
File version 1, 0, 0, 1
Description setup
Comments Setup for Microsoft Age of Empires II Trial
Signature verification Signed file, verified signature
Signing date 6:19 PM 10/20/1999
Signers
[+] Microsoft Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown., The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer VeriSign Commercial Software Publishers CA
Valid from 1:00 AM 3/19/1999
Valid to 12:59 AM 4/17/2000
Valid usage All
Algorithm md2RSA
Thumbprint 8AA137F5039FE028C926AA5590141968FAFFE81A
Serial number 55 0D 88 F5 3F 64 16 D7 0C 73 00 D8 45 92 16 34
[+] VeriSign
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Commercial Software Publishers CA
Valid from 1:00 AM 4/9/1996
Valid to 12:59 AM 1/8/2004
Valid usage Email Protection, Code Signing
Algorithm md2RSA
Thumbprint 24A40A1F573643A67F0A4B0749F6A22BF28ABB6B
Serial number 03 C7 8F 37 DB 92 28 DF 3C BB 1A AD 82 FA 67 10
Counter signers
[+] NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
Issuer NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
Valid from 8:00 AM 5/12/1997
Valid to 8:00 AM 12/31/1999
Valid usage All
Algorithm md5RSA
Thumbrint 3873B699F35B9CCC3662B6483A96BD6EEC97CFB7
Serial number 00 BD 11 9A DA 43 ED 21 FB 46 58 84 89 CA 46 88 90 25 EE 14 60
[+] VeriSign Time Stamping CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
Valid from 1:00 AM 5/12/1997
Valid to 12:59 AM 1/8/2004
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint 18F7C1FCC3090203FD5BAA2F861A754976C8DD25
Serial number 4A 19 D2 38 8C 82 59 1C A5 5D 73 5F 15 5D DC A3
Packers identified
F-PROT CAB, appended, SFX
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1999-10-15 16:14:57
Entry Point 0x0001A10A
Number of sections 4
PE sections
Overlays
MD5 691f7e51d258a4f3ac581e86648a35a5
File type data
Offset 49078272
Size 5384
Entropy 7.03
PE imports
RegDeleteKeyA
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegSetValueExA
RegQueryValueExA
AdjustTokenPrivileges
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
AddFontResourceA
GetSystemPaletteEntries
GetBkMode
TextOutA
GetDeviceCaps
DeleteDC
SetBkMode
BitBlt
RealizePalette
SetTextColor
GetObjectA
CreatePalette
GetStockObject
CreateDIBitmap
SelectPalette
ExtTextOutA
SetTextAlign
CreateCompatibleDC
SelectObject
GetTextExtentPoint32A
GetTextColor
SetBkColor
DeleteObject
GetStdHandle
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
FreeEnvironmentStringsA
GetCurrentProcess
GetCurrentDirectoryA
GetLocaleInfoA
LocalAlloc
lstrcatA
SetErrorMode
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetFileTime
GetTempPathA
WideCharToMultiByte
GetStringTypeA
WriteFile
HeapReAlloc
GetStringTypeW
GetThreadPriority
GetFullPathNameA
GetOEMCP
LocalFree
ResumeThread
GetEnvironmentVariableA
LoadResource
FindClose
TlsGetValue
FormatMessageA
SetLastError
DeviceIoControl
LocalLock
HeapAlloc
FlushFileBuffers
RemoveDirectoryA
QueryPerformanceFrequency
EnumSystemLocalesA
GetPrivateProfileStringA
SetThreadPriority
GetUserDefaultLCID
UnhandledExceptionFilter
MultiByteToWideChar
FindNextChangeNotification
CreateMutexA
SetFilePointer
GlobalMemoryStatus
CreateThread
SetFileAttributesA
GetExitCodeThread
SetUnhandledExceptionFilter
GetSystemDirectoryA
MoveFileExA
SetEnvironmentVariableA
SetPriorityClass
TerminateProcess
FindCloseChangeNotification
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
SetCurrentDirectoryA
HeapFree
SetHandleCount
lstrcmpiA
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
ExitThread
FreeLibrary
GetStartupInfoA
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetEvent
GetProcAddress
CompareStringW
lstrcmpA
FindFirstFileA
lstrcpyA
CompareStringA
GetTempFileNameA
FindNextFileA
IsValidLocale
GlobalLock
GetTimeZoneInformation
CreateEventA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LocalUnlock
GetLastError
LCMapStringW
FindFirstChangeNotificationA
GetSystemInfo
lstrlenA
GlobalFree
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
IsDBCSLeadByte
GetModuleFileNameA
GetShortPathNameA
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
LockResource
SetFileTime
GetCPInfo
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
GetModuleHandleA
ReadFile
CloseHandle
lstrcpynA
GetPriorityClass
GetACP
GetVersion
FreeResource
GetDiskFreeSpaceA
SizeofResource
CreateProcessA
IsValidCodePage
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
VirtualAlloc
ShellExecuteExA
SHBrowseForFolderA
SHChangeNotify
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
SetFocus
GetMessageA
SetDlgItemTextA
GetParent
RedrawWindow
EndDialog
BeginPaint
EnumWindows
CharNextA
PostQuitMessage
DefWindowProcA
FindWindowA
SetWindowPos
SendDlgItemMessageA
GetSystemMetrics
IsWindow
DispatchMessageA
EnableWindow
LoadStringA
PostMessageA
GetDlgItemTextA
MessageBoxA
PeekMessageA
wvsprintfA
TranslateMessage
DialogBoxParamA
FrameRect
UpdateWindow
CharUpperA
GetWindowWord
GetDC
ReleaseDC
SetWindowTextA
UnregisterClassA
ShowWindow
GetDesktopWindow
CharPrevA
SendMessageA
SetForegroundWindow
GetClientRect
GetDlgItem
CreateDialogParamA
SetCursor
RegisterClassA
InvalidateRect
SetWindowWord
wsprintfA
FindWindowExA
CreateWindowExA
LoadCursorA
LoadIconA
EnumDisplaySettingsA
FillRect
CopyRect
WaitForInputIdle
GetSysColorBrush
InflateRect
MsgWaitForMultipleObjects
EndPaint
GetUpdateRect
CharToOemA
GetKeyboardType
ExitWindowsEx
DestroyWindow
VerLanguageNameA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
waveOutGetNumDevs
timeGetTime
waveOutGetDevCapsA
joyGetNumDevs
CoCreateInstance
CoUninitialize
CoInitialize
OleInitialize
OleUninitialize
PE exports
Number of PE resources by type
RT_ICON 3
RT_STRING 3
SETUPBINARY 1
PREPSTUBDATA 1
RT_GROUP_ICON 1
RT_VERSION 1
CABFILE 1
Number of PE resources by language
ENGLISH US 10
NEUTRAL 1
PE resources
ExifTool file metadata
Tag_InjectBuild
01.99.10.2002

FileTypeExtension
exe

SubsystemVersion
4.0

Comments
Setup for Microsoft Age of Empires II Trial

InitializedDataSize
48914432

ImageVersion
0.0

ProductName
setup

FileVersionNumber
1.0.0.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

Tag_EngineBuild
420

CharacterSet
Unicode

LinkerVersion
6.0

Subsystem
Windows GUI

OriginalFileName
setup.exe

MIMEType
application/octet-stream

Tag_ScriptBuild
01.99.10.2002

FileVersion
1, 0, 0, 1

TimeStamp
1999:10:15 17:14:57+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
setup

ProductVersion
1, 0, 0, 1

FileDescription
setup

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 1999

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corp.

CodeSize
159744

FileSubtype
0

ProductVersionNumber
1.0.0.1

Tag_PrepstubBuild
4.2000.10.700

EntryPoint
0x1a10a

ObjectFileType
Executable application

File identification
MD5 787effb4a56c1d348ccdf8beaf195be3
SHA1 86c82c2495ec0171e0ded7dcbeeb672a4eba50c7
SHA256 0f5df430b54a377a6cfd1e253169de2cf8a60a1751d6e8b72718d297bd45174c
ssdeep
786432:wbEfOdHhzMPcIMYCJpmcnCvzsRmIMvFqedy7HRHUwCtb9cKrzVi0ojsZrgVZAxXN:wfhghRCJpmcnCvzsYMdHQtJcn0oIKnAX

authentihash 074f6a779084136699d456f132719dce8b550fa9923062aa25c8d793acb1fee3
imphash a61626fd06ddccd88fcdcd7ca7739059
File size 46.8 MB ( 49083656 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (80.3%)
Win32 Executable (generic) (8.4%)
OS/2 Executable (generic) (3.7%)
Generic Win/DOS Executable (3.7%)
DOS Executable Generic (3.7%)
Tags
peexe nsrl overlay signed armadillo software-collection

VirusTotal metadata
First submission 2009-05-27 16:40:30 UTC ( 9 years, 2 months ago )
Last submission 2018-06-27 15:11:32 UTC ( 1 month, 2 weeks ago )
File names age-of-empires-ii.exe
age-of-empires-ii.exe
AoE2demo.exe
age-of-empires-2-230-jetelecharge.exe
39466-5665-age-of-empires-ii-gold-edition.exe
AoK.Trial.exe
age-of-empires-2-230-jetelecharge.exe
0F5DF430B54A377A6CFD1E253169DE2CF8A60A1751D6E8B72718D297BD45174C
AoE2demo.exe
AoE2demo.exe
setup.exe
age-of-empires-2-230-jetelecharge.exe
aoe2demo.exe
AoE2demo (1).exe
AoE2demo (2).exe
AoE2demo (1).exe
Age_v2.exe
AoE2demo_2.exe
setup
AoE2demo.exe
age-of-empires-2-the-ace-of-kings-demo-tamindir.exe
AoE2demo.exe
age-of-empires-2-230-jetelecharge.exe
29771
National Software Reference Library (NIST)
The National Software Reference Library (NSRL) is designed to collect software from various sources and incorporate file profiles computed from this software into a reference data set of information. This file was found in the NSRL dataset, in the following products and with the following file names.
Products Age of Empires 2: Age of Kings (Microsoft)
File names aoe2demo.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!