× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 10572c00ae87fed2b273c66d0d98e377bb556a234d7b7f961558780a2295453f
File name: genie2_tray.exe
Detection ratio: 0 / 59
Analysis date: 2017-02-25 20:10:36 UTC ( 2 years ago )
Antivirus Result Update
Ad-Aware 20170225
AegisLab 20170225
AhnLab-V3 20170225
Alibaba 20170224
ALYac 20170225
Antiy-AVL 20170225
Arcabit 20170225
Avast 20170225
AVG 20170225
Avira (no cloud) 20170225
AVware 20170225
Baidu 20170224
BitDefender 20170225
Bkav 20170225
CAT-QuickHeal 20170225
ClamAV 20170225
CMC 20170225
Comodo 20170225
CrowdStrike Falcon (ML) 20170130
Cyren 20170225
DrWeb 20170225
Emsisoft 20170225
Endgame 20170222
ESET-NOD32 20170225
F-Prot 20170225
F-Secure 20170225
Fortinet 20170225
GData 20170225
Ikarus 20170225
Sophos ML 20170203
Jiangmin 20170225
K7AntiVirus 20170225
K7GW 20170225
Kaspersky 20170225
Kingsoft 20170225
Malwarebytes 20170225
McAfee 20170225
McAfee-GW-Edition 20170225
Microsoft 20170225
eScan 20170225
NANO-Antivirus 20170225
nProtect 20170225
Panda 20170225
Qihoo-360 20170225
Rising 20170225
Sophos AV 20170225
SUPERAntiSpyware 20170225
Symantec 20170224
Tencent 20170225
TheHacker 20170223
TotalDefense 20170225
TrendMicro 20170225
TrendMicro-HouseCall 20170225
Trustlook 20170225
VBA32 20170224
VIPRE 20170225
ViRobot 20170225
Webroot 20170225
WhiteArmor 20170222
Yandex 20170222
Zillya 20170224
Zoner 20170225
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Signature verification Signed file, verified signature
Signing date 7:03 PM 6/14/2012
Signers
[+] NETGEAR
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 9/20/2011
Valid to 12:59 AM 9/28/2014
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint B3EEA2C44C56AAB33D0DA6FC80626D2AA3319AF3
Serial number 14 0D D5 6F 21 E5 85 C5 5F 28 CB 36 EA 1F 24 99
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G3
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown., Error 65536 (0x10000), The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer VeriSign Time Stamping Services CA
Valid from 1:00 AM 5/1/2012
Valid to 12:59 AM 1/1/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 8FD99D63FB3AFBD534A4F6E31DACD27F59504021
Serial number 79 A2 A5 85 F9 D1 15 42 13 D9 B8 3E F6 B6 8D ED
[+] VeriSign Time Stamping Services CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-06-14 06:55:05
Entry Point 0x000012A0
Number of sections 5
PE sections
Overlays
MD5 b7d963334acb94521d8bcd692ce81717
File type data
Offset 116736
Size 5960
Entropy 7.30
PE imports
GetLastError
GetStartupInfoA
ReleaseSemaphore
CreateSemaphoreA
TlsGetValue
Sleep
TlsFree
GetModuleHandleA
WaitForSingleObject
GetCommandLineW
SetUnhandledExceptionFilter
InterlockedDecrement
ExitProcess
CloseHandle
TlsAlloc
TlsSetValue
GetCommandLineA
GetCurrentThreadId
GetProcAddress
SetLastError
InterlockedIncrement
_ZN7QObject10timerEventEP11QTimerEvent
_ZrsR11QDataStreamR7QString
_ZN7QStringaSERKS_
_ZNK7QString7indexOfERKS_iN2Qt15CaseSensitivityE
_ZNK7QString4leftEi
_Z9qBadAllocv
_ZN8QVariantD1Ev
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN11QMetaObject18connectSlotsByNameEP7QObject
_ZN7QString6numberEii
_ZNK7QString11toLocal8BitEv
_ZN5QFile4openE6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN5QUuid10createUuidEv
_ZNK7QString5splitERKS_NS_13SplitBehaviorEN2Qt15CaseSensitivityE
_ZN8QVariantC1ERK7QString
_ZN5QFile11setFileNameERK7QString
_ZNK7QString3argExiiRK5QChar
_Z5qFreePv
_ZN6QTimer5startEi
_Z8qWinMainP11HINSTANCE__S0_PciRiR7QVectorIS1_E
_ZNK7QObject10objectNameEv
_ZN9QListData6appendEv
_ZN7QRegExp3capEi
_ZN11QTextStreamD1Ev
_ZN5QFileC1ERK7QString
_ZN11QVectorData10reallocateEPS_iii
_ZNK7QString3midEii
_ZN10QByteArray7reallocEi
_ZN6QTimerC1EP7QObject
_ZN6QTimerD1Ev
_ZNK8QVariant6toListEv
_ZNK7QString5toIntEPbi
_ZNK8QVariant8toStringEv
_ZNK7QString7compareERKS_
_ZN9QListData6detachEi
_ZN7QObject10disconnectEPKS_PKcS1_S3_
_ZNK7QString3argERKS_iRK5QChar
_ZN9QListData11detach_growEPii
_ZNK8QVariant5toIntEPb
_ZN8QVariantC1ERK5QListIS_E
_ZN7QObject5eventEP6QEvent
_ZN7QRegExpD1Ev
_ZN11QDataStreamD1Ev
_ZN7QObject11deleteLaterEv
_ZNK7QString8multiArgEiPPKS_
_ZN7QString16fromAscii_helperEPKci
_ZN7QObject16disconnectNotifyEPKc
_ZNK7QObject6senderEv
_ZNK7QString7compareERKS_N2Qt15CaseSensitivityE
_ZN7QObject11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QObjectC2EPS_
_ZN7QString9fromAsciiEPKci
_ZN7QObjectD2Ev
_ZN11QMetaObject8activateEP7QObjectPKS_iPPv
_ZN7QString14fromWCharArrayEPKwi
_ZN7QString6appendERKS_
_ZN11QVectorData4freeEPS_i
_Z7qMemSetPvij
_ZN7QString8fromUtf8EPKci
_ZN7QObject7connectEPKS_PKcS1_S3_N2Qt14ConnectionTypeE
_ZNK7QStringeqERK13QLatin1String
_ZN9QListData11shared_nullE
_Z17qt_message_output9QtMsgTypePKc
_ZN7QObject11customEventEP6QEvent
_ZN7QString11shared_nullE
_ZN11QVectorData8allocateEii
_ZN9QIODevice7readAllEv
_ZN5QFileD1Ev
_ZNK7QRegExp10exactMatchERK7QString
_ZN16QCoreApplication9translateEPKcS1_S1_NS_8EncodingE
_ZNK5QUuid8toStringEv
_ZN11QTextStreamC1EP7QString6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN7QRegExpC1ERK7QStringN2Qt15CaseSensitivityENS_13PatternSyntaxE
_ZNK7QString5rightEi
_ZNK7QStringeqERKS_
_ZN11QTextStreamlsERK7QString
_ZN11QTextStreamlsEc
_ZN16QCoreApplication4quitEv
_ZN5QFileC1Ev
_ZN6QTimer4stopEv
_ZN11QTextStreamlsEi
_ZN11QDataStreamC1EP9QIODevice
_ZN7QString16codecForCStringsE
_ZN13QPluginLoaderC1ERK7QStringP7QObject
_ZN13QPluginLoader8instanceEv
_ZN7QObject10childEventEP11QChildEvent
_ZN8QVariantC1ERKS_
_ZN8QVariantC1Ei
_ZN7QObject13connectNotifyEPKc
_ZNK11QMetaObject4castEP7QObject
_ZNK11QDataStream5atEndEv
_ZN7QString4freeEPNS_4DataE
_ZN16QCoreApplication9argumentsEv
_ZN8QProcess13startDetachedERK7QStringRK11QStringList
_ZlsR11QDataStreamRK7QString
_ZN16QCoreApplication4selfE
_ZN13QPluginLoader11setFileNameERK7QString
_ZN7QObject16staticMetaObjectE
_ZN6QTimer10singleShotEiP7QObjectPKc
_ZN13QPluginLoaderD1Ev
_ZN7QObject13setObjectNameERK7QString
_ZN7QObject11qt_metacastEPKc
_ZN7QWidget14setWindowFlagsE6QFlagsIN2Qt10WindowTypeEE
_ZN10QBoxLayout9addWidgetEP7QWidgeti6QFlagsIN2Qt13AlignmentFlagEE
_ZN7QWidget13enabledChangeEb
_ZN7QWidget11changeEventEP6QEvent
_ZNK7QWidget6metricEN12QPaintDevice17PaintDeviceMetricE
_ZN7QWidget10setVisibleEb
_ZN7QWidget13paletteChangeERK8QPalette
_ZNK14QDesktopWidget12screenNumberERK6QPoint
_ZN7QWidget16inputMethodEventEP17QInputMethodEvent
_ZNK7QWidget15minimumSizeHintEv
_ZN12QApplication7desktopEv
_ZN7QWidgetD2Ev
_ZN15QSystemTrayIconC1EP7QObject
_ZN5QMenu12addSeparatorEv
_ZN7QWidget11setGeometryERK5QRect
_ZN7QWidget5closeEv
_ZN7QWidget14mouseMoveEventEP11QMouseEvent
_ZN7QWidget8winEventEP6tagMSGPl
_ZN7QWidget9showEventEP10QShowEvent
_ZN6QFrame14setFrameShadowENS_6ShadowE
_ZN6QLabel7setTextERK7QString
_ZN7QWidget12setAttributeEN2Qt15WidgetAttributeEb
_ZThn8_NK7QWidget6metricEN12QPaintDevice17PaintDeviceMetricE
_ZN5QMenu7addMenuEPS_
_ZN7QWidget11resizeEventEP12QResizeEvent
_ZN7QWidget10leaveEventEP6QEvent
_ZThn8_NK7QWidget7devTypeEv
_ZN7QWidget15mousePressEventEP11QMouseEvent
_ZN7QWidget10fontChangeERK5QFont
_ZN7QWidget9hideEventEP10QHideEvent
_ZN7QWidget5eventEP6QEvent
_ZNK7QWidget8sizeHintEv
_ZN7QAction7setIconERK5QIcon
_ZThn8_NK7QWidget5getDCEv
_ZN7QWidget9moveEventEP10QMoveEvent
_ZN7QAction7setTextERK7QString
_ZN15QSystemTrayIcon7setIconERK5QIcon
_ZNK7QWidget7devTypeEv
_ZN10QBoxLayout10setSpacingEi
_ZNK15QSystemTrayIcon9isVisibleEv
_ZN7QWidget14dragLeaveEventEP15QDragLeaveEvent
_ZN6QLabel12setAlignmentE6QFlagsIN2Qt13AlignmentFlagEE
_ZN7QWidget13setStyleSheetERK7QString
_ZN7QWidget6resizeERK5QSize
_ZThn8_NK7QWidget9releaseDCEP5HDC__
_ZN7QWidget18focusNextPrevChildEb
_ZNK7QWidget5getDCEv
_ZN7QWidget16contextMenuEventEP17QContextMenuEvent
_ZN6QLabel11setWordWrapEb
_ZN5QIconD1Ev
_ZNK7QWidget11paintEngineEv
_ZN15QSystemTrayIcon14setContextMenuEP5QMenu
_ZN7QWidget14setWindowTitleERK7QString
_ZN12QApplication4execEv
_ZN7QWidget10enterEventEP6QEvent
_ZN5QMenu8setTitleERK7QString
_ZN7QWidget10paintEventEP11QPaintEvent
_ZN7QWidgetC2EPS_6QFlagsIN2Qt10WindowTypeEE
_ZN7QWidget13focusOutEventEP11QFocusEvent
_ZNK7QWidget16inputMethodQueryEN2Qt16InputMethodQueryE
_ZN7QWidget10wheelEventEP11QWheelEvent
_ZN7QWidget11styleChangeER6QStyle
_ZN7QWidget10closeEventEP11QCloseEvent
_ZN7QWidget14languageChangeEv
_ZN5QMenuC1EP7QWidget
_ZNK7QAction9isCheckedEv
_ZN7QAction10setCheckedEb
_ZN6QLabelC1EP7QWidget6QFlagsIN2Qt10WindowTypeEE
_ZN7QWidget11actionEventEP12QActionEvent
_ZN7QWidget13keyPressEventEP9QKeyEvent
_ZN7QWidget12focusInEventEP11QFocusEvent
_ZThn8_NK7QWidget11paintEngineEv
_ZNK15QSystemTrayIcon8geometryEv
_ZN5QIconC1ERK7QString
_ZN15QSystemTrayIcon10setToolTipERK7QString
_ZN6QFrame13setFrameShapeENS_5ShapeE
_ZN12QApplicationD1Ev
_ZN7QWidget4moveERK6QPoint
_ZN7QWidget11tabletEventEP12QTabletEvent
_ZN7QWidget9dropEventEP10QDropEvent
_ZN7QLayout18setContentsMarginsEiiii
_ZN15QSystemTrayIcon10setVisibleEb
_ZNK14QDesktopWidget14screenGeometryEi
_ZN7QWidget11qt_metacastEPKc
_ZN7QWidget16staticMetaObjectE
_ZN11QVBoxLayoutC1EP7QWidget
_ZN7QWidget14dragEnterEventEP15QDragEnterEvent
_ZNK7QWidget14heightForWidthEi
_ZNK7QWidget9releaseDCEP5HDC__
_ZN7QWidget17mouseReleaseEventEP11QMouseEvent
_ZN7QWidget22windowActivationChangeEb
_ZN6QFrameC1EP7QWidget6QFlagsIN2Qt10WindowTypeEE
_ZN7QWidget21mouseDoubleClickEventEP11QMouseEvent
_ZN5QMenu9addActionERK7QString
_ZN7QWidget13dragMoveEventEP14QDragMoveEvent
_ZN7QWidget15keyReleaseEventEP9QKeyEvent
_ZN12QApplicationC1ERiPPci
_ZN7QAction12setCheckableEb
_ZN7QWidget11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QWidget16setWindowOpacityEd
_ZN12QLocalServer6listenERK7QString
_ZN12QLocalSocketC1EP7QObject
_ZN12QLocalSocket16staticMetaObjectE
_ZNK12QLocalSocket5stateEv
_ZN12QLocalSocket15connectToServerERK7QString6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN12QLocalSocketD1Ev
_ZN12QLocalSocket5abortEv
_ZN12QLocalServerC1EP7QObject
_ZN12QLocalSocket5flushEv
_ZN12QLocalServer5closeEv
_ZN12QDomDocument10setContentEP9QIODeviceP7QStringPiS4_
_ZNK8QDomNode10childNodesEv
_ZNK8QDomNode11nextSiblingEv
_ZNK11QDomElement9attributeERK7QStringS2_
_ZN12QDomDocumentC1Ev
_ZN8QDomNodeD1Ev
_ZN8QDomNodeaSERKS_
_ZN12QDomNodeListD1Ev
_ZN12QDomDocumentD1Ev
_ZN8QDomNodeD2Ev
_ZNK11QDomElement7tagNameEv
_ZNK12QDomNodeList6lengthEv
_ZNK8QDomNode10firstChildEv
_ZNK8QDomNode6isNullEv
_ZNK8QDomNode9toElementEv
_ZNK8QDomNode9isElementEv
_ZNK12QDomNodeList4itemEi
_Unwind_SetIP
_Unwind_GetIPInfo
__emutls_get_address
__deregister_frame_info
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_GetDataRelBase
_Unwind_Resume
__register_frame_info
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_SetGR
_Unwind_DeleteException
_Unwind_Resume_or_Rethrow
__mingwthr_key_dtor
_cexit
__p__fmode
malloc
strcpy
fputc
__p__environ
fputs
signal
free
_onexit
atexit
fwrite
abort
_setmode
sprintf
__getmainargs
_write
_iob
realloc
strcmp
__set_app_type
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2012:06:14 07:55:05+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
67072

LinkerVersion
2.56

FileTypeExtension
exe

InitializedDataSize
115712

SubsystemVersion
4.0

EntryPoint
0x12a0

OSVersion
4.0

ImageVersion
1.0

UninitializedDataSize
512

Compressed bundles
File identification
MD5 f6d6844740d4042afadf75197d77cbcf
SHA1 263feb97462ce8db216a4a90a5d808ae1efd15bb
SHA256 10572c00ae87fed2b273c66d0d98e377bb556a234d7b7f961558780a2295453f
ssdeep
3072:JtN2TmEpeA2Z2N0tz5SLFJC25AjfBukpsUPirk:NkpeAmDtzgKsAjpuHUPirk

authentihash 351bb35e08e1ecab56e4dea600a3157bdba5dd1d371998369d9538c8a775833c
imphash 4476d1e58b405afcedca567550e189ad
File size 119.8 KB ( 122696 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
Win16/32 Executable Delphi generic (2.7%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2012-12-28 02:34:18 UTC ( 6 years, 2 months ago )
Last submission 2017-02-25 20:10:36 UTC ( 2 years ago )
File names genie2_tray.exe
genie2_tray.exe
genie2_tray.exe
genie2_tray.exe
genie2_tray.exe
genie2_tray.exe
file-5142884_exe
genie2_tray.exe
genie2_tray.exe
GENIE2_TRAY.EXE
genie2_tray.exe
genie2_tray.exe
genie2_tray.exe
genie2_tray.exe
GENIE2_TRAY.EXE
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!