× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 10f7c23c583f77e706c4833d78caed930e3d8a47b1d7f161373a15225bab28d2
File name: setupfs17factsheets.exe
Detection ratio: 0 / 66
Analysis date: 2017-10-12 05:54:35 UTC ( 7 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware 20171012
AegisLab 20171012
AhnLab-V3 20171012
Alibaba 20170911
ALYac 20171011
Antiy-AVL 20171012
Arcabit 20171012
Avast 20171012
Avast-Mobile 20171011
AVG 20171012
Avira (no cloud) 20171011
AVware 20171012
Baidu 20171011
BitDefender 20171012
Bkav 20171011
CAT-QuickHeal 20171011
ClamAV 20171011
CMC 20171011
Comodo 20171012
CrowdStrike Falcon (ML) 20170804
Cylance 20171012
Cyren 20171012
DrWeb 20171012
Emsisoft 20171012
Endgame 20170821
ESET-NOD32 20171012
F-Prot 20171012
F-Secure 20171012
Fortinet 20171012
GData 20171012
Ikarus 20171011
Sophos ML 20170914
Jiangmin 20171011
K7AntiVirus 20171012
K7GW 20171012
Kaspersky 20171012
Kingsoft 20171012
Malwarebytes 20171012
MAX 20171012
McAfee 20171012
McAfee-GW-Edition 20171012
Microsoft 20171012
eScan 20171012
NANO-Antivirus 20171012
nProtect 20171012
Palo Alto Networks (Known Signatures) 20171012
Panda 20171011
Qihoo-360 20171012
Rising 20171012
SentinelOne (Static ML) 20171001
Sophos AV 20171012
SUPERAntiSpyware 20171012
Symantec 20171012
Symantec Mobile Insight 20171011
Tencent 20171012
TheHacker 20171007
TotalDefense 20171011
TrendMicro 20171012
TrendMicro-HouseCall 20171012
Trustlook 20171012
VBA32 20171011
VIPRE 20171012
ViRobot 20171012
Webroot 20171012
WhiteArmor 20170927
Yandex 20171011
Zillya 20171011
ZoneAlarm by Check Point 20171012
Zoner 20171012
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Product FS17 Factsheets
File version
Description FS17 Factsheets Setup
Comments This installation was built with Inno Setup.
Packers identified
F-PROT INNO
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x0000AA98
Number of sections 8
PE sections
Overlays
MD5 6fb922832b61e0f9a1dee85249d1f1d3
File type data
Offset 220672
Size 12433213
Entropy 8.00
PE imports
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegQueryValueExA
AdjustTokenPrivileges
RegOpenKeyExA
InitCommonControls
GetSystemTime
GetLastError
GetEnvironmentVariableA
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
GetSystemInfo
GetFileAttributesA
GetExitCodeProcess
ExitProcess
CreateDirectoryA
VirtualProtect
GetVersionExA
RemoveDirectoryA
RtlUnwind
LoadLibraryA
GetACP
DeleteCriticalSection
GetCurrentProcess
SizeofResource
GetLocaleInfoA
LocalAlloc
LockResource
IsDBCSLeadByte
DeleteFileA
GetWindowsDirectoryA
GetSystemDefaultLCID
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GetProcAddress
FormatMessageA
SetFilePointer
RaiseException
WideCharToMultiByte
GetModuleHandleA
ReadFile
InterlockedExchange
WriteFile
CloseHandle
GetSystemDirectoryA
GetFullPathNameA
LocalFree
CreateProcessA
GetModuleFileNameA
InitializeCriticalSection
LoadResource
VirtualQuery
VirtualFree
TlsGetValue
Sleep
GetFileType
SetEndOfFile
TlsSetValue
CreateFileA
GetVersion
FindResourceA
VirtualAlloc
GetFileSize
SetLastError
LeaveCriticalSection
SysStringLen
SysAllocStringLen
VariantCopyInd
VariantClear
VariantChangeTypeEx
CharPrevA
CreateWindowExA
LoadStringA
DispatchMessageA
CallWindowProcA
MessageBoxA
PeekMessageA
SetWindowLongA
MsgWaitForMultipleObjects
TranslateMessage
ExitWindowsEx
DestroyWindow
Number of PE resources by type
RT_ICON 9
RT_STRING 6
RT_MANIFEST 1
RT_RCDATA 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
NEUTRAL 7
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
178176

EntryPoint
0xaa98

MIMEType
application/octet-stream

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
4.0

ProductVersion
1.0

FileDescription
FS17 Factsheets Setup

OSVersion
1.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
HighDesert Software Co.

CodeSize
41472

ProductName
FS17 Factsheets

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 c1ada08409e8f60fe4abf4bd2c6c54ba
SHA1 a6720bd5929559f00fc1b023cce4d033ff691209
SHA256 10f7c23c583f77e706c4833d78caed930e3d8a47b1d7f161373a15225bab28d2
ssdeep
393216:eqBWircbZbWibFXj48sBCTQSqpjMCsp/8vg99:w5B7FX0dBCwjVsp/t

authentihash a0e34b7f15aa70fd142c1370d8af00c8fd813e13dff8d96f6423e2cde1f2d9bc
imphash 2fb819a19fe4dee5c03e8c6a79342f79
File size 12.1 MB ( 12653885 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Inno Setup installer (81.5%)
Win32 Executable Delphi generic (10.5%)
Win32 Executable (generic) (3.3%)
Win16/32 Executable Delphi generic (1.5%)
Generic Win/DOS Executable (1.4%)
Tags
peexe overlay

VirusTotal metadata
First submission 2017-07-14 20:16:51 UTC ( 10 months, 2 weeks ago )
Last submission 2017-08-25 18:26:16 UTC ( 9 months ago )
File names setupfs17factsheets.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Created mutexes
Runtime DLLs
UDP communications