× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 11c0e26a21fd78657869efd357fbada6f1cb75abc720e9f15f3fe5a938514f2b
File name: kastor-free-m4a-converter-6136.exe
Detection ratio: 1 / 67
Analysis date: 2018-10-21 00:00:11 UTC ( 4 weeks, 1 day ago )
Antivirus Result Update
CMC Trojan.Win32.Hesv!O 20181020
Ad-Aware 20181021
AegisLab 20181020
AhnLab-V3 20181020
Alibaba 20180921
ALYac 20181020
Antiy-AVL 20181019
Arcabit 20181020
Avast 20181020
Avast-Mobile 20181020
AVG 20181020
Avira (no cloud) 20181020
Babable 20180918
Baidu 20181019
BitDefender 20181020
Bkav 20181019
CAT-QuickHeal 20181020
ClamAV 20181020
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20181021
Cyren 20181021
DrWeb 20181020
eGambit 20181021
Emsisoft 20181020
Endgame 20180730
ESET-NOD32 20181021
F-Prot 20181020
F-Secure 20181020
Fortinet 20181021
GData 20181020
Ikarus 20181020
Sophos ML 20180717
Jiangmin 20181020
K7AntiVirus 20181020
K7GW 20181020
Kaspersky 20181020
Kingsoft 20181021
Malwarebytes 20181021
MAX 20181021
McAfee 20181020
McAfee-GW-Edition 20181020
Microsoft 20181021
eScan 20181020
NANO-Antivirus 20181020
Palo Alto Networks (Known Signatures) 20181021
Panda 20181020
Qihoo-360 20181021
Rising 20181021
SentinelOne (Static ML) 20181011
Sophos AV 20181021
SUPERAntiSpyware 20181015
Symantec 20181020
Symantec Mobile Insight 20181001
TACHYON 20181020
Tencent 20181021
TheHacker 20181018
TotalDefense 20181018
TrendMicro 20181021
TrendMicro-HouseCall 20181020
Trustlook 20181021
VBA32 20181019
ViRobot 20181020
Webroot 20181021
Yandex 20181020
Zillya 20181019
ZoneAlarm by Check Point 20181020
Zoner 20181020
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
kastorsoft.com

Product Kastor Free M4A Converter
File version 1.11.0.0
Description Kastor Free M4A Converter Setup
Comments This installation was built with Inno Setup.
Packers identified
F-PROT INNO, UTF-8, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00009C40
Number of sections 8
PE sections
Overlays
MD5 7fc499e85fe6913944654aff31c7c558
File type data
Offset 54272
Size 2197323
Entropy 8.00
PE imports
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegQueryValueExA
AdjustTokenPrivileges
RegOpenKeyExA
InitCommonControls
GetSystemTime
GetLastError
GetEnvironmentVariableA
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
GetSystemInfo
GetFileAttributesA
GetExitCodeProcess
ExitProcess
CreateDirectoryA
VirtualProtect
GetVersionExA
RemoveDirectoryA
RtlUnwind
LoadLibraryA
DeleteCriticalSection
GetCurrentProcess
SizeofResource
GetLocaleInfoA
LocalAlloc
LockResource
IsDBCSLeadByte
DeleteFileA
GetWindowsDirectoryA
GetSystemDefaultLCID
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GetProcAddress
FormatMessageA
SetFilePointer
RaiseException
WideCharToMultiByte
GetModuleHandleA
ReadFile
InterlockedExchange
WriteFile
CloseHandle
GetACP
GetFullPathNameA
LocalFree
CreateProcessA
GetModuleFileNameA
InitializeCriticalSection
LoadResource
VirtualQuery
VirtualFree
TlsGetValue
Sleep
GetFileType
SetEndOfFile
TlsSetValue
CreateFileA
FindResourceA
VirtualAlloc
GetFileSize
SetLastError
LeaveCriticalSection
SysStringLen
SysAllocStringLen
VariantCopyInd
VariantClear
VariantChangeTypeEx
CharPrevA
CreateWindowExA
LoadStringA
DispatchMessageA
CallWindowProcA
MessageBoxA
PeekMessageA
SetWindowLongA
MsgWaitForMultipleObjects
TranslateMessage
ExitWindowsEx
DestroyWindow
Number of PE resources by type
RT_STRING 6
RT_ICON 4
RT_MANIFEST 1
RT_RCDATA 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
DUTCH 4
ENGLISH US 3
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
1.11.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Kastor Free M4A Converter Setup

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Unicode

InitializedDataSize
17920

EntryPoint
0x9c40

MIMEType
application/octet-stream

LegalCopyright
kastorsoft.com

FileVersion
1.11.0.0

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.11.0.0

UninitializedDataSize
0

OSVersion
1.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
KastorSoft

CodeSize
37888

ProductName
Kastor Free M4A Converter

ProductVersionNumber
1.11.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 0f233854452513ceb3a657f58f764454
SHA1 a43596056027f407dadf93a438acc685b1bffef7
SHA256 11c0e26a21fd78657869efd357fbada6f1cb75abc720e9f15f3fe5a938514f2b
ssdeep
49152:5abLPItEk4bmJH+ZS4irdcvMhbQslst8Lte5Oc3144inXBgJ:QvPItEk0k+04ipcIstAt/o4jRgJ

authentihash 896d04ff4e2982c1b40234c26481186f8a2ad9b76fe9bdccb76517ea4b7a4e71
imphash 884310b1928934402ea6fec1dbd3cf5e
File size 2.1 MB ( 2251595 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Inno Setup installer (76.6%)
Win32 Executable Delphi generic (9.9%)
Win32 Dynamic Link Library (generic) (4.5%)
Win32 Executable (generic) (3.1%)
Win16/32 Executable Delphi generic (1.4%)
Tags
peexe software-collection overlay

VirusTotal metadata
First submission 2011-11-18 14:27:21 UTC ( 7 years ago )
Last submission 2018-10-10 02:46:13 UTC ( 1 month, 1 week ago )
File names Setup_FreeM4AConverter.exe
Setup_FreeM4AConverter.exe
11c0e26a21fd78657869efd357fbada6f1cb75abc720e9f15f3fe5a938514f2b
1340367722-Setup_FreeM4AConverter.exe
172721
free-m4a-converter-1-11-en-fr-de-it-tr-win.exe
kastor-free-m4a-converter-6136-jetelecharge.exe
Setup_FreeM4AConverter.exe
output.10321343.txt
14A6205A4BFA98DF5B8122495314E400CE8728EE.exe
kastor-free-m4a-converter-6136.exe
kastor-free-m4a-converter-6136-jetelecharge.exe
1ddda9672bb88df21ba509d611c36a48916468c8d8667758ad1f8d0dc95d6d15994726d2acadca8b3ceacbc806836257a34b6511ad93f0bc3938257cd7a56fe4
kastor-free-m4a-converter-6136-jetelecharge.exe
kastor-free-m4a-converter-6136-jetelecharge.exe
Setup_FreeM4AConverter.exe
10321343
11C0E26A21FD78657869EFD357FBADA6F1CB75ABC720E9F15F3FE5A938514F2B
20161205103653
file-3869933_exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!