× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1334bca2def8e1773e0f50d813d63e79068b7a40b00f2cf8f5dc858aebb14055
File name: AthBtTray.exe
Detection ratio: 0 / 59
Analysis date: 2017-02-19 02:25:57 UTC ( 2 years, 2 months ago )
Antivirus Result Update
Ad-Aware 20170219
AegisLab 20170219
AhnLab-V3 20170218
Alibaba 20170217
ALYac 20170219
Antiy-AVL 20170219
Arcabit 20170219
Avast 20170219
AVG 20170218
Avira (no cloud) 20170218
AVware 20170219
Baidu 20170217
BitDefender 20170219
Bkav 20170218
CAT-QuickHeal 20170218
ClamAV 20170219
CMC 20170218
Comodo 20170219
CrowdStrike Falcon (ML) 20170130
Cyren 20170218
DrWeb 20170218
Emsisoft 20170219
Endgame 20170217
ESET-NOD32 20170219
F-Prot 20170219
F-Secure 20170218
Fortinet 20170218
GData 20170219
Ikarus 20170218
Sophos ML 20170203
Jiangmin 20170218
K7AntiVirus 20170218
K7GW 20170218
Kaspersky 20170218
Kingsoft 20170219
Malwarebytes 20170219
McAfee 20170219
McAfee-GW-Edition 20170218
Microsoft 20170218
eScan 20170219
NANO-Antivirus 20170219
nProtect 20170219
Panda 20170218
Qihoo-360 20170219
Rising 20170219
Sophos AV 20170219
SUPERAntiSpyware 20170218
Symantec 20170218
Tencent 20170219
TheHacker 20170218
TotalDefense 20170218
TrendMicro 20170218
TrendMicro-HouseCall 20170219
Trustlook 20170219
VBA32 20170217
VIPRE 20170219
ViRobot 20170218
Webroot 20170219
WhiteArmor 20170215
Yandex 20170218
Zillya 20170218
Zoner 20170219
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (c) 2001-2011 Atheros Communications, Inc. All rights reserved.

Product Bluetooth Software
Original name AthBtTray.exe
Internal name AthBtTray.exe
File version 7.4.0.110
Description Bluetooth Tray
Signature verification A certificate was explicitly revoked by its issuer.
Signers
[+] Atheros Communications Inc.
Status This certificate or one of the certificates in the certificate chain is not time valid., Trust for this certificate or one of the certificates in the certificate chain has been revoked.
Issuer VeriSign Class 3 Code Signing 2009-2 CA
Valid from 1:00 AM 3/30/2010
Valid to 12:59 AM 4/1/2013
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 3C0714300DE4502C996936E329408CAA670DFF9F
Serial number 70 97 71 C0 2A 39 50 29 A6 8C 5F BD B0 E8 67 FD
[+] VeriSign Class 3 Code Signing 2009-2 CA
Status Valid
Issuer Class 3 Public Primary Certification Authority
Valid from 1:00 AM 5/21/2009
Valid to 12:59 AM 5/21/2019
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 12D4872BC3EF019E7E0B6F132480AE29DB5B1CA3
Serial number 65 52 26 E1 B2 2E 18 E1 59 0F 29 85 AC 22 E7 5C
[+] VeriSign Class 3 Public Primary CA
Status Valid
Issuer Class 3 Public Primary Certification Authority
Valid from 1:00 AM 1/29/1996
Valid to 12:59 AM 8/2/2028
Valid usage Email Protection, Client Auth, Code Signing, Server Auth
Algorithm md2RSA
Thumbprint 742C3192E607E424EB4549542BE1BBC53E6174E2
Serial number 70 BA E4 1D 10 D9 29 34 B6 38 CA 7B 03 CC BA BF
PE header basic information
Target machine x64
Compilation timestamp 2011-11-29 07:17:48
Entry Point 0x00045538
Number of sections 6
PE sections
Overlays
MD5 c903faabbb38baad0cadc62111410690
File type data
Offset 797184
Size 3232
Entropy 7.07
PE imports
RegCreateKeyExW
RegCloseKey
RegSetValueExW
GetUserNameW
RegOpenKeyExW
RegQueryValueExW
ImageList_GetIcon
InitCommonControlsEx
ImageList_Create
ImageList_ReplaceIcon
ImageList_Destroy
CreatePolygonRgn
TextOutW
CreateFontIndirectW
CreatePen
Rectangle
PaintRgn
CreateCompatibleDC
SelectObject
DeleteObject
GetObjectW
BitBlt
GetCurrentObject
ExtTextOutW
RectVisible
GetStockObject
PtVisible
RoundRect
CreateRectRgn
GetTextExtentPoint32W
GetTextColor
CreateSolidBrush
DPtoLP
Escape
GetBkColor
CreateCompatibleBitmap
GetSystemTime
GetLastError
InitializeCriticalSectionAndSpinCount
CopyFileW
EnterCriticalSection
GetModuleFileNameW
OpenThread
WaitForSingleObject
FreeLibrary
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
OutputDebugStringA
GlobalUnlock
lstrlenW
WinExec
DeleteCriticalSection
GetCurrentProcess
RemoveDirectoryW
GetCurrentProcessId
ActivateActCtx
RtlVirtualUnwind
WideCharToMultiByte
UnhandledExceptionFilter
MultiByteToWideChar
SystemTimeToTzSpecificLocalTime
DeleteFileW
GetProcAddress
RtlCaptureContext
GetStartupInfoW
GetTickCount64
lstrcpynW
EnumResourceNamesW
WriteFile
GetFileSizeEx
CreateThread
LoadLibraryW
GetSystemDirectoryW
DeactivateActCtx
SetUnhandledExceptionFilter
GetTempPathW
CreateMutexW
CloseHandle
GetSystemTimeAsFileTime
FindFirstFileW
GlobalLock
DecodePointer
GetModuleHandleW
SetEvent
TerminateProcess
ResumeThread
CreateEventW
InitializeCriticalSection
OutputDebugStringW
OpenEventW
CreateFileW
RtlLookupFunctionEntry
FindClose
Sleep
MoveFileW
EncodePointer
GetCurrentThreadId
SetLastError
LeaveCriticalSection
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
_purecall
__wgetmainargs
wcsftime
sscanf
rand
memset
_time64
__dllonexit
_snwprintf
__RTDynamicCast
_vsnprintf_s
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
strcat_s
wcscpy_s
_fmode
strncpy
_cexit
?terminate@@YAXXZ
__C_specific_handler
memcpy_s
strnlen
_lock
_vswprintf
_onexit
exit
_XcptFilter
_commode
__setusermatherr
strcpy_s
_initterm_e
wcsrchr
_wcmdln
_amsg_exit
srand
tolower
_localtime64_s
_unlock
wcsncpy
memcmp
??1exception@std@@UEAA@XZ
memcpy
??0exception@std@@QEAA@AEBV01@@Z
wcsstr
_CxxThrowException
free
?what@exception@std@@UEBAPEBDXZ
_initterm
wcsnlen
sprintf_s
wcscat_s
strstr
__CxxFrameHandler3
_wmkdir
_vsnwprintf_s
memmove
??0exception@std@@QEAA@AEBQEBD@Z
malloc
_vswprintf_c_l
swprintf_s
__crt_debugger_hook
_configthreadlocale
_exit
_wtoi
__set_app_type
VariantClear
QuerryInterfaceHandle
CreateClientInstanceHandle
UninitOutLookLibHandle
ExportVObjectFromOffice
InitOutLookLibHandle
DestroyClientInstanceHandle
Ord(39)
Ord(41)
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Status
DragQueryFileW
DragAcceptFiles
SHGetPathFromIDListW
ShellExecuteW
Ord(165)
SHGetSpecialFolderLocation
SHGetFileInfoW
Shell_NotifyIconW
SHGetSpecialFolderPathW
SHGetMalloc
PathStripPathW
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
StrCpyW
StrCatW
PathFindExtensionW
StrCmpIW
PathIsDirectoryW
RegisterWindowMessageW
SetWindowLongPtrW
GetForegroundWindow
GetParent
EnableWindow
UpdateWindow
DrawTextExW
LoadBitmapW
GetMessageW
EnumWindows
DefWindowProcW
FindWindowW
KillTimer
ChangeWindowMessageFilter
PostQuitMessage
ScreenToClient
ShowWindow
LoadMenuW
SetWindowPos
RemoveMenu
GetWindowThreadProcessId
GetSystemMetrics
SetWindowLongW
IsWindow
SendMessageW
GrayStringW
GetWindowRect
InflateRect
FrameRect
IsRectEmpty
GetClassInfoW
AppendMenuW
RegisterDeviceNotificationW
TranslateMessage
GetWindow
PostMessageW
GetSysColor
DispatchMessageW
SetActiveWindow
GetDC
GetCursorPos
ReleaseDC
GetIconInfo
DrawEdge
DestroyIcon
RedrawWindow
RegisterClassW
wsprintfW
DrawIconEx
IsWindowVisible
GetWindowLongPtrW
GetTopWindow
LoadStringW
GetClientRect
GetDlgItem
DrawTextW
BringWindowToTop
GetSubMenu
EnableMenuItem
ClientToScreen
SetRect
DeleteMenu
InvalidateRect
DrawFocusRect
SetTimer
LoadImageW
PostThreadMessageW
FillRect
AttachThreadInput
CopyRect
GetWindowTextW
GetDesktopWindow
UnregisterDeviceNotification
LockWindowUpdate
LoadIconW
GetFocus
CreateWindowExW
TabbedTextOutW
GetWindowLongW
SetForegroundWindow
DestroyWindow
PtInRect
timeKillEvent
timeSetEvent
WSAStartup
WSACleanup
BluetoothFindNextDevice
BluetoothGetRadioInfo
BluetoothSelectDevices
BluetoothFindFirstRadio
BluetoothGetDeviceInfo
BluetoothEnumerateInstalledServices
BluetoothSelectDevicesFree
BluetoothFindFirstDevice
BluetoothFindRadioClose
GdiplusShutdown
GdipDisposeImage
GdipGetImageRawFormat
GdipLoadImageFromFile
GdipAlloc
GdipFree
GdipCloneImage
GdiplusStartup
Ord(445)
Ord(3998)
Ord(5654)
Ord(12803)
Ord(7803)
Ord(2884)
Ord(4265)
Ord(1953)
Ord(7327)
Ord(13193)
Ord(3829)
Ord(10658)
Ord(1868)
Ord(13017)
Ord(5570)
Ord(5997)
Ord(2541)
Ord(7657)
Ord(10651)
Ord(2794)
Ord(8770)
Ord(4476)
Ord(4199)
Ord(13013)
Ord(6669)
Ord(5616)
Ord(4130)
Ord(3367)
Ord(2688)
Ord(1248)
Ord(10642)
Ord(1923)
Ord(7727)
Ord(3277)
Ord(8084)
Ord(2117)
Ord(12165)
Ord(13782)
Ord(7088)
Ord(2663)
Ord(12208)
Ord(6660)
Ord(11150)
Ord(7597)
Ord(11832)
Ord(4228)
Ord(8512)
Ord(13752)
Ord(6610)
Ord(13826)
Ord(12387)
Ord(369)
Ord(10336)
Ord(8174)
Ord(9216)
Ord(2846)
Ord(991)
Ord(3942)
Ord(8335)
Ord(1204)
Ord(4907)
Ord(13001)
Ord(959)
Ord(5344)
Ord(408)
Ord(5562)
Ord(4256)
Ord(7598)
Ord(7663)
Ord(5340)
Ord(3163)
Ord(5582)
Ord(8345)
Ord(5248)
Ord(410)
Ord(2025)
Ord(10764)
Ord(3353)
Ord(5255)
Ord(8221)
Ord(2141)
Ord(1244)
Ord(2577)
Ord(1276)
Ord(7627)
Ord(4910)
Ord(12418)
Ord(6451)
Ord(4610)
Ord(13687)
Ord(4059)
Ord(6085)
Ord(4123)
Ord(732)
Ord(1290)
Ord(280)
Ord(11393)
Ord(1454)
Ord(13680)
Ord(10626)
Ord(296)
Ord(12157)
Ord(740)
Ord(13189)
Ord(1222)
Ord(1486)
Ord(7226)
Ord(1258)
Ord(11674)
Ord(2531)
Ord(7959)
Ord(266)
Ord(13767)
Ord(13475)
Ord(6959)
Ord(5637)
Ord(878)
Ord(867)
Ord(3295)
Ord(10892)
Ord(7606)
Ord(2853)
Ord(2343)
Ord(10922)
Ord(10414)
Ord(1190)
Ord(11860)
Ord(5888)
Ord(3486)
Ord(3850)
Ord(2659)
Ord(6467)
Ord(13768)
Ord(5790)
Ord(8347)
Ord(13192)
Ord(4223)
Ord(11614)
Ord(10101)
Ord(923)
Ord(5994)
Ord(5090)
Ord(1996)
Ord(2858)
Ord(8330)
Ord(885)
Ord(9019)
Ord(5840)
Ord(7222)
Ord(4198)
Ord(12898)
Ord(3484)
Ord(5049)
Ord(10763)
Ord(1278)
Ord(1457)
Ord(904)
Ord(4755)
Ord(3306)
Ord(3362)
Ord(2805)
Ord(11158)
Ord(4317)
Ord(11885)
Ord(7096)
Ord(10169)
Ord(6964)
Ord(769)
Ord(4570)
Ord(1710)
Ord(5426)
Ord(265)
Ord(12560)
Ord(1312)
Ord(10926)
Ord(5879)
Ord(2458)
Ord(3310)
Ord(2354)
Ord(3562)
Ord(6670)
Ord(5112)
Ord(9747)
Ord(13003)
Ord(859)
Ord(4989)
Ord(5560)
Ord(5568)
Ord(3857)
Ord(11618)
Ord(11197)
Ord(958)
Ord(2829)
Ord(7957)
Ord(856)
Ord(2444)
Ord(5609)
Ord(9138)
Ord(6402)
Ord(11015)
Ord(11650)
Ord(7624)
Ord(1490)
Ord(10910)
Ord(411)
Ord(11611)
Ord(8037)
Ord(10805)
Ord(4473)
Ord(4270)
Ord(5052)
Ord(3611)
Ord(12503)
Ord(3605)
Ord(7321)
Ord(2023)
Ord(285)
Ord(7961)
Ord(1452)
Ord(4758)
Ord(290)
Ord(12581)
Ord(11465)
Ord(4240)
Ord(908)
Ord(4200)
Ord(1262)
Ord(1497)
Ord(7227)
Ord(11675)
Ord(12927)
Ord(3282)
Ord(12987)
Ord(2530)
Ord(4620)
Ord(11157)
Ord(12163)
Ord(5636)
Ord(770)
Ord(6992)
Ord(1252)
Ord(6898)
Ord(7968)
Ord(10798)
Ord(12199)
Ord(10891)
Ord(8765)
Ord(4955)
Ord(11362)
Ord(12677)
Ord(3487)
Ord(11517)
Ord(10845)
Ord(5850)
Ord(7608)
Ord(4952)
Ord(12251)
Ord(4253)
Ord(11035)
Ord(13769)
Ord(3320)
Ord(7315)
Ord(13191)
Ord(2731)
Ord(11480)
Ord(13009)
Ord(1418)
Ord(4554)
Ord(4219)
Ord(12830)
Ord(2019)
Ord(5064)
Ord(3625)
Ord(4274)
Ord(11012)
Ord(2859)
Ord(8038)
Ord(1877)
Ord(890)
Ord(11145)
Ord(11175)
Ord(975)
Ord(5243)
Ord(4236)
Ord(3610)
Ord(2137)
Ord(3602)
Ord(4244)
Ord(2791)
Ord(1270)
Ord(12359)
Ord(7870)
Ord(4612)
Ord(362)
Ord(4348)
Ord(9734)
Ord(7955)
Ord(2109)
Ord(3312)
Ord(12155)
Ord(11542)
Ord(6123)
Ord(3543)
Ord(11856)
Ord(6837)
Ord(5871)
Ord(11683)
Ord(7964)
Ord(11548)
Ord(4623)
Ord(12255)
Ord(13002)
Ord(2527)
Ord(13765)
Ord(12563)
Ord(6895)
Ord(10841)
Ord(5910)
Ord(12068)
Ord(5338)
Ord(5021)
Ord(1900)
Ord(7064)
Ord(12570)
Ord(6775)
Ord(11658)
Ord(4935)
Ord(948)
Ord(5853)
Ord(2657)
Ord(12761)
Ord(957)
Ord(2751)
Ord(4539)
Ord(857)
Ord(5834)
Ord(2885)
Ord(13055)
Ord(3836)
Ord(4043)
Ord(2050)
Ord(11483)
Ord(6066)
Ord(3704)
Ord(13036)
Ord(4232)
Ord(6853)
Ord(4248)
Ord(1274)
Ord(4196)
Ord(7960)
Ord(11828)
Ord(1304)
Ord(3608)
Ord(12272)
Ord(5580)
Ord(4131)
Ord(7094)
Ord(286)
Ord(6609)
Ord(336)
Ord(2680)
Ord(5894)
Ord(2533)
Ord(776)
Ord(8290)
Ord(11192)
Ord(6836)
Ord(4737)
Ord(1288)
Ord(6737)
Ord(5317)
Ord(4440)
Ord(1716)
Ord(10918)
Ord(11184)
Ord(984)
Ord(12574)
Ord(4715)
Ord(9189)
Ord(2355)
Ord(7013)
Ord(4457)
Ord(7609)
Ord(2687)
Ord(992)
Ord(8200)
Ord(7596)
Ord(2346)
Ord(3309)
Ord(1956)
Ord(13190)
Ord(5600)
Ord(5574)
Ord(4926)
Ord(13008)
Ord(5345)
Ord(2754)
Ord(5563)
Ord(409)
Ord(10928)
Ord(4261)
Ord(3078)
Ord(3622)
Ord(7246)
Ord(784)
Ord(4117)
Ord(4976)
Ord(5998)
Ord(3989)
Ord(1479)
Ord(926)
Ord(11174)
Ord(9024)
Ord(3613)
Ord(13033)
Ord(1247)
Ord(3843)
Ord(1492)
Ord(2138)
Ord(4349)
Ord(11463)
Ord(733)
Ord(1291)
Ord(1994)
Ord(13681)
Ord(12416)
Ord(3364)
Ord(1260)
Ord(12156)
Ord(13188)
Ord(6962)
Ord(2029)
Ord(11673)
Ord(6923)
Ord(4195)
Ord(6954)
Ord(7967)
Ord(2759)
Ord(12889)
Ord(12434)
Ord(13766)
Ord(13019)
Ord(2286)
Ord(2674)
Ord(12578)
Ord(4826)
Ord(11523)
Ord(1250)
Ord(868)
Ord(3997)
Ord(2760)
Ord(1173)
ReleaseStgMedium
CoCreateGuid
OleUninitialize
OleInitialize
Ord(26)
Ord(27)
PE exports
Number of PE resources by type
RT_ICON 63
RT_BITMAP 26
RT_GROUP_ICON 19
Struct(241) 3
RT_MANIFEST 1
MUI 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 114
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.2

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.4.0.110

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
457728

EntryPoint
0x45538

OriginalFileName
AthBtTray.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 2001-2011 Atheros Communications, Inc. All rights reserved.

FileVersion
7.4.0.110

TimeStamp
2011:11:29 08:17:48+01:00

FileType
Win64 EXE

PEType
PE32+

InternalName
AthBtTray.exe

ProductVersion
7.4.0.110

FileDescription
Bluetooth Tray

OSVersion
5.2

FileOS
Win32

Subsystem
Windows GUI

MachineType
AMD AMD64

CompanyName
Atheros Commnucations

CodeSize
338432

ProductName
Bluetooth Software

ProductVersionNumber
7.4.0.110

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 2a0333d6a08b1e5184e61f051efec580
SHA1 0a66f6ea0b42af0b28a4f3bea23930340ee82173
SHA256 1334bca2def8e1773e0f50d813d63e79068b7a40b00f2cf8f5dc858aebb14055
ssdeep
12288:6nuIPT73LlidBVvknUxnMpd4BvWwD0XdTQHIQvvvvvvvvvvvvvvvvvvvvvvvivva:63PTtijVzpWqi1QHIM0Wn

authentihash b1a1bc5ffa5ad7efc2152c4de400a49a478bc519e12e0f7facc463904783c517
imphash e072226eb1e4c811ee11c3dd26544f9b
File size 781.7 KB ( 800416 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI) Mono/.Net assembly

TrID Generic Win/DOS Executable (50.0%)
DOS Executable Generic (49.9%)
Tags
peexe assembly overlay revoked-cert signed 64bits

VirusTotal metadata
First submission 2012-11-16 15:01:06 UTC ( 6 years, 5 months ago )
Last submission 2017-02-19 02:25:57 UTC ( 2 years, 2 months ago )
File names ATHBTTRAY.EXE
AthBtTray.exe
.
AthBtTray.exe
AthBtTray.exe
AthBtTray.exe
vt-upload-QecM3D
athbttray.exe
athbttray.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!