× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 15941e625ecd90ea15a44d16d14305f5d0b3ada2ab493231fc45295361535bc1
File name: sweet-home-3d-4-0-es-en-br-fr-de-it-cn-jp-ru-pl-gr-se-win.exe
Detection ratio: 1 / 54
Analysis date: 2014-06-11 23:42:33 UTC ( 4 years, 6 months ago ) View latest
Antivirus Result Update
ESET-NOD32 Win32/OpenCandy 20140611
Ad-Aware 20140611
AegisLab 20140611
Yandex 20140610
AhnLab-V3 20140611
AntiVir 20140611
Antiy-AVL 20140611
Avast 20140611
AVG 20140611
Baidu-International 20140611
BitDefender 20140611
Bkav 20140611
ByteHero 20140612
CAT-QuickHeal 20140611
ClamAV 20140611
CMC 20140610
Commtouch 20140611
Comodo 20140611
DrWeb 20140611
Emsisoft 20140612
F-Prot 20140611
F-Secure 20140612
Fortinet 20140611
GData 20140611
Ikarus 20140611
Jiangmin 20140611
K7AntiVirus 20140611
K7GW 20140611
Kaspersky 20140612
Kingsoft 20140612
Malwarebytes 20140611
McAfee 20140611
McAfee-GW-Edition 20140612
Microsoft 20140611
eScan 20140612
NANO-Antivirus 20140611
Norman 20140611
nProtect 20140611
Panda 20140611
Qihoo-360 20140612
Rising 20140611
Sophos AV 20140611
SUPERAntiSpyware 20140611
Symantec 20140612
Tencent 20140612
TheHacker 20140610
TotalDefense 20140611
TrendMicro 20140611
TrendMicro-HouseCall 20140612
VBA32 20140611
VIPRE 20140611
ViRobot 20140611
Zillya 20140611
Zoner 20140611
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (c) 2007-2013 eTeks

Product Sweet Home 3D
File version 4.0
Description Sweet Home 3D Setup
Comments This installation was built with Inno Setup.
Signature verification A certificate was explicitly revoked by its issuer.
Signers
[+] Emmanuel Puybaret
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown., Error 65536 (0x10000), The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer GlobalSign ObjectSign CA
Valid from 6:13 PM 5/3/2011
Valid to 6:13 PM 5/3/2014
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint D3DCBC56502F3D96D359DD35A66240E40E6B4530
Serial number 01 00 00 00 00 01 2F B6 E5 A3 94
[+] GlobalSign ObjectSign CA
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown., Error 65536 (0x10000), The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer GlobalSign Primary Object Publishing CA
Valid from 11:00 AM 1/22/2004
Valid to 12:00 PM 1/27/2017
Valid usage All
Algorithm sha1RSA
Thumbprint B859853EF366AC9335763C340A87BD208113055F
Serial number 04 00 00 00 00 01 1E 44 A5 EC BE
[+] GlobalSign Primary Object Publishing CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer GlobalSign Root CA
Valid from 2:00 PM 1/28/1999
Valid to 1:00 PM 1/27/2017
Valid usage All
Algorithm sha1RSA
Thumbprint 1AAF4DF10D36215E09E4EEFD70E340C2E4DECF38
Serial number 04 00 00 00 00 01 1E 44 A5 E2 4E
[+] GlobalSign Root CA - R1
Status Valid
Issuer GlobalSign Root CA
Valid from 1:00 PM 9/1/1998
Valid to 1:00 PM 1/28/2028
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, IPSEC IKE Intermediate
Algorithm sha1RSA
Thumbprint B1BC968BD4F49D622AA89A81F2150152A41D829C
Serial number 04 00 00 00 00 01 15 4B 5A C3 94
Packers identified
F-PROT INNO, ARJ, appended
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00009C40
Number of sections 8
PE sections
Overlays
MD5 cb92fcd6516b08ffc3ee38ab068a6355
File type data
Offset 54272
Size 33545056
Entropy 8.00
PE imports
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegQueryValueExA
AdjustTokenPrivileges
RegOpenKeyExA
InitCommonControls
GetSystemTime
GetLastError
GetEnvironmentVariableA
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
GetSystemInfo
GetFileAttributesA
GetExitCodeProcess
ExitProcess
CreateDirectoryA
VirtualProtect
GetVersionExA
RemoveDirectoryA
RtlUnwind
LoadLibraryA
DeleteCriticalSection
GetCurrentProcess
SizeofResource
GetLocaleInfoA
LocalAlloc
LockResource
IsDBCSLeadByte
DeleteFileA
GetWindowsDirectoryA
GetSystemDefaultLCID
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GetProcAddress
FormatMessageA
SetFilePointer
RaiseException
WideCharToMultiByte
GetModuleHandleA
ReadFile
InterlockedExchange
WriteFile
CloseHandle
GetACP
GetFullPathNameA
LocalFree
CreateProcessA
GetModuleFileNameA
InitializeCriticalSection
LoadResource
VirtualQuery
VirtualFree
TlsGetValue
Sleep
GetFileType
SetEndOfFile
TlsSetValue
CreateFileA
FindResourceA
VirtualAlloc
GetFileSize
SetLastError
LeaveCriticalSection
SysStringLen
SysAllocStringLen
VariantCopyInd
VariantClear
VariantChangeTypeEx
CharPrevA
CreateWindowExA
LoadStringA
DispatchMessageA
CallWindowProcA
MessageBoxA
PeekMessageA
SetWindowLongA
MsgWaitForMultipleObjects
TranslateMessage
ExitWindowsEx
DestroyWindow
Number of PE resources by type
RT_STRING 6
RT_ICON 4
RT_MANIFEST 1
RT_RCDATA 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
DUTCH 4
ENGLISH US 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
4.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
17920

EntryPoint
0x9c40

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 2007-2013 eTeks

FileVersion
4.0

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
4.0

ProductVersion
4.0

FileDescription
Sweet Home 3D Setup

OSVersion
1.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
eTeks

CodeSize
37888

ProductName
Sweet Home 3D

ProductVersionNumber
4.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 8eee4cb1968c30147f56b14d1869a3cc
SHA1 cf2eb58482134a7f5528e4d1bb32dacf82a53849
SHA256 15941e625ecd90ea15a44d16d14305f5d0b3ada2ab493231fc45295361535bc1
ssdeep
786432:pDhcSGtskq35tPK2ITrPNbo9ovXnyKlLlA:XcBhq354NbbviKRlA

authentihash 36244ff264498fa07f2fedf13aef7bbb4fe6fa9e7f75ba09916c10846b22e913
imphash 884310b1928934402ea6fec1dbd3cf5e
File size 32.0 MB ( 33599328 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Inno Setup installer (89.6%)
Win32 Executable (generic) (3.6%)
Win16/32 Executable Delphi generic (1.6%)
OS/2 Executable (generic) (1.6%)
Generic Win/DOS Executable (1.6%)
Tags
revoked-cert peexe software-collection signed overlay

VirusTotal metadata
First submission 2013-04-01 14:55:51 UTC ( 5 years, 8 months ago )
Last submission 2018-04-11 13:58:28 UTC ( 8 months, 1 week ago )
File names 354559
SweetHome3D-4.0-windows-oc.exe
sweet-home-3d-4-0-es-en-br-fr-de-it-cn-jp-ru-pl-gr-se-win.exe
SweetHome3D-4.0-windows-oc.exe
Интерьер дизайн.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!