× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1704e951783df7cb792490932820f73278a94c2bd51b1914a469db69f6f0e010
File name: ACDSeeUltimateSetup.exe
Detection ratio: 0 / 68
Analysis date: 2019-04-20 15:15:02 UTC ( 1 month ago ) View latest
Antivirus Result Update
Acronis 20190419
Ad-Aware 20190420
AegisLab 20190420
AhnLab-V3 20190420
Alibaba 20190402
ALYac 20190420
Antiy-AVL 20190419
Arcabit 20190420
Avast 20190420
Avast-Mobile 20190415
AVG 20190420
Avira (no cloud) 20190420
Babable 20180918
Baidu 20190318
BitDefender 20190420
Bkav 20190420
CAT-QuickHeal 20190420
ClamAV 20190420
CMC 20190321
Comodo 20190420
CrowdStrike Falcon (ML) 20190212
Cybereason 20190417
Cyren 20190420
DrWeb 20190420
eGambit 20190420
Emsisoft 20190420
Endgame 20190403
ESET-NOD32 20190420
F-Secure 20190420
FireEye 20190420
Fortinet 20190420
GData 20190420
Ikarus 20190420
Sophos ML 20190313
Jiangmin 20190420
K7AntiVirus 20190420
K7GW 20190420
Kaspersky 20190420
Kingsoft 20190420
Malwarebytes 20190420
MAX 20190420
MaxSecure 20190420
McAfee 20190420
McAfee-GW-Edition 20190420
Microsoft 20190420
eScan 20190420
NANO-Antivirus 20190420
Palo Alto Networks (Known Signatures) 20190420
Panda 20190420
Qihoo-360 20190420
Rising 20190420
SentinelOne (Static ML) 20190420
Sophos AV 20190420
SUPERAntiSpyware 20190418
Symantec Mobile Insight 20190418
TACHYON 20190420
Tencent 20190420
TheHacker 20190419
TotalDefense 20190416
Trapmine 20190325
TrendMicro-HouseCall 20190420
Trustlook 20190420
VBA32 20190419
VIPRE 20190419
ViRobot 20190420
Yandex 20190419
Zillya 20190419
ZoneAlarm by Check Point 20190420
Zoner 20190420
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (c) 2018 ACD Systems International Inc.

Product ACD_WebInstaller(EN-ESD02)
File version 1.0.0.0
Description ACD_WebInstaller(EN-ESD02)
Signature verification Signed file, verified signature
Signing date 9:30 PM 9/21/2018
Signers
[+] ACD Systems International Inc.
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Symantec Class 3 SHA256 Code Signing CA
Valid from 12:00 AM 04/07/2017
Valid to 11:59 PM 04/07/2019
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 11BEB5CCE664860755959C2367FC9B27E5801626
Serial number 26 6C 9B 76 47 C8 A1 00 16 BD 71 8C 6C 40 BD 9F
[+] Symantec Class 3 SHA256 Code Signing CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 01:00 AM 12/10/2013
Valid to 12:59 AM 12/10/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint 007790F6561DAD89B0BCD85585762495E358F8A5
Serial number 3D 78 D7 F9 76 49 60 B2 61 7D F4 F0 1E CA 86 2A
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 01:00 AM 11/08/2006
Valid to 11:59 PM 07/16/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 12:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 01:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 01:00 AM 01/01/1997
Valid to 12:59 AM 01/01/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT NSIS, appended, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-01-30 03:57:31
Entry Point 0x000031D6
Number of sections 5
PE sections
Overlays
MD5 34c16dd952456fcc2750051b6cf242a3
File type data
Offset 233472
Size 926632
Entropy 8.00
PE imports
RegDeleteKeyA
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
OpenProcessToken
RegSetValueExA
RegQueryValueExA
AdjustTokenPrivileges
RegEnumKeyA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
ImageList_Create
Ord(17)
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
SelectObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetBkColor
DeleteObject
SetTextColor
GetLastError
lstrlenA
GetFileAttributesA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
CopyFileA
ExitProcess
SetFileTime
GlobalUnlock
RemoveDirectoryA
GetModuleFileNameA
GetShortPathNameA
GetCurrentProcess
LoadLibraryExA
CompareFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileSize
lstrcatA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetErrorMode
MultiByteToWideChar
ExpandEnvironmentStringsA
GetCommandLineA
GetProcAddress
GetFullPathNameA
GetModuleHandleA
GetTempPathA
CreateThread
lstrcmpiA
SetFilePointer
lstrcmpA
ReadFile
WriteFile
FindFirstFileA
CloseHandle
GetTempFileNameA
lstrcpynA
FindNextFileA
GetSystemDirectoryA
GetDiskFreeSpaceA
MoveFileExA
GlobalLock
SetEnvironmentVariableA
SetFileAttributesA
FreeLibrary
MoveFileA
CreateProcessA
lstrcpyA
GlobalAlloc
SearchPathA
FindClose
Sleep
CreateFileA
GetTickCount
GetVersion
SetCurrentDirectoryA
MulDiv
SHGetFileInfoA
ShellExecuteExA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHFileOperationA
EmptyClipboard
GetMessagePos
CharPrevA
EndDialog
BeginPaint
PostQuitMessage
DefWindowProcA
GetClassInfoA
SetClassLongA
LoadBitmapA
SetWindowPos
GetSystemMetrics
IsWindow
AppendMenuA
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
MessageBoxIndirectA
LoadImageA
GetDlgItemTextA
PeekMessageA
SetWindowLongA
IsWindowEnabled
GetSysColor
CheckDlgButton
GetDC
FindWindowExA
ReleaseDC
SystemParametersInfoA
CreatePopupMenu
wsprintfA
ShowWindow
SetClipboardData
IsWindowVisible
SendMessageA
DialogBoxParamA
GetClientRect
SetTimer
GetDlgItem
SetForegroundWindow
CreateDialogParamA
SetWindowTextA
EnableMenuItem
ScreenToClient
InvalidateRect
GetWindowLongA
SendMessageTimeoutA
CreateWindowExA
LoadCursorA
TrackPopupMenu
DrawTextA
DestroyWindow
FillRect
RegisterClassA
CharNextA
CallWindowProcA
GetSystemMenu
EndPaint
CloseClipboard
OpenClipboard
ExitWindowsEx
SetCursor
OleUninitialize
CoTaskMemFree
OleInitialize
CoCreateInstance
Number of PE resources by type
RT_ICON 13
RT_DIALOG 3
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 19
PE resources
ExifTool file metadata
UninitializedDataSize
1024

LinkerVersion
6.0

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
ACD_WebInstaller(EN-ESD02)

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
118784

EntryPoint
0x31d6

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 2018 ACD Systems International Inc.

FileVersion
1.0.0.0

TimeStamp
2018:01:30 04:57:31+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
24576

ProductName
ACD_WebInstaller(EN-ESD02)

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 c7e2a6e8d1029353ac20cdb6f5515fe9
SHA1 3669bb4eeb6603b5992c32fcc1dc5c3b600bdca1
SHA256 1704e951783df7cb792490932820f73278a94c2bd51b1914a469db69f6f0e010
ssdeep
24576:tFhGknY4AkKCbGmgr3cjbQQaOsQgwg1Jd8Flq0e2y9C:trPbbbGV3cHQQagE38/q0A9C

authentihash 022c346d55af61fed2f2e9124f08699741ce6befd674fc38fb0b49ca0c9e3597
imphash 3abe302b6d9a1256e6a915429af4ffd2
File size 1.1 MB ( 1160104 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (64.5%)
Win32 Dynamic Link Library (generic) (13.6%)
Win32 Executable (generic) (9.3%)
OS/2 Executable (generic) (4.1%)
Generic Win/DOS Executable (4.1%)
Tags
nsis peexe signed overlay

VirusTotal metadata
First submission 2018-09-30 03:52:23 UTC ( 7 months, 3 weeks ago )
Last submission 2019-05-15 07:00:23 UTC ( 1 week, 2 days ago )
File names ACDSeeUltimateSetup.exe
acdsee-ultimate-cnet.exe
1048295
acdseeultimatesetup.exe
ACDSeeUltimateSetup.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Created mutexes
Runtime DLLs