× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1de7f51f623f50cd426057fe590844c457b8f847d57291fb9317f910e5c5f15e
File name: fast_folder_eraser_pro_setup.exe
Detection ratio: 0 / 67
Analysis date: 2018-09-21 09:39:17 UTC ( 7 months ago ) View latest
Antivirus Result Update
Ad-Aware 20180921
AegisLab 20180921
AhnLab-V3 20180921
Alibaba 20180912
ALYac 20180921
Antiy-AVL 20180920
Arcabit 20180921
Avast 20180921
Avast-Mobile 20180921
AVG 20180921
Avira (no cloud) 20180921
AVware 20180921
Babable 20180918
Baidu 20180914
BitDefender 20180921
Bkav 20180919
CAT-QuickHeal 20180918
ClamAV 20180921
CMC 20180920
Comodo 20180921
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180921
Cyren 20180921
DrWeb 20180921
eGambit 20180921
Emsisoft 20180921
Endgame 20180730
ESET-NOD32 20180921
F-Prot 20180921
F-Secure 20180921
Fortinet 20180921
GData 20180921
Ikarus 20180921
Sophos ML 20180717
Jiangmin 20180921
K7AntiVirus 20180921
K7GW 20180921
Kaspersky 20180921
Kingsoft 20180921
Malwarebytes 20180921
MAX 20180921
McAfee 20180921
McAfee-GW-Edition 20180921
eScan 20180921
NANO-Antivirus 20180921
Palo Alto Networks (Known Signatures) 20180921
Panda 20180920
Qihoo-360 20180921
Rising 20180921
SentinelOne (Static ML) 20180830
Sophos AV 20180921
SUPERAntiSpyware 20180907
Symantec 20180921
Symantec Mobile Insight 20180918
TACHYON 20180921
Tencent 20180921
TheHacker 20180920
TrendMicro 20180921
TrendMicro-HouseCall 20180921
Trustlook 20180921
VBA32 20180921
VIPRE 20180921
ViRobot 20180921
Webroot 20180921
Yandex 20180920
Zillya 20180920
ZoneAlarm by Check Point 20180921
Zoner 20180920
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright

Product Fast Folder Eraser Pro
File version 3.8.0.0
Description Fast Folder Eraser Pro Setup
Comments This installation was built with Inno Setup.
Signature verification Signed file, verified signature
Signing date 12:38 AM 11/27/2017
Signers
[+] NoVirusThanks Company Srl
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer GlobalSign CodeSigning CA - G3
Valid from 1:03 PM 4/7/2017
Valid to 4:31 PM 7/25/2018
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 2401CD7AEF2124D59D52A7A6E0761093F79AE58D
Serial number 67 71 16 C6 12 60 74 59 7B 72 5D F5
[+] GlobalSign CodeSigning CA - G3
Status Valid
Issuer GlobalSign Root CA
Valid from 1:00 AM 3/16/2016
Valid to 1:00 AM 3/16/2024
Valid usage Code Signing, OCSP Signing
Algorithm sha1RSA
Thumbprint F1E7B6C0C10DA9436ECC04FF5FC3B6916B46CF4C
Serial number 47 C3 0F FE FC 22 BB 28 0F 96 FE A7 52 51
[+] GlobalSign Root CA - R1
Status Valid
Issuer GlobalSign Root CA
Valid from 1:00 PM 9/1/1998
Valid to 1:00 PM 1/28/2028
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, IPSEC IKE Intermediate
Algorithm sha1RSA
Thumbprint B1BC968BD4F49D622AA89A81F2150152A41D829C
Serial number 04 00 00 00 00 01 15 4B 5A C3 94
Counter signers
[+] GlobalSign TSA for MS Authenticode - G2
Status Valid
Issuer GlobalSign Timestamping CA - G2
Valid from 1:00 AM 5/24/2016
Valid to 1:00 AM 6/24/2027
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 63B82FAB61F583909695050B00249C502933EC79
Serial number 11 21 D6 99 A7 64 97 3E F1 F8 42 7E E9 19 CC 53 41 14
[+] GlobalSign Timestamping CA - G2
Status Valid
Issuer GlobalSign Root CA
Valid from 11:00 AM 4/13/2011
Valid to 1:00 PM 1/28/2028
Valid usage All
Algorithm sha1RSA
Thumbrint C0E49D2D7D90A5CD427F02D9125694D5D6EC5B71
Serial number 04 00 00 00 00 01 2F 4E E1 52 D7
[+] GlobalSign Root CA - R1
Status Valid
Issuer GlobalSign Root CA
Valid from 1:00 PM 9/1/1998
Valid to 1:00 PM 1/28/2028
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, IPSEC IKE Intermediate
Algorithm sha1RSA
Thumbrint B1BC968BD4F49D622AA89A81F2150152A41D829C
Serial number 04 00 00 00 00 01 15 4B 5A C3 94
Packers identified
F-PROT INNO
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x0000AA98
Number of sections 8
PE sections
Overlays
MD5 d797a1e8eb0f215cbdb3e12ac2dc58da
File type data
Offset 57856
Size 1618192
Entropy 8.00
PE imports
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegQueryValueExA
AdjustTokenPrivileges
RegOpenKeyExA
InitCommonControls
GetSystemTime
GetLastError
GetEnvironmentVariableA
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
GetSystemInfo
GetFileAttributesA
GetExitCodeProcess
ExitProcess
CreateDirectoryA
VirtualProtect
GetVersionExA
RemoveDirectoryA
RtlUnwind
LoadLibraryA
GetACP
DeleteCriticalSection
GetCurrentProcess
SizeofResource
GetLocaleInfoA
LocalAlloc
LockResource
IsDBCSLeadByte
DeleteFileA
GetWindowsDirectoryA
GetSystemDefaultLCID
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GetProcAddress
FormatMessageA
SetFilePointer
RaiseException
WideCharToMultiByte
GetModuleHandleA
ReadFile
InterlockedExchange
WriteFile
CloseHandle
GetSystemDirectoryA
GetFullPathNameA
LocalFree
CreateProcessA
GetModuleFileNameA
InitializeCriticalSection
LoadResource
VirtualQuery
VirtualFree
TlsGetValue
Sleep
GetFileType
SetEndOfFile
TlsSetValue
CreateFileA
GetVersion
FindResourceA
VirtualAlloc
GetFileSize
SetLastError
LeaveCriticalSection
SysStringLen
SysAllocStringLen
VariantCopyInd
VariantClear
VariantChangeTypeEx
CharPrevA
CreateWindowExA
LoadStringA
DispatchMessageA
CallWindowProcA
MessageBoxA
PeekMessageA
SetWindowLongA
MsgWaitForMultipleObjects
TranslateMessage
ExitWindowsEx
DestroyWindow
Number of PE resources by type
RT_STRING 6
RT_ICON 4
RT_MANIFEST 1
RT_RCDATA 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
ENGLISH US 7
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
3.8.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Fast Folder Eraser Pro Setup

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Unicode

InitializedDataSize
15360

EntryPoint
0xaa98

MIMEType
application/octet-stream

FileVersion
3.8.0.0

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
3.8.0.0

UninitializedDataSize
0

OSVersion
1.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
NoVirusThanks Company Srl

CodeSize
41472

ProductName
Fast Folder Eraser Pro

ProductVersionNumber
3.8.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 65de046abed82e8f426625ab4fa64073
SHA1 86d78d0da9f3495567b64dc1ac90c94bbd1aa541
SHA256 1de7f51f623f50cd426057fe590844c457b8f847d57291fb9317f910e5c5f15e
ssdeep
49152:x75wb0FPQLn1+FvRw9TRnC6t4e5wfBan/KocwGBCE5AEUYnqhuhb:J5m0FPQLn1+Fv2Rnd5w0cbUYnqu

authentihash 262a1aea7bd695b913b709e801820bf31ec8912e3dac3fe0befc8434ead2e4d7
imphash 2fb819a19fe4dee5c03e8c6a79342f79
File size 1.6 MB ( 1676048 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Inno Setup installer (76.6%)
Win32 Executable Delphi generic (9.9%)
Win32 Dynamic Link Library (generic) (4.5%)
Win32 Executable (generic) (3.1%)
Win16/32 Executable Delphi generic (1.4%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2017-11-30 05:34:29 UTC ( 1 year, 4 months ago )
Last submission 2019-01-03 08:37:18 UTC ( 3 months, 2 weeks ago )
File names fast_folder_eraser_pro_setup.exe
fast_folder_eraser_pro_3.8.exe
fast_folder_eraser_pro_setup.exe
1DE7F51F623F50CD426057FE590844C457B8F847D57291FB9317F910E5C5F15E.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Created mutexes
Runtime DLLs
UDP communications