× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1f9da12063adbcd1ad40b067c5a5bb3cb33088240f7d4df158b57384bdf77695
File name: EpicSetup.exe
Detection ratio: 1 / 47
Analysis date: 2013-09-11 09:33:20 UTC ( 7 months, 2 weeks ago ) View latest
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
Comodo Heur.Suspicious 20130911
AVG 20130911
Agnitum 20130910
AhnLab-V3 20130911
AntiVir 20130911
Antiy-AVL 20130911
Avast 20130911
Baidu-International 20130911
BitDefender 20130911
ByteHero 20130903
CAT-QuickHeal 20130911
ClamAV 20130910
Commtouch 20130911
DrWeb 20130911
ESET-NOD32 20130911
Emsisoft 20130911
F-Prot 20130911
F-Secure 20130911
Fortinet 20130911
GData 20130911
Ikarus 20130911
Jiangmin 20130903
K7AntiVirus 20130910
K7GW 20130910
Kaspersky 20130911
Kingsoft 20130829
Malwarebytes 20130911
McAfee 20130911
McAfee-GW-Edition 20130911
MicroWorld-eScan 20130911
Microsoft 20130911
NANO-Antivirus 20130911
Norman 20130911
PCTools 20130911
Panda 20130910
Rising 20130911
SUPERAntiSpyware 20130911
Sophos 20130911
Symantec 20130911
TheHacker 20130911
TotalDefense 20130911
TrendMicro 20130911
TrendMicro-HouseCall 20130911
VBA32 20130911
VIPRE 20130911
ViRobot 20130911
nProtect 20130911
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright 2007-2010 Google Inc.

Publisher Hidden Reflex
Product Epic Update
Original name EpicUpdateSetup.exe
Internal name Epic Update Setup
File version 1.3.27.0
Description Epic Update Setup
Signature verification Signed file, verified signature
Signing date 7:09 PM 9/4/2013
Signers
[+] Hidden Reflex
Status Valid
Valid from 1:00 AM 8/22/2013
Valid to 12:59 AM 8/23/2014
Valid usage Code Signing
Algorithm SHA1
Thumbrint 910C07518640D6357F20FDCC91EA6AE8A594009B
Serial number 00 A0 B0 D9 AA AE 85 62 F0 CE 35 F0 CA 29 7D 20 05
[+] COMODO Code Signing CA 2
Status Valid
Valid from 1:00 AM 8/24/2011
Valid to 11:48 AM 5/30/2020
Valid usage Code Signing
Algorithm SHA1
Thumbrint B64771392538D1EB7A9281998791C14AFD0C5035
Serial number 10 70 9D 4F F5 54 08 D7 30 60 01 D8 EA 91 75 BB
[+] UTN-USERFirst-Object
Status Valid
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm SHA1
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] USERTrust
Status Valid
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm SHA1
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm MD5
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-09-04 17:53:57
Entry Point 0x00001000
Number of sections 5
PE sections
PE imports
OpenThreadToken
SetThreadToken
RevertToSelf
GetStdHandle
GetConsoleOutputCP
WaitForSingleObject
HeapDestroy
DebugBreak
GetExitCodeProcess
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
OpenFileMappingA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
FormatMessageW
InitializeCriticalSection
OutputDebugStringW
TlsGetValue
OutputDebugStringA
SetLastError
LoadResource
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
EnumSystemLocalesA
SetConsoleCtrlHandler
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
FatalAppExitA
SetFilePointerEx
SetUnhandledExceptionFilter
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
VirtualQuery
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetDateFormatA
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetProcessHeap
GetTempFileNameW
CreateFileMappingW
CompareStringW
RemoveDirectoryW
HeapValidate
GetTimeFormatA
CreateFileMappingA
IsValidLocale
GetProcAddress
SetEvent
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
UnmapViewOfFile
GetSystemInfo
lstrlenA
GetConsoleCP
FindResourceW
LCMapStringA
GetEnvironmentStringsW
lstrlenW
CreateProcessW
GetEnvironmentStrings
GetCurrentProcessId
LockResource
WideCharToMultiByte
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
FindResourceExW
SizeofResource
IsValidCodePage
HeapCreate
GetTempPathW
VirtualFree
Sleep
IsBadReadPtr
OpenEventA
VirtualAlloc
CompareStringA
PathQuoteSpacesW
wvsprintfW
CharLowerBuffW
MessageBoxW
CoInitializeEx
CoUninitialize
Number of PE resources by type
RT_STRING 47
RT_ICON 6
B 1
GOOGLEUPDATE 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 9
NEUTRAL 3
HEBREW DEFAULT 1
SWEDISH 1
TELUGU DEFAULT 1
VIETNAMESE DEFAULT 1
ESTONIAN DEFAULT 1
TAMIL DEFAULT 1
FRENCH 1
SLOVENIAN DEFAULT 1
INDONESIAN DEFAULT 1
GUJARATI DEFAULT 1
DUTCH 1
MARATHI DEFAULT 1
ITALIAN 1
URDU PAKISTAN 1
CATALAN DEFAULT 1
FINNISH DEFAULT 1
KANNADA DEFAULT 1
FARSI DEFAULT 1
PORTUGUESE BRAZILIAN 1
HINDI DEFAULT 1
TURKISH DEFAULT 1
KOREAN 1
MALAY MALAYSIA 1
CZECH DEFAULT 1
HUNGARIAN DEFAULT 1
LITHUANIAN 1
GERMAN 1
ICELANDIC DEFAULT 1
BULGARIAN DEFAULT 1
POLISH DEFAULT 1
JAPANESE DEFAULT 1
DANISH DEFAULT 1
SWAHILI DEFAULT 1
SLOVAK DEFAULT 1
BENGALI DEFAULT 1
GREEK DEFAULT 1
UKRAINIAN DEFAULT 1
LATVIAN DEFAULT 1
NORWEGIAN BOKMAL 1
CHINESE TRADITIONAL 1
THAI DEFAULT 1
SERBIAN DEFAULT 1
ARABIC SAUDI ARABIA 1
ROMANIAN 1
RUSSIAN 1
MALAYALAM DEFAULT 1
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.3.27.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Epic Update Setup

CharacterSet
Unicode

InitializedDataSize
1489920

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Copyright 2007-2010 Google Inc.

FileVersion
1.3.27.0

LanguageId
en

TimeStamp
2013:09:04 18:53:57+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Epic Update Setup

FileAccessDate
2014:04:17 17:17:52+01:00

ProductVersion
1.3.27.0

SubsystemVersion
5.0

OSVersion
5.0

FileCreateDate
2014:04:17 17:17:52+01:00

OriginalFilename
EpicUpdateSetup.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Epic

CodeSize
333312

ProductName
Epic Update

ProductVersionNumber
1.3.27.0

EntryPoint
0x1000

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 9f1e709ba1bec637626844c18babc6c0
SHA1 2e87951f72eed8916a7fca0a02415e64e90b684d
SHA256 1f9da12063adbcd1ad40b067c5a5bb3cb33088240f7d4df158b57384bdf77695
ssdeep
49152:aaEWspYFn7h5amphCXb+MbQWNtJc+wOPJ:dEon7h4mnAbZMgJpjP

imphash 7c0aaae01eb4a68424c7637a8cf34894
File size 1.7 MB ( 1831576 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe signed

VirusTotal metadata
First submission 2013-09-05 00:40:06 UTC ( 7 months, 2 weeks ago )
Last submission 2014-04-17 16:17:26 UTC ( 5 days, 19 hours ago )
File names The epic privacy browser EpicSetup.exe
Epic by Hassan Hadi.exe
EpicBrowserSetup.exe
2e87951f72eed8916a7fca0a02415e64e90b684d
EpicSetup.exe
Epic Update Setup
file-5925707_exe
Epic Browser Setup.exe
EpicSetup.exe
EpicUpdateSetup.exe
Epic Privacy Browser.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!