× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2013bcb08a1dad9015f16f60948e4eb0b2e7c9422d8284bc73cf439a0f409806
File name: FileFormatConverters.exe
Detection ratio: 0 / 61
Analysis date: 2017-05-18 08:24:21 UTC ( 1 year, 2 months ago )
Antivirus Result Update
Ad-Aware 20170518
AegisLab 20170518
AhnLab-V3 20170518
Alibaba 20170518
ALYac 20170518
Antiy-AVL 20170518
Arcabit 20170518
Avast 20170518
AVG 20170518
Avira (no cloud) 20170518
AVware 20170518
Baidu 20170503
BitDefender 20170518
Bkav 20170518
CAT-QuickHeal 20170518
ClamAV 20170518
CMC 20170517
Comodo 20170518
CrowdStrike Falcon (ML) 20170130
Cyren 20170518
DrWeb 20170518
Emsisoft 20170518
Endgame 20170515
ESET-NOD32 20170518
F-Prot 20170518
F-Secure 20170518
Fortinet 20170518
GData 20170518
Ikarus 20170518
Sophos ML 20170516
Jiangmin 20170518
K7AntiVirus 20170518
K7GW 20170518
Kaspersky 20170518
Kingsoft 20170518
Malwarebytes 20170518
McAfee 20170518
McAfee-GW-Edition 20170517
Microsoft 20170518
eScan 20170518
NANO-Antivirus 20170518
nProtect 20170518
Palo Alto Networks (Known Signatures) 20170518
Panda 20170517
Qihoo-360 20170518
Rising 20170516
SentinelOne (Static ML) 20170516
Sophos AV 20170518
SUPERAntiSpyware 20170518
Symantec 20170517
Symantec Mobile Insight 20170518
Tencent 20170518
TheHacker 20170516
TrendMicro 20170518
TrendMicro-HouseCall 20170518
VBA32 20170517
VIPRE 20170518
ViRobot 20170518
Webroot 20170518
WhiteArmor 20170517
Yandex 20170517
Zillya 20170518
ZoneAlarm by Check Point 20170518
Zoner 20170518
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
© 2006 Microsoft Corporation. All rights reserved.

File version 12.0.6500.5000
Signature verification Signed file, verified signature
Signing date 5:48 AM 8/28/2009
Signers
[+] Microsoft Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
Issuer Microsoft Code Signing PCA
Valid from 10:24 PM 10/22/2008
Valid to 10:34 PM 1/22/2010
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 9E95C625D81B2BA9C72FD70275C3699613AF61E3
Serial number 61 06 27 81 00 00 00 00 00 08
[+] Microsoft Code Signing PCA
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
Issuer Microsoft Root Authority
Valid from 11:31 PM 8/22/2007
Valid to 8:00 AM 8/25/2012
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 3036E3B25B88A55B86FC90E6E9EAAD5081445166
Serial number 2E AB 11 DC 50 FF 5C 9D CB C0
[+] Microsoft Root Authority
Status Valid
Issuer Microsoft Root Authority
Valid from 8:00 AM 1/10/1997
Valid to 8:00 AM 12/31/2020
Valid usage All
Algorithm md5RSA
Thumbprint A43489159A520F0D93D032CCAF37E7FE20A8B419
Serial number 00 C1 00 8B 3C 3C 88 11 D1 3E F6 63 EC DF 40
Counter signers
[+] Microsoft Time-Stamp Service
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
Issuer Microsoft Timestamping PCA
Valid from 8:01 PM 7/25/2008
Valid to 8:11 PM 7/25/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 4D6F357F0E6434DA97B1AFC540FB6FDD0E85A89F
Serial number 61 05 A2 30 00 00 00 00 00 08
[+] Microsoft Timestamping PCA
Status The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
Issuer Microsoft Root Authority
Valid from 2:04 AM 9/16/2006
Valid to 8:00 AM 9/15/2019
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 3EA99A60058275E0ED83B892A909449F8C33B245
Serial number 6A 0B 99 4F C0 00 25 AB 11 DB 45 1F 58 7A 67 A2
[+] Microsoft Root Authority
Status Valid
Issuer Microsoft Root Authority
Valid from 8:00 AM 1/10/1997
Valid to 8:00 AM 12/31/2020
Valid usage All
Algorithm md5RSA
Thumbrint A43489159A520F0D93D032CCAF37E7FE20A8B419
Serial number 00 C1 00 8B 3C 3C 88 11 D1 3E F6 63 EC DF 40
Packers identified
F-PROT CAB, UTF-8, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-02-25 22:18:44
Entry Point 0x00057873
Number of sections 4
PE sections
Overlays
MD5 71aeb9a032888780cbbdac6744cbb98f
File type data
Offset 601600
Size 38383360
Entropy 8.00
PE imports
CreateFontIndirectA
GetStdHandle
GetConsoleOutputCP
GetFileAttributesA
WaitForSingleObject
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
SetEvent
LocalFree
MoveFileA
InitializeCriticalSection
LoadResource
TlsGetValue
SetLastError
GetUserDefaultLangID
CopyFileA
HeapAlloc
GetVersionExA
GetModuleFileNameA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
CreateThread
SetUnhandledExceptionFilter
GetSystemDirectoryA
GetDiskFreeSpaceExA
WriteConsoleA
GlobalAlloc
GetCurrentThreadId
InterlockedIncrement
SetCurrentDirectoryA
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
ExitThread
FreeLibrary
GetStartupInfoA
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetProcAddress
GetProcessHeap
CompareStringA
GetTempFileNameA
CreateFileMappingA
TerminateProcess
ExpandEnvironmentStringsA
CreateEventA
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
DosDateTimeToFileTime
LCMapStringW
UnmapViewOfFile
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GetThreadLocale
GetEnvironmentStringsW
lstrlenW
GetEnvironmentStrings
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
SetFileTime
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetSystemDefaultLangID
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
CreateProcessA
WideCharToMultiByte
HeapCreate
VirtualFree
Sleep
FindResourceA
VirtualAlloc
GetOEMCP
VariantChangeType
SysStringLen
SysStringByteLen
VariantClear
SysAllocString
VariantCopy
GetErrorInfo
SysFreeString
SysAllocStringByteLen
VariantInit
GetMessageA
UpdateWindow
EndDialog
PostQuitMessage
ShowWindow
DispatchMessageA
EnableWindow
PostMessageA
MessageBoxA
PeekMessageA
SetWindowLongA
TranslateMessage
DialogBoxParamA
SystemParametersInfoA
SetWindowTextA
SendMessageA
GetDlgItem
CreateDialogParamA
EnableMenuItem
GetWindowLongA
IsDlgButtonChecked
CharNextA
GetSystemMenu
ExitWindowsEx
IsDialogMessageA
DestroyWindow
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
CLSIDFromString
CoInitialize
CoCreateInstance
CLSIDFromProgID
OleRun
CoTaskMemFree
Number of PE resources by type
RT_DIALOG 4
RT_ICON 2
RT_MANIFEST 1
RT_RCDATA 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 9
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

FileVersionNumber
12.0.6500.5000

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
71680

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

PEType
PE32

FileVersion
12.0.6500.5000

LegalTrademarks1
Microsoft is a registered trademark of Microsoft Corporation.

TimeStamp
2009:02:25 23:18:44+01:00

FileType
Win32 EXE

LegalTrademarks2
Windows is a registered trademark of Microsoft Corporation.

ProductVersion
12.0.6500.5000

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
2006 Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
528896

FileSubtype
0

ProductVersionNumber
12.0.6500.0

EntryPoint
0x57873

ObjectFileType
Unknown

Compressed bundles
File identification
MD5 0284df8e646a95b2a1ab241bb0729731
SHA1 13887708c77a19f202a40ff68155d73ad3c37338
SHA256 2013bcb08a1dad9015f16f60948e4eb0b2e7c9422d8284bc73cf439a0f409806
ssdeep
786432:ZP8QQpvalLTlcG2Zp9lJpzIVk1Bo11dDxb65qHwHILjpqE6EWTkX:d8halOhlIVmBo7dDx+HILjp9E0

authentihash a51f08293f942280ed6dbf469a48e9f60f5e19229b898ae22e8825dc85daca0a
imphash c261979d0623d9d5245bed4e21fd0160
File size 37.2 MB ( 38984960 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2013-04-13 18:09:52 UTC ( 5 years, 4 months ago )
Last submission 2017-05-18 08:24:21 UTC ( 1 year, 2 months ago )
File names FileFormatConverters.exe
FileFormatConverters.exe
FileFormatConverters.exe
FileFormatConverters.exe
FileFormatConverters.exe
FileFormatConverters.exe
FileFormatConverters.exe
FileFormatConverters.exe
mikrosoft word uyumluluk proğramı.exe
FileFormatConverters.exe
windows 7.exe
FileFormatConverters.exe
FileFormatConverters.exe
FileFormatConverters.exe
FileFormatConverters.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!