× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 24fc5db7d2e0950322ee2dcc5abf26c7e4ba4473c99384fe74f25d0189ce8265
File name: UltraFileSearchLite_310_Setup.exe
Detection ratio: 0 / 45
Analysis date: 2013-07-26 15:36:42 UTC ( 9 months ago )
Antivirus Result Update
AVG 20130726
Agnitum 20130725
AhnLab-V3 20130726
AntiVir 20130726
Antiy-AVL 20130726
Avast 20130726
BitDefender 20130726
ByteHero 20130724
CAT-QuickHeal 20130726
ClamAV 20130726
Commtouch 20130726
Comodo 20130726
DrWeb 20130726
ESET-NOD32 20130726
Emsisoft 20130726
F-Prot 20130726
F-Secure 20130726
Fortinet 20130726
GData 20130726
Ikarus 20130726
Jiangmin 20130726
K7AntiVirus 20130725
K7GW 20130725
Kaspersky 20130726
Kingsoft 20130723
Malwarebytes 20130726
McAfee 20130726
McAfee-GW-Edition 20130726
MicroWorld-eScan 20130726
Microsoft 20130726
NANO-Antivirus 20130726
Norman 20130726
PCTools 20130726
Panda 20130726
Rising 20130726
SUPERAntiSpyware 20130726
Sophos 20130726
Symantec 20130726
TheHacker 20130726
TotalDefense 20130725
TrendMicro 20130726
TrendMicro-HouseCall 20130726
VBA32 20130725
VIPRE 20130726
ViRobot 20130726
nProtect 20130726
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
All rights reserved

Publisher Stegisoft
File version 3.1.0.13181
Description UltraFileSearch Installation
Comments This installation was built with InstallAware: http://www.installaware.com
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-07-05 21:17:36
Link date 10:17 PM 7/5/2007
Entry Point 0x0001253D
Number of sections 4
PE sections
PE imports
GetStdHandle
WaitForSingleObject
FindFirstFileW
HeapDestroy
GetExitCodeProcess
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
FreeEnvironmentStringsW
SetFileAttributesA
GetTempPathA
WideCharToMultiByte
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetOEMCP
LocalFree
FormatMessageW
InitializeCriticalSection
FindClose
TlsGetValue
FormatMessageA
GetFullPathNameW
SetLastError
GetModuleFileNameW
HeapAlloc
GetModuleFileNameA
UnhandledExceptionFilter
MultiByteToWideChar
GetModuleHandleA
SetFileAttributesW
CreateThread
SetUnhandledExceptionFilter
TerminateProcess
VirtualQuery
SetEndOfFile
GetCurrentThreadId
SetCurrentDirectoryA
AreFileApisANSI
HeapFree
EnterCriticalSection
SetHandleCount
SetEvent
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
CompareStringW
RemoveDirectoryW
FindFirstFileA
CompareStringA
GetTempFileNameA
FindNextFileA
GetProcAddress
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GetShortPathNameW
GetSystemInfo
lstrlenA
LCMapStringA
GetEnvironmentStringsW
RemoveDirectoryA
GetShortPathNameA
GetCPInfo
GetEnvironmentStrings
GetCurrentProcessId
SetFileTime
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
CreateProcessA
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
VirtualAlloc
ResetEvent
Ord(6)
Ord(2)
Ord(9)
SetForegroundWindow
CharPrevA
EndDialog
KillTimer
ShowWindow
MessageBoxW
SetDlgItemTextA
PostMessageA
SetWindowLongA
DialogBoxParamA
SetWindowTextA
LoadStringA
SendMessageA
LoadStringW
SetWindowTextW
GetDlgItem
GetWindowLongA
GetWindowTextLengthA
SetTimer
IsDlgButtonChecked
GetDesktopWindow
GetWindowTextA
DestroyWindow
Number of PE resources by type
RT_STRING 105
RT_ICON 8
RT_DIALOG 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 14
HEBREW DEFAULT 3
SWEDISH 3
HUNGARIAN DEFAULT 3
VIETNAMESE DEFAULT 3
ESTONIAN DEFAULT 3
LITHUANIAN 3
FRENCH 3
CHINESE SIMPLIFIED 3
SLOVENIAN DEFAULT 3
DUTCH 3
PORTUGUESE 3
ITALIAN 3
CATALAN DEFAULT 3
FINNISH DEFAULT 3
PORTUGUESE BRAZILIAN 3
KOREAN 3
CZECH DEFAULT 3
BASQUE DEFAULT 3
LATVIAN DEFAULT 3
GERMAN 3
POLISH DEFAULT 3
JAPANESE DEFAULT 3
DANISH DEFAULT 3
SLOVAK DEFAULT 3
GREEK DEFAULT 3
TURKISH DEFAULT 3
NORWEGIAN BOKMAL 3
CHINESE TRADITIONAL 3
THAI DEFAULT 3
SERBIAN DEFAULT 3
ARABIC SAUDI ARABIA 3
SPANISH MODERN 3
ROMANIAN 3
RUSSIAN 3
NEUTRAL 2
ExifTool file metadata
SubsystemVersion
4.0

Comments
This installation was built with InstallAware: http://www.installaware.com

InitializedDataSize
132096

ImageVersion
0.0

FileVersionNumber
3.1.0.13181

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
7.1

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
3.1.0.13181

TimeStamp
2007:07:05 22:17:36+01:00

FileType
Win32 EXE

PEType
PE32

FileDescription
UltraFileSearch Installation

OSVersion
4.0

FileOS
Win32

LegalCopyright
All rights reserved

MachineType
Intel 386 or later, and compatibles

CompanyName
Stegisoft

CodeSize
97792

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0x1253d

ObjectFileType
Executable application

File identification
MD5 38e8f3437864b4a7a36fce7cbc1e0a7b
SHA1 c7f83bcd73d671ec58c73546a47bd22270e2e961
SHA256 24fc5db7d2e0950322ee2dcc5abf26c7e4ba4473c99384fe74f25d0189ce8265
ssdeep
49152:Gg3HgeFjFizoAXyrDV2O0DUbl33e6wOte6TlEKfrP4OqKeawYIp+Cb2FKM:GgXgeFsrXA30DUbp3e6wj6xrPt30YIpg

File size 2.7 MB ( 2820955 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (78.5%)
Win32 Executable (generic) (11.3%)
Generic Win/DOS Executable (5.0%)
DOS Executable Generic (5.0%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2013-07-22 04:34:52 UTC ( 9 months ago )
Last submission 2013-07-26 15:36:42 UTC ( 9 months ago )
File names UltraFileSearchLite_310_Setup.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Deleted files
Runtime DLLs
UDP communications