× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 28a1daec150fe0b5fa5967aeec58ae0364109f6761f449d25404e8d9f16add1e
File name: htchome_setup.exe
Detection ratio: 33 / 57
Analysis date: 2015-02-19 09:03:51 UTC ( 1 week, 6 days ago )
Antivirus Result Update
AVG AdInstaller.Somoto 20150219
AVware Trojan.Win32.Generic!BT 20150219
Ad-Aware Application.Bundler.Somoto.I 20150219
Agnitum PUA.Somoto! 20150218
AhnLab-V3 Win-PUP/Somoto 20150218
Avast Win32:Somoto-F [PUP] 20150219
Avira Adware/Somoto.poi.4 20150219
BitDefender Application.Bundler.Somoto.I 20150219
Bkav W32.HfsAdware.DCDD 20150213
ClamAV NSIS.Adware.Somoto-1 20150219
Comodo Application.Win32.Somoto.A 20150219
Cyren W32/SomotoBetterInstaller.A!Eldorado 20150219
DrWeb Adware.Downware.1184 20150219
ESET-NOD32 Win32/Somoto.A potentially unwanted 20150219
F-Prot W32/SomotoBetterInstaller.A!Eldorado 20150219
F-Secure Application.Bundler.Somoto 20150219
Fortinet Riskware/Somoto 20150219
GData Application.Bundler.Somoto.I 20150219
K7AntiVirus Dialer ( 200d71541 ) 20150219
K7GW Dialer ( 200d71541 ) 20150219
Kaspersky not-a-virus:Downloader.NSIS.Agent.ef 20150219
Malwarebytes PUP.Optional.Somoto 20150219
McAfee-GW-Edition Artemis!Trojan 20150218
MicroWorld-eScan Application.Bundler.Somoto.I 20150219
NANO-Antivirus Riskware.Win32.Downware.digcac 20150219
Qihoo-360 Malware.Radar03.Gen 20150219
SUPERAntiSpyware Adware.Somoto 20150219
Sophos Somoto BetterInstaller 20150219
Symantec WS.Reputation.1 20150219
TrendMicro ADW_TOMOS 20150219
TrendMicro-HouseCall ADW_TOMOS 20150219
VBA32 Signed-AdWare.BetterInternet.SomotoLtd 20150218
VIPRE Trojan.Win32.Generic!BT 20150219
ALYac 20150219
AegisLab 20150219
Alibaba 20150219
Antiy-AVL 20150219
Baidu-International 20150219
ByteHero 20150219
CAT-QuickHeal 20150218
CMC 20150214
Emsisoft 20150219
Ikarus 20150219
Jiangmin 20150216
Kingsoft 20150219
McAfee 20150219
Microsoft 20150219
Norman 20150218
Panda 20150218
Rising 20150218
Tencent 20150219
TheHacker 20150218
TotalDefense 20150219
ViRobot 20150219
Zillya 20150218
Zoner 20150218
nProtect 20150218
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Publisher Somoto Ltd.
File version 2.1.0.0
Description Powered by BetterInstaller
Signature verification Signed file, verified signature
Signing date 3:59 PM 11/7/2012
Signers
[+] Somoto Ltd.
Status Certificate out of its validity period
Valid from 1:00 AM 9/20/2011
Valid to 12:59 AM 9/20/2014
Valid usage Code Signing
Algorithm SHA1
Thumbrint 12F8AD16A1C69B86237886A6A13B263BAF0E4DDF
Serial number 00 84 1D 09 9D 16 B7 38 F3 41 72 FE EF E1 D2 57 4F
[+] COMODO Code Signing CA 2
Status Valid
Valid from 1:00 AM 8/24/2011
Valid to 11:48 AM 5/30/2020
Valid usage Code Signing
Algorithm SHA1
Thumbrint B64771392538D1EB7A9281998791C14AFD0C5035
Serial number 10 70 9D 4F F5 54 08 D7 30 60 01 D8 EA 91 75 BB
[+] UTN-USERFirst-Object
Status Valid
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm SHA1
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] USERTrust
Status Valid
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm SHA1
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Counter signers
[+] COMODO Time Stamping Signer
Status Valid
Valid from 1:00 AM 5/10/2010
Valid to 12:59 AM 5/11/2015
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 3DBB6DB5085C6DD5A1CA7F9CF84ECB1A3910CAC8
Serial number 47 8A 8E FB 59 E1 D8 3F 0C E1 42 D2 A2 87 07 BE
[+] UTN-USERFirst-Object
Status Valid
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm SHA1
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] USERTrust
Status Valid
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm SHA1
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Packers identified
F-PROT NSIS
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-12-17 09:14:12
Entry Point 0x000039AC
Number of sections 7
PE sections
PE imports
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegEnumKeyA
RegEnumValueA
ImageList_Create
InitCommonControls
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
SelectObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetBkColor
DeleteObject
SetTextColor
GetLastError
ReadFile
lstrlenA
GetFileAttributesA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
CopyFileA
ExitProcess
SetFileTime
GlobalUnlock
GetModuleFileNameA
LoadLibraryA
GetShortPathNameA
GetCurrentProcess
LoadLibraryExA
CompareFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileSize
lstrcatA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GetProcAddress
SetFileAttributesA
SetFilePointer
GetTempPathA
CreateThread
lstrcmpiA
GetModuleHandleA
lstrcmpA
FindFirstFileA
WriteFile
CloseHandle
GetTempFileNameA
lstrcpynA
FindNextFileA
RemoveDirectoryA
GetSystemDirectoryA
GetDiskFreeSpaceA
ExpandEnvironmentStringsA
GetFullPathNameA
FreeLibrary
MoveFileA
CreateProcessA
GlobalAlloc
GlobalLock
SearchPathA
FindClose
Sleep
CreateFileA
GetTickCount
GetVersion
SetCurrentDirectoryA
MulDiv
CoTaskMemFree
OleUninitialize
CoCreateInstance
OleInitialize
SHGetFileInfoA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHFileOperationA
CharPrevA
GetMessagePos
EmptyClipboard
EndDialog
BeginPaint
PostQuitMessage
DefWindowProcA
GetClassInfoA
SetClassLongA
LoadBitmapA
SetWindowPos
GetSystemMetrics
IsWindow
AppendMenuA
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
MessageBoxIndirectA
LoadImageA
GetDlgItemTextA
ScreenToClient
PeekMessageA
SetWindowLongA
DialogBoxParamA
GetSysColor
CheckDlgButton
GetDC
DrawTextA
SystemParametersInfoA
CreatePopupMenu
wsprintfA
ShowWindow
SetClipboardData
IsWindowVisible
SendMessageA
IsWindowEnabled
GetClientRect
SetTimer
GetDlgItem
SetForegroundWindow
CreateDialogParamA
SetCursor
EnableMenuItem
RegisterClassA
InvalidateRect
GetWindowLongA
FindWindowExA
CreateWindowExA
LoadCursorA
TrackPopupMenu
SetWindowTextA
FillRect
SendMessageTimeoutA
CharNextA
CallWindowProcA
GetSystemMenu
EndPaint
CloseClipboard
OpenClipboard
ExitWindowsEx
DestroyWindow
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Number of PE resources by type
RT_ICON 3
RT_DIALOG 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 8
NEUTRAL 1
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
2.56

ImageVersion
6.0

FileVersionNumber
2.1.0.0

UninitializedDataSize
110592

LanguageCode
Neutral

FileFlagsMask
0x0000

CharacterSet
Windows, Latin1

InitializedDataSize
14848

MIMEType
application/octet-stream

FileVersion
2.1.0.0

TimeStamp
2010:12:17 10:14:12+01:00

FileType
Win32 EXE

PEType
PE32

FileDescription
Powered by BetterInstaller

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
29184

FileSubtype
0

ProductVersionNumber
2.1.0.0

EntryPoint
0x39ac

ObjectFileType
Executable application

Execution parents
Compressed bundles
File identification
MD5 da91bce76cb09a85213527c60e5407a0
SHA1 8286a3b4389074f4f4c4239c72ebc76c6780deec
SHA256 28a1daec150fe0b5fa5967aeec58ae0364109f6761f449d25404e8d9f16add1e
ssdeep
3072:u22ihA0m3BJf0A9qhewNFVHiHtvVTyT8YWr9WdD5Je1keX:hA0m3T0AUaxVTpYAq7e+U

authentihash 22e30a51277cb9dd2aa2cda5bdee0b51f40a60b1cc6513b59d845acc61d16045
imphash 28a099a911237a28521d8b7ea250f089
File size 159.5 KB ( 163376 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID NSIS - Nullsoft Scriptable Install System (91.9%)
Win32 Executable MS Visual C++ (generic) (3.3%)
Win64 Executable (generic) (3.0%)
Win32 Dynamic Link Library (generic) (0.7%)
Win32 Executable (generic) (0.4%)
Tags
nsis peexe signed

VirusTotal metadata
First submission 2012-11-08 20:42:24 UTC ( 2 years, 3 months ago )
Last submission 2015-02-19 09:03:51 UTC ( 1 week, 6 days ago )
File names htchome_setup(1).exe
htchome_setup (1).exe
HTC Home Apis 3.exe
htchome_setup.exe
htchome_setup(2).exe
8286a3b4389074f4f4c4239c72ebc76c6780deec
59fff8fac934e21765d748287a182e14_htchome_setup.exe.safe
141495631324893-htchome_setup.exe
htchome_setup.exe
htchome_3_setup.exe
50d365ac0b95c841ef5a34391c3e9b4b2034ed1e
da91bce76cb09a85213527c60e5
Не подтвержден 472086.crdownload
htc-masaustu-hava-durumu-widget.exe
26270101
htchome_سطح-مكتب-يشبه-الاندرويد_setup.exe
HTC Home 3.0 Build 622.exe
jegUS
DA91BCE76CB09A85213527C60E5407A0.bin
htchome_setup (2).exe
file-4745988_exe
HTChome_setup v3.0 Build 621.exe
da91bce76cb09a85213527c60e5407a0
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!