× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 332704763605252ef9e88d2a8ce6d076719f0acb307db231069483ae5ca407ff
File name: ir053_x64.msi
Detection ratio: 0 / 56
Analysis date: 2016-05-03 15:12:57 UTC ( 2 years, 10 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160503
AegisLab 20160503
AhnLab-V3 20160503
Alibaba 20160503
ALYac 20160503
Antiy-AVL 20160503
Arcabit 20160503
Avast 20160503
AVG 20160503
Avira (no cloud) 20160503
AVware 20160503
Baidu 20160503
Baidu-International 20160503
BitDefender 20160503
Bkav 20160429
CAT-QuickHeal 20160503
ClamAV 20160502
CMC 20160429
Comodo 20160503
Cyren 20160503
DrWeb 20160503
Emsisoft 20160503
ESET-NOD32 20160503
F-Prot 20160503
F-Secure 20160503
Fortinet 20160503
GData 20160503
Ikarus 20160503
Jiangmin 20160503
K7AntiVirus 20160503
K7GW 20160503
Kaspersky 20160503
Kingsoft 20160503
Malwarebytes 20160503
McAfee 20160503
McAfee-GW-Edition 20160503
Microsoft 20160503
eScan 20160503
NANO-Antivirus 20160503
nProtect 20160503
Panda 20160503
Qihoo-360 20160503
Rising 20160503
Sophos AV 20160503
SUPERAntiSpyware 20160503
Symantec 20160503
Tencent 20160503
TheHacker 20160502
TrendMicro 20160503
TrendMicro-HouseCall 20160503
VBA32 20160503
VIPRE 20160503
ViRobot 20160503
Yandex 20160502
Zillya 20160503
Zoner 20160503
The file being studied is a Windows Installer file! These types of files are software components used for the installation, maintenance, and removal of software on modern Microsoft Windows systems.
Authenticode signature block
Signature verification Signed file, verified signature
Signing date 6:10 PM 9/1/2012
Signers
[+] Christian Kindahl
Status This certificate or one of the certificates in the certificate chain is not time valid.
Valid from 12:00 AM 02/28/2011
Valid to 11:59 PM 02/28/2016
Valid usage Code Signing
Algorithm sha1RSA
Thumbrint 7C65C5FB8A87242D467A7F1BF4571AD02C037069
Serial number 00 B1 F4 A9 01 9F 0E 49 0A 34 74 3E F8 FE B1 A2 28
[+] USERTrust (Code Signing)
Status Valid
Valid from 06:31 PM 07/09/1999
Valid to 06:40 PM 07/09/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm sha1RSA
Thumbrint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
Counter signers
[+] COMODO Time Stamping Signer
Status This certificate or one of the certificates in the certificate chain is not time valid.
Valid from 12:00 AM 05/10/2010
Valid to 11:59 PM 05/10/2015
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 3DBB6DB5085C6DD5A1CA7F9CF84ECB1A3910CAC8
Serial number 47 8A 8E FB 59 E1 D8 3F 0C E1 42 D2 A2 87 07 BE
[+] USERTrust (Code Signing)
Status Valid
Valid from 06:31 PM 07/09/1999
Valid to 06:40 PM 07/09/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm sha1RSA
Thumbrint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
OLE structured storage summary
creation_datetime
2012-09-01 18:10:28
author
Christian Kindahl
title
Installation Database
page_count
200
word_count
2
keywords
Installer
last_saved
2012-09-01 18:10:28
revision_number
{2C22EA92-CB30-4932-0053-000002000000}
application_name
Windows Installer XML (3.5.2519.0)
security
2
subject
InfraRecorder (x64 edition)
template
x64;1033
code_page
Latin I
comments
InfraRecorder (x64 edition)
OLE Streams
name
Root Entry
clsid
000c1084-0000-0000-c000-000000000046
type_literal
root
clsid_literal
on
sid
0
size
25344
type_literal
stream
sid
44
name
\x05DigitalSignature
size
3838
type_literal
stream
sid
2
name
\x05SummaryInformation
size
488
type_literal
stream
sid
28
name
\u4192\u4472\u433e\u44a6\u4431\u4324\u47b1\u41ac\u4832
size
86358
type_literal
stream
sid
9
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3aff\u4464\u4231\u4835
size
2746
type_literal
stream
sid
10
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3b7f\u412c\u44af\u482a
size
68468
type_literal
stream
sid
13
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3dff\u46a8
size
318
type_literal
stream
sid
14
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3fbf\u4833
size
318
type_literal
stream
sid
11
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3cbf\u44a6\u3bbf\u41bb\u412f\u4830
size
766
type_literal
stream
sid
12
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3cbf\u44a6\u3cbf\u4271\u4832
size
1078
type_literal
stream
sid
8
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u4320\u41bb\u4824
size
68608
type_literal
stream
sid
1
name
\u4452\u4569\u3ee4\u41a8\u4572\u4227\u47b5\u4126\u4825
size
3795650
type_literal
stream
sid
41
name
\u4840\u3b3f\u43f2\u4438\u45b1
size
1280
type_literal
stream
sid
39
name
\u4840\u3c9e\u421d\u45fb
size
204
type_literal
stream
sid
43
name
\u4840\u3f3f\u4577\u446c\u3b6a\u45e4\u4824
size
65981
type_literal
stream
sid
42
name
\u4840\u3f3f\u4577\u446c\u3e6a\u44b2\u482f
size
3424
type_literal
stream
sid
40
name
\u4840\u3f7f\u4164\u422f\u4836
size
60
type_literal
stream
sid
3
name
\u4840\u3fff\u43e4\u41ec\u45e4\u44ac\u4831
size
3888
type_literal
stream
sid
34
name
\u4840\u411b\u4327\u3af2\u45f8\u44b7\u4831
size
36
type_literal
stream
sid
27
name
\u4840\u4192\u4472
size
4
type_literal
stream
sid
4
name
\u4840\u41ca\u4330\u3bb1\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
48
type_literal
stream
sid
5
name
\u4840\u41ca\u4330\u3fb1\u3f12\u4528\u4238\u41b1\u4828
size
42
type_literal
stream
sid
6
name
\u4840\u41ca\u45f9\u46ce\u41a8\u45f8\u3f28\u4528\u4238\u41b1\u4828
size
48
type_literal
stream
sid
25
name
\u4840\u420f\u45e4\u4578\u3b28\u4432\u44b3\u4231\u45f1\u4836
size
36
type_literal
stream
sid
24
name
\u4840\u420f\u45e4\u4578\u4828
size
48
type_literal
stream
sid
31
name
\u4840\u4216\u4327\u4824
size
14
type_literal
stream
sid
35
name
\u4840\u421b\u432a\u45f6\u4735
size
12
type_literal
stream
sid
36
name
\u4840\u421b\u44b0\u4239\u430f\u422f
size
20
type_literal
stream
sid
38
name
\u4840\u421d\u45fb\u45dc\u43fc\u4828
size
36
type_literal
stream
sid
15
name
\u4840\u42cc\u41a8\u3aee\u46f2
size
8
type_literal
stream
sid
37
name
\u4840\u42dc\u4572\u41b7\u45f8
size
64
type_literal
stream
sid
7
name
\u4840\u430b\u4131\u4735
size
28
type_literal
stream
sid
22
name
\u4840\u430d\u4235\u45e6\u4572\u483c
size
48
type_literal
stream
sid
21
name
\u4840\u430d\u43e4\u42b2
size
484
type_literal
stream
sid
26
name
\u4840\u430f\u422f
size
1360
type_literal
stream
sid
29
name
\u4840\u4452\u45f6\u43e4\u3baf\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
114
type_literal
stream
sid
30
name
\u4840\u4452\u45f6\u43e4\u3faf\u3f12\u4528\u4238\u41b1\u4828
size
84
type_literal
stream
sid
16
name
\u4840\u448c\u44f0\u4472\u4468\u4837
size
108
type_literal
stream
sid
18
name
\u4840\u448c\u45f1\u44b5\u3b2f\u4472\u4327\u4337\u4472
size
504
type_literal
stream
sid
19
name
\u4840\u448c\u45f1\u44b5\u3baf\u4239\u45f1
size
1536
type_literal
stream
sid
17
name
\u4840\u448c\u45f1\u44b5\u482f
size
5590
type_literal
stream
sid
33
name
\u4840\u4559\u44f2\u4568\u4737
size
52
type_literal
stream
sid
32
name
\u4840\u4596\u3bec\u43ec\u3c68\u45a4\u482b
size
1280
type_literal
stream
sid
20
name
\u4840\u460c\u45f6\u4432\u418a\u4337\u4472
size
24
type_literal
stream
sid
23
name
\u4840\u464e\u4468\u3db7\u44e4\u4333\u42b1
size
40
ExifTool file metadata
MIMEType
image/vnd.fpx

ModifyDate
2012:09:01 17:10:28

Template
x64;1033

Title
Installation Database

FileType
FPX

Author
Christian Kindahl

Comments
InfraRecorder (x64 edition)

CodePage
Windows Latin 1 (Western European)

FileTypeExtension
fpx

Words
2

Keywords
Installer

CreateDate
2012:09:01 17:10:28

Security
Read-only recommended

Software
Windows Installer XML (3.5.2519.0)

Pages
200

RevisionNumber
{2C22EA92-CB30-4932-0053-000002000000}

Subject
InfraRecorder (x64 edition)

File identification
MD5 8865e1ca72d540a07d530b2ccec8fd89
SHA1 03611f6c59f5997bd169a9c91ef871958a4a50ba
SHA256 332704763605252ef9e88d2a8ce6d076719f0acb307db231069483ae5ca407ff
ssdeep
98304:FhRumXxnnYRh8GvZjFuwgcTNZfdD2sWDnF7tnAVVj9t:FhsmXxnYT8iZjIHu/QsgnFWvxt

File size 4.0 MB ( 4153344 bytes )
File type Windows Installer
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1252, Title: Installation Database, Subject: InfraRecorder (x64 edition), Author: Christian Kindahl, Keywords: Installer, Comments: InfraRecorder (x64 edition), Template: x64

TrID Microsoft Windows Installer (89.6%)
Windows Installer Patch (8.7%)
Generic OLE2 / Multistream Compound File (1.5%)
Tags
msi signed via-tor

VirusTotal metadata
First submission 2012-09-02 00:28:10 UTC ( 6 years, 6 months ago )
Last submission 2019-03-13 18:18:54 UTC ( 6 days, 15 hours ago )
File names 59c61d.msi
a28ea1d.msi
InfraRecorder_x64-0.53.msi
ir053_x64.msi
ir053_x64.msi
d41ce9.msi
9dae1.msi
2984dc.msi
InfraRecorder 0.53.msi
141d4c3.msi
f1e9f.msi
InfraRecorder_0.53_x64-RainbowSky.ru.msi
ir053_x64.msi
InfraRecorder053_x64.msi
ir053_x64 (1).msi
3c6ed5.msi
4ab3f8.msi
4224b.msi
InfraRecorder_x64.msi
86c799.msi
ir053_x64.msi
ir053_x64.msi
a110e.msi
58617.msi
infraRecorder053_x64.msi
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!