× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 33c38e32739642e3dc9ecae3fba9266fea6242c937ab5133bcda75af5127537e
File name: flux.exe
Detection ratio: 0 / 63
Analysis date: 2017-08-22 01:08:57 UTC ( 1 year, 8 months ago ) View latest
Antivirus Result Update
Ad-Aware 20170822
AegisLab 20170821
AhnLab-V3 20170821
Alibaba 20170821
ALYac 20170822
Antiy-AVL 20170822
Arcabit 20170821
Avast 20170822
AVG 20170822
Avira (no cloud) 20170822
AVware 20170822
Baidu 20170817
BitDefender 20170822
CAT-QuickHeal 20170821
ClamAV 20170821
CMC 20170821
Comodo 20170821
CrowdStrike Falcon (ML) 20170804
Cylance 20170822
Cyren 20170821
DrWeb 20170821
Emsisoft 20170821
Endgame 20170821
ESET-NOD32 20170821
F-Prot 20170821
F-Secure 20170821
Fortinet 20170821
GData 20170822
Ikarus 20170821
Sophos ML 20170818
Jiangmin 20170821
K7AntiVirus 20170821
K7GW 20170821
Kaspersky 20170821
Kingsoft 20170822
Malwarebytes 20170821
MAX 20170821
McAfee 20170821
McAfee-GW-Edition 20170822
Microsoft 20170822
eScan 20170821
NANO-Antivirus 20170821
nProtect 20170821
Palo Alto Networks (Known Signatures) 20170822
Panda 20170821
Qihoo-360 20170822
SentinelOne (Static ML) 20170806
Sophos AV 20170821
SUPERAntiSpyware 20170822
Symantec 20170821
Symantec Mobile Insight 20170818
Tencent 20170822
TheHacker 20170821
TotalDefense 20170821
TrendMicro 20170821
TrendMicro-HouseCall 20170821
Trustlook 20170822
VBA32 20170821
VIPRE 20170821
ViRobot 20170821
Webroot 20170822
WhiteArmor 20170817
Yandex 20170821
Zillya 20170821
ZoneAlarm by Check Point 20170822
Zoner 20170822
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © 2008-2017 f.lux Software LLC

Product f.lux
Original name flux.exe
Internal name f.lux
File version 4, 45, 0, 1
Description f.lux
Signature verification Signed file, verified signature
Signing date 11:01 PM 8/17/2017
Signers
[+] F.lux Software LLC
Status Valid
Issuer COMODO RSA Code Signing CA
Valid from 1:00 AM 5/4/2016
Valid to 12:59 AM 5/5/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 36E504701938FEA480DB816490D6EAE042EB7907
Serial number 24 35 A0 BA F9 68 73 B0 3D 50 C3 25 6E FE B5 C0
[+] COMODO RSA Code Signing CA
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 5/9/2013
Valid to 12:59 AM 5/9/2028
Valid usage Code Signing
Algorithm sha384RSA
Thumbprint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
[+] COMODO SECURE™
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 1/19/2010
Valid to 12:59 AM 1/19/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha384RSA
Thumbprint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
Counter signers
[+] DigiCert Timestamp Responder
Status Valid
Issuer DigiCert Assured ID CA-1
Valid from 1:00 AM 10/22/2014
Valid to 1:00 AM 10/22/2024
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 614D271D9102E30169822487FDE5DE00A352B01D
Serial number 03 01 9A 02 3A FF 58 B1 6B D6 D5 EA E6 17 F0 66
[+] DigiCert Assured ID CA-1
Status Valid
Issuer DigiCert Assured ID Root CA
Valid from 1:00 AM 11/10/2006
Valid to 1:00 AM 11/10/2021
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing
Algorithm sha1RSA
Thumbrint 19A09B5A36F4DD99727DF783C17A51231A56C117
Serial number 06 FD F9 03 96 03 AD EA 00 0A EB 3F 27 BB BA 1B
[+] DigiCert
Status Valid
Issuer DigiCert Assured ID Root CA
Valid from 1:00 AM 11/10/2006
Valid to 1:00 AM 11/10/2031
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha1RSA
Thumbrint 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Serial number 0C E7 E0 E5 17 D8 46 FE 8F E5 60 FC 1B F0 30 39
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-08-17 22:00:59
Entry Point 0x000D2E34
Number of sections 5
PE sections
Overlays
MD5 558f0dfccd706e493001cd3a95f6867f
File type data
Offset 1646592
Size 14840
Entropy 7.30
PE imports
RegDeleteKeyA
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
CreateWellKnownSid
CryptAcquireContextA
AdjustTokenPrivileges
RegQueryValueExA
DuplicateToken
CryptGenRandom
CheckTokenMembership
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
Ord(6)
InitCommonControlsEx
GetOpenFileNameA
GetSaveFileNameA
DirectDrawCreate
SetMapMode
GetSystemPaletteEntries
GetClipBox
CreatePen
SetICMProfileA
CreateFontIndirectA
SetICMMode
SetDeviceGammaRamp
SetStretchBltMode
GetGlyphOutlineA
Rectangle
GetDeviceGammaRamp
GetObjectA
CreateDCA
DeleteDC
SetBkMode
GetICMProfileA
BitBlt
CreateDIBSection
RealizePalette
GetDeviceCaps
CreatePalette
GetStockObject
SelectPalette
GetDCOrgEx
CreateCompatibleDC
StretchBlt
StretchDIBits
SelectObject
CreateSolidBrush
GetKerningPairsA
DeleteObject
CreateCompatibleBitmap
GetStdHandle
GetConsoleOutputCP
VerifyVersionInfoA
FileTimeToSystemTime
CreateFileMappingA
GetFileAttributesA
WaitForSingleObject
HeapDestroy
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetDiskFreeSpaceExA
GetCurrentDirectoryA
GetConsoleMode
GetLocaleInfoA
SetFilePointer
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetFileTime
GetTempPathA
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
GetOEMCP
LocalFree
MoveFileA
ResumeThread
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
FormatMessageA
OutputDebugStringA
SetLastError
DeviceIoControl
CopyFileA
ExitProcess
FlushFileBuffers
GetModuleFileNameA
VerSetConditionMask
EnumSystemLocalesA
LoadLibraryExA
SetConsoleCtrlHandler
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
FatalAppExitA
FlushInstructionCache
CreateMutexA
GetModuleHandleA
CreateThread
SetUnhandledExceptionFilter
MulDiv
IsProcessorFeaturePresent
ExitThread
MoveFileExA
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
GetVersion
VirtualQuery
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
lstrcmpiA
SetEvent
QueryPerformanceCounter
GetTickCount
DisableThreadLibraryCalls
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
FreeLibrary
GetStartupInfoA
GetDateFormatA
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetProcAddress
GetProcessHeap
CompareStringW
lstrcmpA
FindFirstFileExA
FindFirstFileA
CompareStringA
GetTempFileNameA
GetComputerNameA
FindNextFileA
IsValidLocale
lstrcmpW
WaitForMultipleObjects
GetUserDefaultLCID
GetTimeZoneInformation
CreateEventA
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
SystemTimeToFileTime
LCMapStringW
UnmapViewOfFile
GetSystemInfo
lstrlenA
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
IsDBCSLeadByte
GlobalAlloc
RemoveDirectoryA
FileTimeToLocalFileTime
GetEnvironmentStrings
CompareFileTime
GetCurrentProcessId
SetFileTime
lstrlenW
WideCharToMultiByte
HeapSize
RaiseException
GetCommandLineA
InterlockedCompareExchange
GetCurrentThread
QueryPerformanceFrequency
MapViewOfFile
TlsFree
GetFileAttributesExA
ReadFile
CloseHandle
GetTimeFormatA
lstrcpynA
GetACP
GlobalLock
GetModuleHandleW
SetThreadExecutionState
SizeofResource
IsValidCodePage
HeapCreate
VirtualFree
GetLongPathNameA
Sleep
SetThreadPriority
FindResourceA
VirtualAlloc
ResetEvent
VarUI4FromStr
OleCreateFontIndirect
LoadRegTypeLib
VariantTimeToSystemTime
SysStringLen
SystemTimeToVariantTime
VarBstrFromDate
CreateErrorInfo
SysAllocStringLen
VariantChangeType
VariantClear
SysAllocString
SetErrorInfo
OleCreatePropertyFrame
VarDateFromStr
LoadTypeLib
SysFreeString
GetErrorInfo
VariantInit
OleLoadPicturePath
GetModuleFileNameExA
SetupDiOpenDevRegKey
SetupDiEnumDeviceInfo
SetupDiGetClassDevsExA
SetupDiGetDeviceRegistryPropertyA
ShellExecuteExA
SHGetSpecialFolderPathA
SHBrowseForFolderA
SHGetPathFromIDListA
SHFileOperationA
SHGetMalloc
ShellExecuteA
Shell_NotifyIconA
SHDeleteKeyA
SHDeleteValueA
PathAddBackslashA
RedrawWindow
GetForegroundWindow
UnregisterHotKey
DestroyMenu
PostQuitMessage
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
WindowFromPoint
SetActiveWindow
GetDC
GetCursorPos
ReleaseDC
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
SetMenuDefaultItem
GetWindowTextLengthA
ClientToScreen
GetActiveWindow
ShowCursor
LoadImageA
MsgWaitForMultipleObjects
GetTopWindow
GetWindowTextA
InvalidateRgn
DestroyWindow
GetMessageA
RegisterHotKey
GetParent
UpdateWindow
GetClassInfoExA
ShowWindow
SetClassLongA
FlashWindowEx
EnumDisplayMonitors
EnableWindow
PeekMessageA
TranslateMessage
GetWindow
LoadStringA
GetQueueStatus
GetWindowPlacement
IsIconic
RegisterClassA
TrackPopupMenuEx
GetWindowLongA
CreateWindowExA
FillRect
EnumThreadWindows
CharNextA
GetUpdateRect
CreateAcceleratorTableA
IsChild
IsDialogMessageA
SetFocus
PostMessageA
BeginPaint
OffsetRect
KillTimer
GetMonitorInfoA
RegisterWindowMessageA
DefWindowProcA
MapWindowPoints
GetSystemMetrics
GetWindowRect
SetCapture
ReleaseCapture
EnumChildWindows
SetWindowLongA
CheckDlgButton
CreatePopupMenu
SetWindowTextW
SetTimer
GetDlgItem
CreateDialogParamA
ScreenToClient
FindWindowExA
LoadCursorA
LoadIconA
SetParent
IsDlgButtonChecked
DestroyAcceleratorTable
GetDesktopWindow
SetForegroundWindow
ExitWindowsEx
GetAsyncKeyState
IntersectRect
EndDialog
FindWindowA
MessageBeep
GetWindowThreadProcessId
GetLastInputInfo
AppendMenuA
SetMenu
MoveWindow
MessageBoxA
AdjustWindowRectEx
DialogBoxParamA
GetSysColor
RegisterClassExA
SystemParametersInfoA
IsWindowVisible
SetCursorPos
InvalidateRect
wsprintfA
SetWindowTextA
TranslateAcceleratorA
AdjustWindowRect
CallWindowProcA
GetClassNameA
GetFocus
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
HttpSendRequestA
InternetQueryDataAvailable
HttpAddRequestHeadersA
InternetWriteFile
HttpOpenRequestA
InternetReadFile
InternetCloseHandle
InternetOpenA
InternetConnectA
HttpQueryInfoA
DeleteUrlCacheEntry
InternetCrackUrlA
HttpEndRequestA
HttpSendRequestExA
PlaySoundA
timeGetTime
timeBeginPeriod
WinVerifyTrust
WSAStartup
setsockopt
htons
socket
sendto
CreateStreamOnHGlobal
OleLockRunning
CoRegisterClassObject
CoInitialize
CoTaskMemAlloc
CoInitializeEx
CoUninitialize
CoCreateInstance
CoTaskMemRealloc
CLSIDFromProgID
OleUninitialize
OleDraw
CoResumeClassObjects
StgCreateDocfile
CoTaskMemFree
OleInitialize
CLSIDFromString
StringFromGUID2
CoSetProxyBlanket
CoGetClassObject
URLDownloadToFileA
URLOpenPullStreamA
URLDownloadToCacheFileA
UrlMkSetSessionOption
Number of PE resources by type
RT_ICON 5
RT_DIALOG 4
RT_GROUP_CURSOR 1
Struct(240) 1
RT_MANIFEST 1
RT_CURSOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 15
PE resources
Debug information
ExifTool file metadata
CodeSize
1046016

FileDescription
f.lux

InitializedDataSize
678400

ImageVersion
0.0

ProductName
f.lux

FileVersionNumber
4.45.0.1

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
exe

OriginalFileName
flux.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4, 45, 0, 1

TimeStamp
2017:08:17 23:00:59+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
f.lux

SubsystemVersion
5.0

ProductVersion
4, 45, 0, 1

UninitializedDataSize
0

OSVersion
5.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 2008-2017 f.lux Software LLC

MachineType
Intel 386 or later, and compatibles

CompanyName
f.lux Software LLC

LegalTrademarks
f.lux (R)

FileSubtype
0

ProductVersionNumber
4.45.0.1

EntryPoint
0xd2e34

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 363dd87a863079f6fbae40a3eb52a853
SHA1 47d5831d6634242a9cde6a36754afe64a18be9e7
SHA256 33c38e32739642e3dc9ecae3fba9266fea6242c937ab5133bcda75af5127537e
ssdeep
24576:W9y4n0h1XVPjX9FqhAHRpxxjliDopGQyF573HfZENa5ZfrlJOC9HVb1JV33mrOvl:WoPBozh0OzdwhMOw

authentihash 491da4f8f5eaf002af29d11a0a9603804910cb928bc5605f7122326c9a8ad5f3
imphash 54cba7992316dd48c8d45baa411ece6d
File size 1.6 MB ( 1661432 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 EXE PECompact compressed (generic) (35.9%)
Win32 Executable MS Visual C++ (generic) (27.0%)
Win64 Executable (generic) (23.9%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.9%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2017-08-18 04:28:56 UTC ( 1 year, 8 months ago )
Last submission 2017-09-21 16:14:20 UTC ( 1 year, 7 months ago )
File names flux.exe
flux.exe
flux.exe
flux.exe
f.lux
flux.exe
flux.exe
flux.exe
flux.exe
flux.exe
flux.exe
flux.exe
flux.exe
flux.exe
flux.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created mutexes
Runtime DLLs
UDP communications