× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 35d95f49e14bd956b89e71b2a31dfb3ae6de2aaf44aa7eeeac7ccac2c1baa5df
File name: GoToMeeting Opener.exe
Detection ratio: 1 / 67
Analysis date: 2018-07-12 09:20:25 UTC ( 4 months ago ) View latest
Antivirus Result Update
Panda Generic Suspicious 20180711
Ad-Aware 20180712
AegisLab 20180712
AhnLab-V3 20180712
Alibaba 20180712
ALYac 20180712
Antiy-AVL 20180711
Arcabit 20180712
Avast 20180712
Avast-Mobile 20180712
AVG 20180712
Avira (no cloud) 20180710
AVware 20180712
Babable 20180406
Baidu 20180712
BitDefender 20180712
Bkav 20180712
CAT-QuickHeal 20180712
ClamAV 20180712
CMC 20180712
Comodo 20180712
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180712
Cyren 20180712
DrWeb 20180712
eGambit 20180712
Emsisoft 20180712
Endgame 20180711
ESET-NOD32 20180712
F-Prot 20180712
F-Secure 20180712
Fortinet 20180712
GData 20180712
Ikarus 20180712
Sophos ML 20180601
Jiangmin 20180712
K7AntiVirus 20180712
K7GW 20180712
Kaspersky 20180712
Kingsoft 20180712
Malwarebytes 20180712
MAX 20180712
McAfee 20180712
McAfee-GW-Edition 20180712
Microsoft 20180712
eScan 20180712
NANO-Antivirus 20180712
Palo Alto Networks (Known Signatures) 20180712
Qihoo-360 20180712
Rising 20180712
SentinelOne (Static ML) 20180701
Sophos AV 20180712
SUPERAntiSpyware 20180712
Symantec 20180712
TACHYON 20180712
Tencent 20180712
TheHacker 20180712
TrendMicro 20180712
TrendMicro-HouseCall 20180712
Trustlook 20180712
VBA32 20180711
VIPRE 20180712
ViRobot 20180712
Webroot 20180712
Yandex 20180711
Zillya 20180711
ZoneAlarm by Check Point 20180712
Zoner 20180711
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © 2012-2018 LogMeIn, Inc.

Product GoTo Opener
Original name GoToOpener.exe
Internal name GoToOpener
File version 1.0.0.481
Description GoTo Opener
Signature verification Signed file, verified signature
Signing date 9:07 PM 6/26/2018
Signers
[+] LogMeIn, Inc.
Status Valid
Issuer Symantec Class 3 SHA256 Code Signing CA
Valid from 1:00 AM 9/9/2015
Valid to 12:59 AM 11/8/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint F0F775BEEB83CB267487B40562D4C4D82F103FD5
Serial number 1C 68 3F 7B 8F FB CD AC E1 92 7D 58 8D 49 06 CF
[+] Symantec Class 3 SHA256 Code Signing CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 12/10/2013
Valid to 12:59 AM 12/10/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint 007790F6561DAD89B0BCD85585762495E358F8A5
Serial number 3D 78 D7 F9 76 49 60 B2 61 7D F4 F0 1E CA 86 2A
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT UPX_LZMA
PEiD UPX 2.93 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-26 20:01:07
Entry Point 0x000C8DC0
Number of sections 3
PE sections
Overlays
MD5 d14cdae2e9ccfc52516d54cb9be2eb95
File type data
Offset 290304
Size 11192
Entropy 5.75
PE imports
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
Number of PE resources by type
RT_DIALOG 95
RT_STRING 76
RT_ICON 12
RT_GROUP_ICON 2
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH NEUTRAL 23
JAPANESE NEUTRAL 9
TURKISH DEFAULT 9
ITALIAN NEUTRAL 9
CHINESE NEUTRAL 9
DANISH NEUTRAL 9
SWEDISH NEUTRAL 9
CHINESE TRADITIONAL 9
SPANISH NEUTRAL 9
KOREAN NEUTRAL 9
GERMAN NEUTRAL 9
POLISH DEFAULT 9
DUTCH NEUTRAL 9
FRENCH NEUTRAL 9
CZECH DEFAULT 9
RUSSIAN 9
PORTUGUESE NEUTRAL 9
FINNISH NEUTRAL 9
NORWEGIAN NEUTRAL 9
ENGLISH US 2
PE resources
ExifTool file metadata
UninitializedDataSize
602112

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.481

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
GoTo Opener

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
69632

EntryPoint
0xc8dc0

OriginalFileName
GoToOpener.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2012-2018 LogMeIn, Inc.

FileVersion
1.0.0.481

TimeStamp
2018:06:26 21:01:07+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
GoToOpener

ProductVersion
1.0.0.481

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
LogMeIn, Inc.

CodeSize
221184

ProductName
GoTo Opener

ProductVersionNumber
1.0.0.481

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 374e3aece8ae4439408979bb75e3f363
SHA1 45962eb54d1e9a8a78832578609867a7c29712c5
SHA256 35d95f49e14bd956b89e71b2a31dfb3ae6de2aaf44aa7eeeac7ccac2c1baa5df
ssdeep
6144:ZEnyXJHn49qPfZtHL01xEV/TpjkbSJbYjphzPyCl2NZ6oS7w6BLydL8A4++s++jF:ZeyqqtxVFIG9YjLzPyW236oS7wAe98Ni

authentihash 3c4f5d781692f50f17eb78f88e5e6e2ccd028ee2532c642969cd08d3f93e7b71
imphash e58ab46f2a279ded0846d81bf0fa21f7
File size 294.4 KB ( 301496 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (42.1%)
Win32 EXE Yoda's Crypter (41.4%)
Win32 Executable (generic) (7.0%)
OS/2 Executable (generic) (3.1%)
Generic Win/DOS Executable (3.1%)
Tags
peexe signed upx overlay

VirusTotal metadata
First submission 2018-07-12 09:20:25 UTC ( 4 months ago )
Last submission 2018-07-12 09:20:25 UTC ( 4 months ago )
File names GoToOpener.exe
GoToMeeting Opener.exe
GoToOpener
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Copied files
Deleted files
Created processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs