× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 431da01ed05673f259bc33572e3a6ab8e6a5f623fa535b2cf2a00bb83245b7bd
File name: LAN_SpeedTest.exe
Detection ratio: 4 / 61
Analysis date: 2017-04-02 16:24:53 UTC ( 1 year, 10 months ago ) View latest
Antivirus Result Update
Cyren W32/Trojan.NOWM-2807 20170402
Endgame malicious (moderate confidence) pefuj1 20170401
Rising Trojan.Injector!1.9DEE (cloud:vILyubyWESH) 20170402
TheHacker Posible_Worm32 20170330
Ad-Aware 20170402
AegisLab 20170402
AhnLab-V3 20170402
Alibaba 20170402
ALYac 20170402
Antiy-AVL 20170402
Arcabit 20170402
Avast 20170402
AVG 20170402
Avira (no cloud) 20170402
AVware 20170330
Baidu 20170331
BitDefender 20170402
Bkav 20170402
CAT-QuickHeal 20170401
ClamAV 20170402
CMC 20170402
Comodo 20170402
CrowdStrike Falcon (ML) 20170130
DrWeb 20170402
Emsisoft 20170402
ESET-NOD32 20170402
F-Prot 20170402
F-Secure 20170402
Fortinet 20170402
GData 20170402
Ikarus 20170402
Sophos ML 20170203
Jiangmin 20170402
K7AntiVirus 20170402
K7GW 20170402
Kaspersky 20170402
Kingsoft 20170402
Malwarebytes 20170402
McAfee 20170402
McAfee-GW-Edition 20170402
Microsoft 20170402
eScan 20170402
NANO-Antivirus 20170402
nProtect 20170402
Palo Alto Networks (Known Signatures) 20170402
Panda 20170402
Qihoo-360 20170402
SentinelOne (Static ML) 20170330
Sophos AV 20170402
SUPERAntiSpyware 20170402
Symantec 20170401
Symantec Mobile Insight 20170331
Tencent 20170402
TrendMicro 20170402
TrendMicro-HouseCall 20170402
Trustlook 20170402
VBA32 20170331
VIPRE 20170402
ViRobot 20170402
Webroot 20170402
WhiteArmor 20170327
Yandex 20170327
Zillya 20170402
ZoneAlarm by Check Point 20170402
Zoner 20170402
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
2008-2015 (Totusoft)

Product LAN Speed Test (Lite)
Original name LAN_SpeedTest.exe
Internal name LAN Speed Test (Lite)
File version 1.3.2.0
Description LAN Speed Test (Lite)
Signature verification Signed file, verified signature
Signing date 9:29 PM 8/19/2015
Signers
[+] Peter Totushek
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer COMODO Code Signing CA 2
Valid from 11:00 PM 09/09/2012
Valid to 10:59 PM 09/10/2015
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 54A94710C5C52C592541DFE8C8CA35A3EFEC3380
Serial number 00 87 8F 89 B9 CA 07 6E 72 B0 82 65 3A D7 07 40 C6
[+] COMODO Code Signing CA 2
Status Valid
Issuer UTN-USERFirst-Object
Valid from 11:00 PM 08/23/2011
Valid to 09:48 AM 05/30/2020
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint B64771392538D1EB7A9281998791C14AFD0C5035
Serial number 10 70 9D 4F F5 54 08 D7 30 60 01 D8 EA 91 75 BB
[+] UTN-USERFirst-Object
Status Valid
Issuer AddTrust External CA Root
Valid from 07:09 AM 06/07/2005
Valid to 09:48 AM 05/30/2020
Valid usage All
Algorithm sha1RSA
Thumbprint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] The USERTrust Network™
Status Valid
Issuer AddTrust External CA Root
Valid from 09:48 AM 05/30/2000
Valid to 09:48 AM 05/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbprint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Counter signers
[+] COMODO Time Stamping Signer
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer UTN-USERFirst-Object
Valid from 11:00 PM 05/04/2015
Valid to 11:59 PM 12/31/2015
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint DF946A5E503015777FD22F46B5624ECD27BEE376
Serial number 00 9F EA C8 11 B0 F1 62 47 A5 FC 20 D8 05 23 AC E6
[+] UTN-USERFirst-Object
Status Valid
Issuer AddTrust External CA Root
Valid from 07:09 AM 06/07/2005
Valid to 09:48 AM 05/30/2020
Valid usage All
Algorithm sha1RSA
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] The USERTrust Network™
Status Valid
Issuer AddTrust External CA Root
Valid from 09:48 AM 05/30/2000
Valid to 09:48 AM 05/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Packers identified
F-PROT UPX
PEiD UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-08-19 20:24:17
Entry Point 0x0003D880
Number of sections 3
PE sections
Overlays
MD5 2b331f5a13035c6be8550de3337cd2fc
File type data
Offset 119296
Size 6216
Entropy 7.40
PE imports
ImageList_Add
PrintDlgA
EndDoc
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
CoInitialize
ShellExecuteExA
timeBeginPeriod
Number of PE resources by type
RT_ICON 6
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 9
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
2.5

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.3.2.0

Email
sales@totusoft.com

Website
www.totusoft.com

LanguageCode
Neutral

FileFlagsMask
0x0000

FileDescription
LAN Speed Test (Lite)

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
16384

EntryPoint
0x3d880

OriginalFileName
LAN_SpeedTest.exe

MIMEType
application/octet-stream

LegalCopyright
2008-2015 (Totusoft)

FileVersion
1.3.2.0

TimeStamp
2015:08:19 22:24:17+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
LAN Speed Test (Lite)

ProductVersion
1.3.2.0

UninitializedDataSize
143360

OSVersion
4.0

FileOS
Unknown (0)

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Totusoft

CodeSize
106496

ProductName
LAN Speed Test (Lite)

ProductVersionNumber
1.3.2.0

FileTypeExtension
exe

ObjectFileType
Unknown

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Execution parents
PE resource-wise parents
Compressed bundles
File identification
MD5 b62d6de41e7b0088afb695f573043611
SHA1 bb22af12f4e7a6d905f2d8913447bc34cd8beab2
SHA256 431da01ed05673f259bc33572e3a6ab8e6a5f623fa535b2cf2a00bb83245b7bd
ssdeep
3072:V9/S3SMIdVcgu9Wmvk0UlzqtN8Op1WeOGWMOt1jgo0a:f/S3S7XcgK1vkpqtDgeDWMuFH

authentihash 51325e7c240d3cfc484590ecf5125f57be5845076c4d301c78f6b924dd060f50
imphash 2f80aa76cf1fa81cb59168a40c29ea3a
File size 122.6 KB ( 125512 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (30.9%)
Win32 EXE Yoda's Crypter (30.4%)
Microsoft Visual C++ compiled executable (generic) (18.9%)
Win32 Dynamic Link Library (generic) (7.5%)
Win32 Executable (generic) (5.1%)
Tags
peexe signed upx overlay

VirusTotal metadata
First submission 2015-08-20 00:02:26 UTC ( 3 years, 6 months ago )
Last submission 2019-01-28 16:10:04 UTC ( 3 weeks, 5 days ago )
File names LAN_SpeedTest_v1.3.1_Free.exe
LAN_SpeedTest.exe
LAN_SpeedTest (portable).exe
1028039
LAN_SpeedTest_1.3.1.exe
LAN_SpeedTest.exe
LAN_SpeedTest_v1.3.1.exe
lan_speedtest[1].exe
LAN_SpeedTest.exe
VirusShare_b62d6de41e7b0088afb695f573043611
LAN_SpeedTest (Lite).exe
LAN_SpeedTest.exe
tmpt92biw
LAN_SpeedTest_v1.3.exe
20161221215505
LAN_SpeedTest.exe
LAN Speed Test--1.3.exe
filename
LAN_SpeedTest.exe
path_hash-a39c1a090a41d2f6dd5278176890a9890c7cf4d04ae1d4bf15d64268f88eca19
LAN_SpeedTest.exe
LAN_SpeedTest[1].exe
LAN_SpeedTest.ex_gz
7d6d.tmp
LAN_SpeedTest.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs