× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 44a4f4c0afb5f1c186a99a68467249bba43256cb2ff1c62d208b6d9a0a171f46
File name: auto-clicker.exe
Detection ratio: 0 / 66
Analysis date: 2018-01-11 00:27:03 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
Ad-Aware 20180111
AegisLab 20180110
AhnLab-V3 20180110
Alibaba 20180110
ALYac 20180111
Antiy-AVL 20180111
Arcabit 20180110
Avast 20180110
Avast-Mobile 20180111
AVG 20180110
Avira (no cloud) 20180110
AVware 20180103
Baidu 20180110
BitDefender 20180111
Bkav 20180106
CAT-QuickHeal 20180110
ClamAV 20180110
CMC 20180110
Comodo 20180110
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20180111
Cyren 20180110
DrWeb 20180111
eGambit 20180111
Emsisoft 20180111
Endgame 20171130
ESET-NOD32 20180110
F-Prot 20180110
F-Secure 20180111
Fortinet 20180110
GData 20180111
Ikarus 20180110
Sophos ML 20170914
Jiangmin 20180111
K7AntiVirus 20180110
K7GW 20180110
Kaspersky 20180111
Kingsoft 20180111
Malwarebytes 20180110
MAX 20180110
McAfee 20180110
McAfee-GW-Edition 20180111
Microsoft 20180110
eScan 20180110
NANO-Antivirus 20180110
nProtect 20180110
Palo Alto Networks (Known Signatures) 20180111
Panda 20180110
Qihoo-360 20180111
Rising 20180111
SentinelOne (Static ML) 20171224
Sophos AV 20180110
SUPERAntiSpyware 20180111
Symantec 20180110
Symantec Mobile Insight 20180110
Tencent 20180111
TheHacker 20180108
TotalDefense 20180110
TrendMicro 20180110
Trustlook 20180111
VBA32 20180110
VIPRE 20180111
ViRobot 20180110
Webroot 20180111
WhiteArmor 20180110
Yandex 20180109
Zillya 20180110
ZoneAlarm by Check Point 20180111
Zoner 20180110
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright

Product Auto Clicker Asoftech
Original name stub32i.exe
Internal name stub32
File version 2.00.000
Description
Comments
Signature verification Certificate out of its validity period
Signers
[+] Jiang Xiaoxia
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer UTN-USERFirst-Object
Valid from 12:00 AM 04/15/2009
Valid to 11:59 PM 04/15/2011
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 1801004FBF475D3F851D2F339E50FDB6E4B6727A
Serial number 00 B3 3A BC B5 BE D8 8B 13 1C B1 4F 3A 10 CD 57 10
[+] USERTrust (Code Signing)
Status Valid
Issuer UTN-USERFirst-Object
Valid from 06:31 PM 07/09/1999
Valid to 06:40 PM 07/09/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm sha1RSA
Thumbprint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 12:00 AM 10/18/2012
Valid to 11:59 PM 12/29/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 12/21/2012
Valid to 11:59 PM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 01/01/1997
Valid to 11:59 PM 12/31/2020
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT CAB
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-08-02 07:01:18
Entry Point 0x00008AF7
Number of sections 4
PE sections
Overlays
MD5 8ec11672af543ebd7074145dcd6b2fe3
File type data
Offset 290816
Size 3554456
Entropy 8.00
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetObjectA
TextOutA
CreateCompatibleDC
DeleteDC
SetBkMode
GetTextExtentPointA
BitBlt
CreatePalette
GetStockObject
CreateDIBitmap
GetDeviceCaps
SelectPalette
CreateFontIndirectA
CreateSolidBrush
SelectObject
SetBkColor
EnumFontFamiliesExA
DeleteObject
RealizePalette
SetTextColor
GetStdHandle
GetFileAttributesA
WaitForSingleObject
HeapDestroy
FreeEnvironmentStringsA
GetCurrentProcess
LocalAlloc
lstrcatA
UnhandledExceptionFilter
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
WideCharToMultiByte
GetStringTypeA
WriteFile
GetDiskFreeSpaceA
GetStringTypeW
SetFileAttributesA
GetExitCodeProcess
LocalFree
GetEnvironmentVariableA
LoadResource
FindClose
FormatMessageA
HeapAlloc
GetVersionExA
RemoveDirectoryA
GetPrivateProfileStringA
GetSystemDefaultLCID
MultiByteToWideChar
WritePrivateProfileSectionA
GetModuleHandleA
SetUnhandledExceptionFilter
MulDiv
GetSystemDirectoryA
MoveFileExA
TerminateProcess
GlobalAlloc
LocalFileTimeToFileTime
GetVersion
HeapFree
SetHandleCount
lstrcmpiA
FreeLibrary
IsBadWritePtr
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetProcAddress
GetProcessHeap
FindFirstFileA
lstrcpyA
CompareStringA
GetTempFileNameA
CreateFileMappingA
FindNextFileA
GlobalLock
GetFileType
GetPrivateProfileSectionA
CreateFileA
ExitProcess
GetLastError
DosDateTimeToFileTime
LCMapStringW
HeapCreate
lstrlenA
GlobalFree
LCMapStringA
HeapReAlloc
GetEnvironmentStringsW
GlobalUnlock
IsDBCSLeadByte
GetModuleFileNameA
GetShortPathNameA
SizeofResource
WritePrivateProfileStringA
LockResource
SetFileTime
GetCPInfo
GetCommandLineA
MapViewOfFile
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetACP
GetEnvironmentStrings
CreateProcessA
UnmapViewOfFile
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
VirtualAlloc
GetOEMCP
LZCopy
LZClose
LZOpenFileA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SetFocus
GetParent
MapDialogRect
DrawTextA
BeginPaint
CreateDialogIndirectParamA
CheckRadioButton
ShowWindow
SetWindowPos
SendDlgItemMessageA
IsWindow
LoadIconA
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
PostMessageA
MoveWindow
GetDlgItemTextA
MessageBoxA
PeekMessageA
SetWindowLongA
GetSysColorBrush
IsWindowEnabled
GetWindow
GetSysColor
CheckDlgButton
GetDC
ReleaseDC
SetWindowTextA
GetWindowLongA
SetParent
TranslateMessage
SendMessageA
GetClientRect
GetDlgItem
CreateDialogParamA
GetNextDlgTabItem
ScreenToClient
InvalidateRect
wsprintfA
UpdateWindow
GetActiveWindow
FillRect
LoadStringA
IsDlgButtonChecked
CharNextA
SetActiveWindow
GetDesktopWindow
LoadImageA
EndPaint
GetWindowTextA
IsDialogMessageA
DestroyWindow
Number of PE resources by type
RT_DIALOG 10
RT_STRING 7
RT_ICON 4
RT_BITMAP 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 25
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.1.100.1332

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
221184

EntryPoint
0x8af7

OriginalFileName
stub32i.exe

MIMEType
application/octet-stream

FileVersion
2.00.000

TimeStamp
2002:08:02 08:01:18+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
stub32

ProductVersion
2.00.000

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Asoftech

CodeSize
77824

ProductName
Auto Clicker Asoftech

ProductVersionNumber
4.1.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 ef3c6e190144d6529c9818f5f4f71319
SHA1 cb706cd07598856b9262ede992e381f660a1c9ea
SHA256 44a4f4c0afb5f1c186a99a68467249bba43256cb2ff1c62d208b6d9a0a171f46
ssdeep
49152:idO623PRj420GrfOoAbrLzsWmrS/4t3wb7lzpZnU4rMcpjigjoVvgFIvR1/IYFtO:iM623ZjkHtX2A5zpq4rdigjo5gFuRO

authentihash 6ab71b3510f8940f6d8cf35fe26b9152f2a4d524fa35a42e21f8bd38c705264a
imphash d84d991d25f1d024e6888428c049c5f2
File size 3.7 MB ( 3845272 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (33.7%)
Win64 Executable (generic) (29.8%)
Microsoft Visual C++ compiled executable (generic) (17.8%)
Win32 Dynamic Link Library (generic) (7.1%)
Win32 Executable (generic) (4.8%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2017-02-22 06:34:14 UTC ( 2 years, 1 month ago )
Last submission 2019-02-20 11:35:56 UTC ( 1 month ago )
File names f.exe
44A4F4C0AFB5F1C186A99A68467249BBA43256CB2FF1C62D208B6D9A0A171F46.exe
stub32i.exe
auto-clicker.exe
auto-clicker.exe
980538
44A4F4C0AFB5F1C186A99A68467249BBA43256CB2FF1C62D208B6D9A0A171F46
stub32
auto-clicker.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Runtime DLLs
UDP communications