× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 480a9cb6133a21f504b8d4f856945e171449cefeacd3a0774fb1e5f4303224a1
File name: PcregboostV1.2.msi
Detection ratio: 7 / 56
Analysis date: 2017-04-10 08:49:22 UTC ( 1 year, 11 months ago ) View latest
Antivirus Result Update
Avast Other:Malware-gen [Trj] 20170410
CAT-QuickHeal Trojan.Agent 20170407
Kaspersky Trojan.Win32.Agent.neznfe 20170410
McAfee Artemis!08B99BF0F8B6 20170410
McAfee-GW-Edition Artemis!08B99BF0F8B6 20170410
TrendMicro-HouseCall Suspicious_GEN.F47V0404 20170410
ZoneAlarm by Check Point Trojan.Win32.Agent.neznfe 20170410
Ad-Aware 20170410
AegisLab 20170410
AhnLab-V3 20170410
Alibaba 20170410
ALYac 20170410
Antiy-AVL 20170410
Arcabit 20170410
AVG 20170410
Avira (no cloud) 20170410
AVware 20170410
Baidu 20170410
BitDefender 20170410
Bkav 20170408
ClamAV 20170410
CMC 20170410
Comodo 20170410
CrowdStrike Falcon (ML) 20170130
Cyren 20170410
DrWeb 20170410
Emsisoft 20170410
Endgame 20170407
ESET-NOD32 20170410
F-Prot 20170410
F-Secure 20170410
Fortinet 20170410
GData 20170410
Ikarus 20170410
Sophos ML 20170203
Jiangmin 20170410
K7AntiVirus 20170410
K7GW 20170410
Kingsoft 20170410
Malwarebytes 20170410
Microsoft 20170410
eScan 20170410
NANO-Antivirus 20170410
nProtect 20170410
Palo Alto Networks (Known Signatures) 20170410
Panda 20170409
Qihoo-360 20170410
Rising 20170410
SentinelOne (Static ML) 20170330
Sophos AV 20170410
SUPERAntiSpyware 20170410
Symantec 20170409
Symantec Mobile Insight 20170406
Tencent 20170410
TheHacker 20170410
TrendMicro 20170410
Trustlook 20170410
VBA32 20170407
VIPRE 20170410
ViRobot 20170410
Webroot 20170410
WhiteArmor 20170409
Yandex 20170410
Zillya 20170407
Zoner 20170410
The file being studied is a Windows Installer file! These types of files are software components used for the installation, maintenance, and removal of software on modern Microsoft Windows systems.
Authenticode signature block
Signature verification Signed file, verified signature
Signing date 9:48 PM 3/3/2017
Signers
[+] iNEXT IT NETWORKS
Status This certificate or one of the certificates in the certificate chain is not time valid.
Valid from 1:00 AM 8/5/2016
Valid to 12:59 AM 8/6/2017
Valid usage Code Signing
Algorithm sha256RSA
Thumbrint 421864E6046CBD645227BDF61AA3ED4666F175C3
Serial number 0D 4D 49 8C F4 B7 D9 5E 15 03 54 D8 CC C4 42 E1
[+] COMODO RSA Code Signing CA
Status Valid
Valid from 1:00 AM 5/9/2013
Valid to 12:59 AM 5/9/2028
Valid usage Code Signing
Algorithm sha384RSA
Thumbrint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
[+] COMODO SECURE™
Status Valid
Valid from 1:00 AM 1/19/2010
Valid to 12:59 AM 1/19/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha384RSA
Thumbrint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
Counter signers
[+] DigiCert Timestamp Responder
Status Valid
Valid from 1:00 AM 10/22/2014
Valid to 1:00 AM 10/22/2024
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 614D271D9102E30169822487FDE5DE00A352B01D
Serial number 03 01 9A 02 3A FF 58 B1 6B D6 D5 EA E6 17 F0 66
[+] DigiCert Assured ID CA-1
Status Valid
Valid from 1:00 AM 11/10/2006
Valid to 1:00 AM 11/10/2021
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing
Algorithm sha1RSA
Thumbrint 19A09B5A36F4DD99727DF783C17A51231A56C117
Serial number 06 FD F9 03 96 03 AD EA 00 0A EB 3F 27 BB BA 1B
[+] DigiCert
Status Valid
Valid from 1:00 AM 11/10/2006
Valid to 1:00 AM 11/10/2031
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha1RSA
Thumbrint 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Serial number 0C E7 E0 E5 17 D8 46 FE 8F E5 60 FC 1B F0 30 39
OLE structured storage summary
creation_datetime
1999-06-21 08:00:00
author
iNextITNetwork
title
Pcregboost
page_count
200
last_saved
2017-03-03 21:47:29
word_count
2
revision_number
{64C0067E-19B6-408D-841F-05323F57BE7C}
last_printed
2017-03-03 21:47:29
application_name
Windows Installer
security
1
code_page
Latin I
template
Intel;1033
OLE Streams
name
Root Entry
clsid
000c1084-0000-0000-c000-000000000046
type_literal
root
clsid_literal
on
sid
0
size
11136
type_literal
stream
size
8968
name
\x05DigitalSignature
sid
8
type_literal
stream
size
20
name
\x05MsiDigitalSignatureEx
sid
7
type_literal
stream
size
420
name
\x05SummaryInformation
sid
1
type_literal
stream
size
6306784
name
\u3a3f\u3ac2\u380b\u3842\u3b8e\u38c6\u3b4a\u390e\u3b4a\u3941\u39c4\u388e\u390f\u39c8\u3a80\u3904\u480f
sid
47
type_literal
stream
size
32038
name
\u4192\u4472\u47fe\u3a4c\u3bcd\u3886\u3a07\u3a4c\u39c2\u390c\u380e\u398b\u390e\u3a40\u423e\u423b
sid
32
type_literal
stream
size
32038
name
\u4192\u4472\u47fe\u3b8c\u38c6\u3983\u39c5\u3906\u38c1\u3b4c\u3ac1\u3905\u3948\u3b00\u423e\u423b
sid
30
type_literal
stream
size
105056
name
\u430b\u4131\u4735\u3b7e\u4268\u410b\u4471\u4568\u430b\u4437\u44e4
sid
36
type_literal
stream
size
68288
name
\u430b\u4131\u4735\u3cbe\u45b1\u4137\u43ef\u45de\u43ec
sid
10
type_literal
stream
size
312880
name
\u430b\u4131\u4735\u3dbe\u3fdc\u3b4b\u3b19\u3b4a\u3d55
sid
25
type_literal
stream
size
318
name
\u430b\u4131\u4735\u3dfe\u46a8\u43cf\u4567\u45cb\u4831
sid
43
type_literal
stream
size
318
name
\u430b\u4131\u4735\u3fbe\u3bf3\u41ef\u3af5\u4477
sid
42
type_literal
stream
size
11234
name
\u430b\u4131\u4735\u3ffe\u3b5c\u3b97\u3b1d\u3c0f
sid
27
type_literal
stream
size
3328
name
\u4840\u3b3f\u43f2\u4438\u45b1
sid
4
type_literal
stream
size
204
name
\u4840\u3c9e\u421d\u45fb
sid
35
type_literal
stream
size
47933
name
\u4840\u3f3f\u4577\u446c\u3b6a\u45e4\u4824
sid
6
type_literal
stream
size
5328
name
\u4840\u3f3f\u4577\u446c\u3e6a\u44b2\u482f
sid
5
type_literal
stream
size
176
name
\u4840\u3f7f\u4164\u422f\u4836
sid
3
type_literal
stream
size
6
name
\u4840\u3fff\u41f6\u4115\u4478\u42e6\u448c\u41f1\u45ec\u44ac\u4831
sid
24
type_literal
stream
size
10248
name
\u4840\u3fff\u43e4\u41ec\u45e4\u44ac\u4831
sid
2
type_literal
stream
size
108
name
\u4840\u411b\u4327\u3af2\u45f8\u44b7\u4831
sid
41
type_literal
stream
size
8
name
\u4840\u4192\u4472
sid
29
type_literal
stream
size
54
name
\u4840\u41ca\u4330\u3bb1\u423b\u4626\u4237\u421c\u4634\u4468\u4226
sid
21
type_literal
stream
size
72
name
\u4840\u41ca\u4330\u3fb1\u3f12\u4528\u4238\u41b1\u4828
sid
23
type_literal
stream
size
96
name
\u4840\u41ca\u45f9\u46ce\u41a8\u45f8\u3f28\u4528\u4238\u41b1\u4828
sid
20
type_literal
stream
size
124
name
\u4840\u420f\u45e4\u4578\u3b28\u4432\u44b3\u4231\u45f1\u4836
sid
45
type_literal
stream
size
16
name
\u4840\u420f\u45e4\u4578\u4828
sid
14
type_literal
stream
size
12
name
\u4840\u4216\u4327\u4824
sid
46
type_literal
stream
size
48
name
\u4840\u421d\u45fb\u45dc\u43fc\u4828
sid
34
type_literal
stream
size
48
name
\u4840\u42dc\u4572\u41b7\u45f8
sid
31
type_literal
stream
size
24
name
\u4840\u430b\u4131\u4735
sid
9
type_literal
stream
size
30
name
\u4840\u430d\u4235\u45e6\u4572\u483c
sid
19
type_literal
stream
size
528
name
\u4840\u430d\u43e4\u42b2
sid
40
type_literal
stream
size
558
name
\u4840\u430f\u422f
sid
16
type_literal
stream
size
438
name
\u4840\u4452\u45f6\u43e4\u3baf\u423b\u4626\u4237\u421c\u4634\u4468\u4226
sid
12
type_literal
stream
size
132
name
\u4840\u4452\u45f6\u43e4\u3faf\u3f12\u4528\u4238\u41b1\u4828
sid
22
type_literal
stream
size
372
name
\u4840\u448c\u44f0\u4472\u4468\u4837
sid
15
type_literal
stream
size
544
name
\u4840\u448c\u45f1\u44b5\u3b2f\u4472\u4327\u4337\u4472
sid
38
type_literal
stream
size
1044
name
\u4840\u448c\u45f1\u44b5\u3baf\u4239\u45f1
sid
39
type_literal
stream
size
5356
name
\u4840\u448c\u45f1\u44b5\u482f
sid
37
type_literal
stream
size
78
name
\u4840\u4496\u4627\u422f\u431c\u446a\u45e4\u4578\u4828
sid
33
type_literal
stream
size
16
name
\u4840\u44de\u456a\u41e4\u4828
sid
28
type_literal
stream
size
4
name
\u4840\u454e\u44b5\u4835
sid
13
type_literal
stream
size
128
name
\u4840\u4559\u44f2\u4568\u4737
sid
26
type_literal
stream
size
366
name
\u4840\u4596\u3aac\u45b6\u4428\u43e5\u3dfc\u4424\u4828
sid
18
type_literal
stream
size
140
name
\u4840\u4596\u3aac\u45b6\u4428\u43e5\u483c
sid
17
type_literal
stream
size
72
name
\u4840\u460c\u45f6\u4432\u418a\u4337\u4472
sid
11
type_literal
stream
size
192
name
\u4840\u464e\u4468\u3db7\u44e4\u4333\u42b1
sid
44
ExifTool file metadata
MIMEType
image/vnd.fpx

ModifyDate
2017:03:03 20:47:29

Words
2

Author
iNextITNetwork

FileType
FPX

Title
Pcregboost

Pages
200

FileTypeExtension
fpx

Template
Intel;1033

CreateDate
1999:06:21 07:00:00

LastPrinted
2017:03:03 20:47:29

Security
Password protected

CodePage
Windows Latin 1 (Western European)

RevisionNumber
{64C0067E-19B6-408D-841F-05323F57BE7C}

Software
Windows Installer

File identification
MD5 5e63f69b6700fd42dd30efb7f9b3e238
SHA1 6280c6e83d6155990c290d7bd0500f41b6b74003
SHA256 480a9cb6133a21f504b8d4f856945e171449cefeacd3a0774fb1e5f4303224a1
ssdeep
98304:05BA1oxAdBfKtcdZ/S0xEpL78p9UlhkM+BkTLDfiSUMNlo1iiioBioKVfhFCXwQ:jEALKtM/S0aH8pkkMbT/xND5oK9hO

File size 6.7 MB ( 7023616 bytes )
File type Windows Installer
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 10.0, Create Time/Date: Sun Jun 20 07:00:00 1999, Name of Creating Application: Windows Installer, Security: 1, Code page: 1252, Template: Intel

TrID Microsoft Windows Installer (89.6%)
Windows Installer Patch (8.7%)
Generic OLE2 / Multistream Compound File (1.5%)
Tags
msi signed

VirusTotal metadata
First submission 2017-04-04 10:34:08 UTC ( 1 year, 11 months ago )
Last submission 2018-04-07 19:33:51 UTC ( 11 months, 3 weeks ago )
File names PcregboostV1.2.msi
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!