× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4ac8308ed84dd1073c87a1ef3173e978d2e7a42c40a8d47d4b10ce74f4620b6e
File name: Setup.exe
Detection ratio: 0 / 57
Analysis date: 2016-04-20 11:55:14 UTC ( 2 years, 7 months ago )
Antivirus Result Update
Ad-Aware 20160420
AegisLab 20160420
AhnLab-V3 20160419
Alibaba 20160420
ALYac 20160420
Antiy-AVL 20160420
Arcabit 20160420
Avast 20160420
AVG 20160420
Avira (no cloud) 20160420
AVware 20160420
Baidu 20160420
Baidu-International 20160420
BitDefender 20160420
Bkav 20160419
CAT-QuickHeal 20160420
ClamAV 20160420
CMC 20160415
Comodo 20160420
Cyren 20160420
DrWeb 20160420
Emsisoft 20160420
ESET-NOD32 20160420
F-Prot 20160420
F-Secure 20160420
Fortinet 20160420
GData 20160420
Ikarus 20160420
Jiangmin 20160420
K7AntiVirus 20160420
K7GW 20160420
Kaspersky 20160420
Kingsoft 20160420
Malwarebytes 20160420
McAfee 20160420
McAfee-GW-Edition 20160420
Microsoft 20160420
eScan 20160420
NANO-Antivirus 20160420
nProtect 20160420
Panda 20160419
Qihoo-360 20160420
Rising 20160420
Sophos AV 20160420
SUPERAntiSpyware 20160420
Symantec 20160420
Tencent 20160420
TheHacker 20160419
TotalDefense 20160420
TrendMicro 20160420
TrendMicro-HouseCall 20160420
VBA32 20160420
VIPRE 20160420
ViRobot 20160420
Yandex 20160419
Zillya 20160420
Zoner 20160420
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (C) giveawayoftheday.com, 2006-2012

Product Giveaway of the Day
File version 2.0.1.16
Signature verification Signed file, verified signature
Signing date 4:24 PM 9/13/2012
Signers
[+] Softdeluxe
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Thawte Code Signing CA - G2
Valid from 1:00 AM 8/12/2011
Valid to 12:59 AM 8/12/2013
Valid usage Code Signing, 1.3.6.1.4.1.311.2.1.22
Algorithm sha1RSA
Thumbprint B7560BB600B247832A8A7319BB69713096ABF918
Serial number 03 21 0A 27 BF 81 D3 59 C5 33 32 08 DD A8 F1 0D
[+] Thawte Code Signing CA - G2
Status Valid
Issuer thawte Primary Root CA
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 808D62642B7D1C4A9A83FD667F7A2A9D243FB1C7
Serial number 47 97 4D 78 73 A5 BC AB 0D 2F B3 70 19 2F CE 5E
[+] thawte
Status Valid
Issuer thawte Primary Root CA
Valid from 1:00 AM 11/17/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 91C6D6EE3E8AC86384E548C299295C756C817B81
Serial number 34 4E D5 57 20 D5 ED EC 49 F4 2F CE 37 DB 2B 6D
Counter signers
[+] Symantec Time Stamping Services Signer - G3
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown., Error 65536 (0x10000), The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer VeriSign Time Stamping Services CA
Valid from 1:00 AM 5/1/2012
Valid to 12:59 AM 1/1/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 8FD99D63FB3AFBD534A4F6E31DACD27F59504021
Serial number 79 A2 A5 85 F9 D1 15 42 13 D9 B8 3E F6 B6 8D ED
[+] VeriSign Time Stamping Services CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-09-13 15:19:04
Entry Point 0x0066D000
Number of sections 7
PE sections
Overlays
MD5 d0b36768b305a547f97b3c003248f551
File type data
Offset 3282432
Size 5240
Entropy 7.37
PE imports
RegQueryValueExA
UnrealizeObject
ImmSetCompositionWindow
GetCommandLineA
GetModuleHandleA
lstrcmpiA
MessageBoxA
VerQueryValueA
CreateStreamOnHGlobal
Number of PE resources by type
RT_CURSOR 17
RT_GROUP_CURSOR 16
RT_STRING 14
RT_ICON 12
RT_DIALOG 7
RT_BITMAP 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 51
NEUTRAL 17
RUSSIAN 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.0.1.16

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
537600

EntryPoint
0x66d000

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
2.0.1.16

TimeStamp
2012:09:13 16:19:04+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
2.0.1.0

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Windows NT 32-bit

LegalCopyright
Copyright (C) giveawayoftheday.com, 2006-2012

MachineType
Intel 386 or later, and compatibles

CompanyName
giveawayoftheday.com

CodeSize
1255936

ProductName
Giveaway of the Day

ProductVersionNumber
2.0.1.0

FileTypeExtension
exe

ObjectFileType
Unknown

File identification
MD5 7d1d2c80b80dec0ab308de5d88eed752
SHA1 1bfa3094338962057f949bdf570af695b93430b9
SHA256 4ac8308ed84dd1073c87a1ef3173e978d2e7a42c40a8d47d4b10ce74f4620b6e
ssdeep
49152:gYe6g0Kq/MbkbfiBvm6VXtYYqSW08IJALiITJal89baeJ012NOjVRWefT:gYeZ0KGzqvkZeyJaobaqO/

authentihash bde2e57a9b5908a8ed070d5e6ab2e8e5b55130fe24163412306803bea4ee5e96
imphash a16886db1e46080fa2af9dfab41e5d29
File size 3.1 MB ( 3287672 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2012-09-14 15:28:58 UTC ( 6 years, 2 months ago )
Last submission 2012-10-18 03:03:19 UTC ( 6 years, 1 month ago )
File names Setup.exe
Activate.exe
Setup_1.exe
Setup.exe
file-4521025_exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!