× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 50cad71050b3482eb7d639d15bf9af111739dac222bb5ab4f96550f959dd0b2f
File name: ObnoviSoft.exe
Detection ratio: 0 / 55
Analysis date: 2014-10-01 21:13:59 UTC ( 4 years, 1 month ago )
Antivirus Result Update
Ad-Aware 20141001
AegisLab 20141001
Yandex 20141001
AhnLab-V3 20141001
Antiy-AVL 20141001
Avast 20141001
AVG 20141001
Avira (no cloud) 20141001
AVware 20141001
Baidu-International 20141001
BitDefender 20141001
Bkav 20140930
ByteHero 20141001
CAT-QuickHeal 20141001
ClamAV 20141001
CMC 20140930
Comodo 20141001
Cyren 20141001
DrWeb 20141001
Emsisoft 20141001
ESET-NOD32 20141001
F-Prot 20140930
F-Secure 20141001
Fortinet 20141001
GData 20141001
Ikarus 20141001
Jiangmin 20141001
K7AntiVirus 20141001
K7GW 20141001
Kaspersky 20141001
Kingsoft 20141001
Malwarebytes 20141001
McAfee 20141001
McAfee-GW-Edition 20141001
Microsoft 20141001
eScan 20141001
NANO-Antivirus 20141001
Norman 20141001
nProtect 20141001
Panda 20141001
Qihoo-360 20141001
Rising 20141001
Sophos AV 20141001
SUPERAntiSpyware 20141001
Symantec 20141001
Tencent 20141001
TheHacker 20141001
TotalDefense 20141001
TrendMicro 20141001
TrendMicro-HouseCall 20141001
VBA32 20141001
VIPRE 20141001
ViRobot 20141001
Zillya 20140930
Zoner 20140929
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
www.obnovi-soft.ru

Publisher AnVir Software
Product ?????? ????
Original name ObnoviSoft.exe
Internal name ObnoviSoft.exe
File version 1.6.0.0
Description ?????? ????
Signature verification Signed file, verified signature
Signing date 11:01 AM 10/27/2011
Signers
[+] AnVir Software
Status Certificate out of its validity period
Issuer None
Valid from 1:00 AM 9/27/2011
Valid to 12:59 AM 9/27/2014
Valid usage Code Signing
Algorithm SHA1
Thumbprint 6D408EF55D4C1DEA7DADB9966C8648ED4027FBCD
Serial number 6B A3 E1 47 8E 3A 2F 89 75 21 24 09 D1 92 88 0E
[+] COMODO Code Signing CA 2
Status Valid
Issuer None
Valid from 1:00 AM 8/24/2011
Valid to 11:48 AM 5/30/2020
Valid usage Code Signing
Algorithm SHA1
Thumbprint B64771392538D1EB7A9281998791C14AFD0C5035
Serial number 10 70 9D 4F F5 54 08 D7 30 60 01 D8 EA 91 75 BB
[+] UTN-USERFirst-Object
Status Valid
Issuer None
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm SHA1
Thumbprint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] USERTrust
Status Valid
Issuer None
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm SHA1
Thumbprint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Counter signers
[+] COMODO Time Stamping Signer
Status Valid
Issuer None
Valid from 1:00 AM 5/10/2010
Valid to 12:59 AM 5/11/2015
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 3DBB6DB5085C6DD5A1CA7F9CF84ECB1A3910CAC8
Serial number 47 8A 8E FB 59 E1 D8 3F 0C E1 42 D2 A2 87 07 BE
[+] UTN-USERFirst-Object
Status Valid
Issuer None
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm SHA1
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] USERTrust
Status Valid
Issuer None
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm SHA1
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-10-27 14:01:33
Entry Point 0x0001D988
Number of sections 3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 4
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 7
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
19968

ImageVersion
0.0

ProductName

FileVersionNumber
1.6.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription

CharacterSet
Unicode

LinkerVersion
8.0

FileOS
Win32

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.6.0.0

TimeStamp
2011:10:27 16:01:33+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
ObnoviSoft.exe

ProductVersion
1.6.0.0

SubsystemVersion
4.0

OSVersion
4.0

OriginalFilename
ObnoviSoft.exe

LegalCopyright
www.obnovi-soft.ru

MachineType
Intel 386 or later, and compatibles

CompanyName
www.obnovi-soft.ru

CodeSize
150016

FileSubtype
0

ProductVersionNumber
1.6.0.0

EntryPoint
0x1d988

ObjectFileType
Executable application

AssemblyVersion
1.6.0.0

Compressed bundles
File identification
MD5 ddc2b2166ea014986d52803b2abad370
SHA1 956ac5c6f51036958236ba7880fce1ca09292e2b
SHA256 50cad71050b3482eb7d639d15bf9af111739dac222bb5ab4f96550f959dd0b2f
ssdeep
3072:WatwNYN5eYGAoXOhsSmEJOg6j6zjyxyoS9mFfIHDZomPTps6bv:Jtwy/oXgsSsgr3ydS9ooDLPTpN

authentihash b75336c7780a6492333109f6f997dfbaf1e9263ed4f1416cad3028a58934f5e1
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 173.7 KB ( 177856 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.3%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe assembly signed

VirusTotal metadata
First submission 2011-10-29 07:46:21 UTC ( 7 years ago )
Last submission 2011-12-15 18:19:56 UTC ( 6 years, 11 months ago )
File names ObnoviSoft.exe
B5184817C0EB0EF7B613020C202D1C007AB4FD52.exe
ObnoviSoft.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!