× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 51e6f7f9e81e6d3dc12a33daab9cf672985308d9f40a803d36e606dde3f4e2b6
File name: UpdateStar_ENU.msi
Detection ratio: 3 / 53
Analysis date: 2018-11-09 01:00:22 UTC ( 2 months, 1 week ago ) View latest
Antivirus Result Update
DrWeb Trojan.InstallCore.1673 20181109
ESET-NOD32 a variant of Win32/UpdateStar.A potentially unwanted 20181108
Rising Hoax.DeceptPCClean!8.EEF9 (CLOUD) 20181109
Ad-Aware 20181109
AegisLab 20181108
AhnLab-V3 20181108
Alibaba 20180921
ALYac 20181109
Antiy-AVL 20181108
Arcabit 20181108
Avast 20181109
Avast-Mobile 20181108
AVG 20181109
Avira (no cloud) 20181108
Babable 20180918
Baidu 20181108
BitDefender 20181108
Bkav 20181108
CAT-QuickHeal 20181108
ClamAV 20181108
CMC 20181108
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181109
Cyren 20181109
eGambit 20181109
Emsisoft 20181109
Endgame 20181108
F-Prot 20181109
F-Secure 20181109
Fortinet 20181109
GData 20181108
Ikarus 20181108
Sophos ML 20181108
Jiangmin 20181108
K7AntiVirus 20181108
K7GW 20181108
Kaspersky 20181109
Kingsoft 20181109
Malwarebytes 20181108
MAX 20181109
McAfee 20181108
McAfee-GW-Edition 20181108
Microsoft 20181108
eScan 20181108
NANO-Antivirus 20181108
Palo Alto Networks (Known Signatures) 20181109
Panda 20181108
Qihoo-360 20181109
SentinelOne (Static ML) 20181011
Sophos AV 20181108
SUPERAntiSpyware 20181107
Symantec 20181108
Symantec Mobile Insight 20181108
TACHYON 20181109
Tencent 20181109
TheHacker 20181108
TotalDefense 20181108
TrendMicro 20181108
TrendMicro-HouseCall 20181109
Trustlook 20181109
VBA32 20181108
ViRobot 20181108
Webroot 20181109
Yandex 20181108
Zillya 20181108
ZoneAlarm by Check Point 20181109
Zoner 20181109
The file being studied is a Windows Installer file! These types of files are software components used for the installation, maintenance, and removal of software on modern Microsoft Windows systems.
Authenticode signature block
Signature verification Signed file, verified signature
Signing date 4:36 PM 2/29/2016
Signers
[+] UpdateStar GmbH
Status This certificate or one of the certificates in the certificate chain is not time valid.
Valid from 12:00 AM 01/12/2016
Valid to 11:59 PM 01/11/2019
Valid usage Code Signing
Algorithm sha256RSA
Thumbrint BBB39898D0A7A577B4EB5E88DB7C128F2C1F0363
Serial number 00 FB AD F6 74 BC 78 E2 79 82 1F BD F9 D9 37 DF 06
[+] COMODO RSA Code Signing CA
Status Valid
Valid from 11:00 PM 05/08/2013
Valid to 10:59 PM 05/08/2028
Valid usage Code Signing
Algorithm sha384RSA
Thumbrint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
[+] COMODO SECURE™
Status Valid
Valid from 12:00 AM 01/19/2010
Valid to 11:59 PM 01/18/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha384RSA
Thumbrint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Valid from 11:00 PM 10/17/2012
Valid to 11:59 PM 12/29/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Valid from 12:00 AM 12/21/2012
Valid to 11:59 PM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Valid from 12:00 AM 01/01/1997
Valid to 11:59 PM 12/31/2020
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
OLE structured storage summary
creation_datetime
2016-02-29 17:36:19
author
UpdateStar GmbH
title
Installation Database
page_count
200
word_count
10
keywords
Installer
last_saved
2016-02-29 17:36:19
revision_number
{57E6BB6E-15DC-436C-8CFC-CD98BEDE0B79}
application_name
Windows Installer XML v2.0.5805.0 (candle/light)
security
2
subject
Shows available updates to your programs.
template
;1033
code_page
Latin I
comments
This installer database contains the logic and data required to install UpdateStar.
OLE Streams
name
Root Entry
clsid
000c1084-0000-0000-c000-000000000046
type_literal
root
clsid_literal
on
sid
0
size
13696
type_literal
stream
sid
54
name
\x05DigitalSignature
size
6359
type_literal
stream
sid
53
name
\x05MsiDigitalSignatureEx
size
20
type_literal
stream
sid
7
name
\x05SummaryInformation
size
568
type_literal
stream
sid
42
name
\u4192\u4472\u3fbe\u41f3\u45e4\u3f28\u4137\u47b5\u41ac\u4832
size
101827
type_literal
stream
sid
50
name
\u430b\u4131\u4735\u3b3e\u3b64\u43ef
size
60416
type_literal
stream
sid
46
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3aff\u4464\u4231\u4835
size
85894
type_literal
stream
sid
48
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3b7f\u412c\u44af\u482a
size
461814
type_literal
stream
sid
45
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3dff\u46a8
size
1150
type_literal
stream
sid
44
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3fbf\u4833
size
1150
type_literal
stream
sid
49
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3cbf\u44a6\u3bbf\u41bb\u412f\u4830
size
5430
type_literal
stream
sid
47
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3cbf\u44a6\u3cbf\u4271\u4832
size
5430
type_literal
stream
sid
52
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u4320\u41bb\u4824
size
143360
type_literal
stream
sid
51
name
\u430b\u4131\u4735\u46be\u46ec\u4126
size
143360
type_literal
stream
sid
40
name
\u44de\u4127\u4237\u45dc\u4564\u41be\u4164
size
10018576
type_literal
stream
sid
37
name
\u4840\u3b3f\u43f2\u4438\u45b1
size
1536
type_literal
stream
sid
3
name
\u4840\u3c9e\u421d\u45fb
size
200
type_literal
stream
sid
39
name
\u4840\u3f3f\u4577\u446c\u3b6a\u45e4\u4824
size
67571
type_literal
stream
sid
38
name
\u4840\u3f3f\u4577\u446c\u3e6a\u44b2\u482f
size
6380
type_literal
stream
sid
36
name
\u4840\u3f7f\u4164\u422f\u4836
size
76
type_literal
stream
sid
35
name
\u4840\u3fff\u43e4\u41ec\u45e4\u44ac\u4831
size
4656
type_literal
stream
sid
29
name
\u4840\u4115\u4478\u42e6\u448c\u41f1\u45ec\u44ac\u4831
size
8
type_literal
stream
sid
33
name
\u4840\u411b\u4327\u3af2\u45f8\u44b7\u4831
size
36
type_literal
stream
sid
21
name
\u4840\u418a\u4337\u4472\u421d\u45fb
size
420
type_literal
stream
sid
41
name
\u4840\u4192\u4472
size
4
type_literal
stream
sid
34
name
\u4840\u41ca\u4330\u3bb1\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
48
type_literal
stream
sid
15
name
\u4840\u41ca\u4330\u3fb1\u3f12\u4528\u4238\u41b1\u4828
size
42
type_literal
stream
sid
4
name
\u4840\u41ca\u45f9\u46ce\u41a8\u45f8\u3f28\u4528\u4238\u41b1\u4828
size
48
type_literal
stream
sid
20
name
\u4840\u420f\u45e4\u4578\u3b28\u4432\u44b3\u4231\u45f1\u4836
size
140
type_literal
stream
sid
12
name
\u4840\u420f\u45e4\u4578\u4828
size
112
type_literal
stream
sid
13
name
\u4840\u4216\u4327\u4824
size
14
type_literal
stream
sid
28
name
\u4840\u421b\u3d6a\u41b2\u45e4\u4572
size
50
type_literal
stream
sid
32
name
\u4840\u421b\u432a\u45f6\u4735
size
696
type_literal
stream
sid
17
name
\u4840\u421b\u44b0\u4239\u430f\u422f
size
60
type_literal
stream
sid
2
name
\u4840\u421d\u45fb\u45dc\u43fc\u4828
size
36
type_literal
stream
sid
6
name
\u4840\u42cc\u41a8\u3aee\u46f2
size
20
type_literal
stream
sid
16
name
\u4840\u42dc\u4572\u41b7\u45f8
size
96
type_literal
stream
sid
43
name
\u4840\u430b\u4131\u4735
size
36
type_literal
stream
sid
22
name
\u4840\u430d\u4235\u45e6\u4572\u483c
size
192
type_literal
stream
sid
23
name
\u4840\u430d\u43e4\u42b2
size
484
type_literal
stream
sid
5
name
\u4840\u430f\u422f
size
1820
type_literal
stream
sid
8
name
\u4840\u4452\u45f6\u43e4\u3baf\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
210
type_literal
stream
sid
19
name
\u4840\u4452\u45f6\u43e4\u3faf\u3f12\u4528\u4238\u41b1\u4828
size
102
type_literal
stream
sid
14
name
\u4840\u448c\u41f1\u45ec\u44ac\u4831
size
18
type_literal
stream
sid
24
name
\u4840\u448c\u44f0\u4472\u4468\u4837
size
420
type_literal
stream
sid
27
name
\u4840\u448c\u45f1\u44b5\u3b2f\u4472\u4327\u4337\u4472
size
264
type_literal
stream
sid
9
name
\u4840\u448c\u45f1\u44b5\u3baf\u4239\u45f1
size
1260
type_literal
stream
sid
10
name
\u4840\u448c\u45f1\u44b5\u482f
size
5564
type_literal
stream
sid
18
name
\u4840\u44ca\u3f33\u4128\u41b5\u482b
size
20
type_literal
stream
sid
31
name
\u4840\u44de\u456a\u41e4\u4828
size
32
type_literal
stream
sid
11
name
\u4840\u454e\u44b5\u4835
size
668
type_literal
stream
sid
1
name
\u4840\u4559\u44f2\u4568\u4737
size
184
type_literal
stream
sid
30
name
\u4840\u4596\u3bec\u43ec\u3c68\u45a4\u482b
size
180
type_literal
stream
sid
25
name
\u4840\u460c\u45f6\u4432\u418a\u4337\u4472
size
104
type_literal
stream
sid
26
name
\u4840\u464e\u4468\u3db7\u44e4\u4333\u42b1
size
40
ExifTool file metadata
MIMEType
image/vnd.fpx

ModifyDate
2016:02:29 16:36:19

Template
;1033

Title
Installation Database

FileType
FPX

Author
UpdateStar GmbH

Comments
This installer database contains the logic and data required to install UpdateStar.

CodePage
Windows Latin 1 (Western European)

FileTypeExtension
fpx

Words
10

Keywords
Installer

CreateDate
2016:02:29 16:36:19

Security
Read-only recommended

Software
Windows Installer XML v2.0.5805.0 (candle/light)

Pages
200

RevisionNumber
{57E6BB6E-15DC-436C-8CFC-CD98BEDE0B79}

Subject
Shows available updates to your programs.

Compressed bundles
File identification
MD5 9718155e03e413a63a65635d54b2f77c
SHA1 84844e11e8efa4e9215a7dc58ca89f25752c8462
SHA256 51e6f7f9e81e6d3dc12a33daab9cf672985308d9f40a803d36e606dde3f4e2b6
ssdeep
196608:wy2Lo4ls5q8m09CU0d6vePXYFCTiIk6AGf0ljRArFn2kIm8UmmiCJr:wvo4a5q8m09HnmfMC+6V0l9ArRtyUmmd

File size 10.7 MB ( 11182080 bytes )
File type Windows Installer
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1252, Title: Installation Database, Subject: Shows available updates to your programs., Author: UpdateStar GmbH, Keywords: Installer, Comments: This installer database contains the logic and data required to install UpdateStar., Template:

TrID Microsoft Windows Installer (89.6%)
Windows Installer Patch (8.7%)
Generic OLE2 / Multistream Compound File (1.5%)
Tags
msi signed

VirusTotal metadata
First submission 2016-03-06 08:49:31 UTC ( 2 years, 10 months ago )
Last submission 2019-01-03 01:16:57 UTC ( 2 weeks, 3 days ago )
File names 53431c.msi
UpdateStar_ENU.msi
1624a81.msi
updatestar_enu.msi
UpdateStar_ENU.msi
1028774
11d7e6f.msi
39f32bd.msi
2e072d4.msi
39c8e5.msi
UpdateStar_ENU creo q contiene delta.msi
6f74796.msi
c92669.msi
UpdateStar Premium Edition 11.0.1297.msi
6afef.msi
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!