× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 591535acd7fe4c71862497709fce2f12531de70ba58edc38dbae30d8daa7a7a1
File name: 1040855
Detection ratio: 1 / 67
Analysis date: 2018-06-10 05:44:30 UTC ( 10 months, 1 week ago ) View latest
Antivirus Result Update
Cylance Unsafe 20180610
Ad-Aware 20180610
AegisLab 20180610
AhnLab-V3 20180609
Alibaba 20180608
ALYac 20180609
Antiy-AVL 20180610
Arcabit 20180610
Avast 20180610
Avast-Mobile 20180609
AVG 20180610
Avira (no cloud) 20180609
AVware 20180610
Baidu 20180608
BitDefender 20180610
Bkav 20180609
CAT-QuickHeal 20180609
ClamAV 20180609
CMC 20180609
Comodo 20180609
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cyren 20180610
DrWeb 20180610
eGambit 20180610
Emsisoft 20180610
Endgame 20180507
ESET-NOD32 20180610
F-Prot 20180610
F-Secure 20180610
Fortinet 20180610
GData 20180610
Ikarus 20180609
Sophos ML 20180601
Jiangmin 20180610
K7AntiVirus 20180610
K7GW 20180610
Kaspersky 20180610
Kingsoft 20180610
Malwarebytes 20180610
MAX 20180610
McAfee 20180610
McAfee-GW-Edition 20180609
Microsoft 20180610
eScan 20180610
NANO-Antivirus 20180610
Palo Alto Networks (Known Signatures) 20180610
Panda 20180609
Qihoo-360 20180610
Rising 20180610
SentinelOne (Static ML) 20180225
Sophos AV 20180610
SUPERAntiSpyware 20180609
Symantec 20180609
Symantec Mobile Insight 20180605
TACHYON 20180608
Tencent 20180610
TheHacker 20180608
TotalDefense 20180609
TrendMicro 20180610
TrendMicro-HouseCall 20180610
Trustlook 20180610
VBA32 20180608
VIPRE 20180610
ViRobot 20180609
Webroot 20180610
Yandex 20180609
Zillya 20180608
ZoneAlarm by Check Point 20180610
Zoner 20180609
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© 2018 by SoftDigi company. All rights reserved.

File version 1.0.0.0
Description SoftDigi Installer
Packers identified
PEiD ASPack v2.12
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-01 05:20:58
Entry Point 0x0343A001
Number of sections 13
PE sections
PE imports
RegQueryValueExW
RegUnLoadKeyW
InitializeFlatSB
UnrealizeObject
GdipGetPenFillType
GetProcAddress
GetModuleHandleA
LoadLibraryA
CreateStreamOnHGlobal
GetErrorInfo
SysFreeString
SafeArrayPtrOfIndex
SHGetFolderPathW
Ord(709)
SHGetFileInfoW
EnumDisplayMonitors
MessageBoxA
SetClassLongW
VerQueryValueW
timeGetTime
GetDefaultPrinterW
OpenPrinterW
PE exports
Number of PE resources by type
RT_STRING 60
RT_BITMAP 28
RT_RCDATA 26
RT_GROUP_CURSOR 8
RT_ICON 8
RT_CURSOR 8
RT_DIALOG 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 82
NEUTRAL 49
ENGLISH NEUTRAL 7
RUSSIAN 5
PE resources
ExifTool file metadata
SubsystemVersion
5.0

InitializedDataSize
49952256

ImageVersion
0.0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Windows, Latin1

LinkerVersion
2.25

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.0

TimeStamp
2018:05:31 22:20:58-07:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
5.0.0.0

FileDescription
SoftDigi Installer

OSVersion
5.0

FileOS
Win32

LegalCopyright
2018 by SoftDigi company. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CodeSize
4639232

FileSubtype
0

ProductVersionNumber
5.0.0.0

EntryPoint
0x343a001

ObjectFileType
Executable application

File identification
MD5 8c8cdd6a2dc029f32c5200f634215015
SHA1 4d05652372c67848a2fbf32266b46462daccb06c
SHA256 591535acd7fe4c71862497709fce2f12531de70ba58edc38dbae30d8daa7a7a1
ssdeep
786432:ZpO7Rb5KI4kvhY1rXiI1ZqUDC8LyRUN0td3NX7X5fglgtQcuio:D0b5Zv0rSgqUu8LyRPd31X2Y

authentihash 40b5413ff8c8ff2ba654875e503e2fabe492a37055266707484c8a11c922bd6e
imphash 9e1210be694e67d6bf84e46ee6ffd469
File size 47.7 MB ( 49992704 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe aspack

VirusTotal metadata
First submission 2018-06-04 04:50:16 UTC ( 10 months, 2 weeks ago )
Last submission 2018-06-10 05:44:30 UTC ( 10 months, 1 week ago )
File names SD_EasyGIF_setup.exe
1040855
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!