× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5bc9c24f3cfa11bbb53ff226d67d21f32814162fd84a38ae8f69e8a866878de7
File name: 614110
Detection ratio: 0 / 55
Analysis date: 2016-08-12 00:29:16 UTC ( 2 years, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160812
AegisLab 20160811
AhnLab-V3 20160811
Alibaba 20160811
ALYac 20160812
Antiy-AVL 20160812
Arcabit 20160812
Avast 20160812
AVG 20160812
Avira (no cloud) 20160812
AVware 20160812
Baidu 20160811
BitDefender 20160812
Bkav 20160811
CAT-QuickHeal 20160811
ClamAV 20160811
CMC 20160811
Comodo 20160812
Cyren 20160812
DrWeb 20160812
Emsisoft 20160812
ESET-NOD32 20160811
F-Prot 20160812
F-Secure 20160812
Fortinet 20160812
GData 20160812
Ikarus 20160811
Jiangmin 20160811
K7AntiVirus 20160811
K7GW 20160811
Kaspersky 20160811
Kingsoft 20160812
Malwarebytes 20160811
McAfee 20160811
McAfee-GW-Edition 20160811
Microsoft 20160811
eScan 20160811
NANO-Antivirus 20160811
nProtect 20160811
Panda 20160811
Qihoo-360 20160812
Sophos AV 20160811
SUPERAntiSpyware 20160811
Symantec 20160811
Tencent 20160812
TheHacker 20160810
TotalDefense 20160811
TrendMicro 20160811
TrendMicro-HouseCall 20160811
VBA32 20160811
VIPRE 20160811
ViRobot 20160811
Yandex 20160812
Zillya 20160811
Zoner 20160811
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.

Product RZPowerPointConverter
Original name Setup.exe
Internal name Setup
File version 5.01
Description Setup Launcher Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2008-09-11 05:56:48
Entry Point 0x00048417
Number of sections 4
PE sections
Overlays
MD5 223bc94fe4f4a20f299f253f46a36bc0
File type data
Offset 716800
Size 26179931
Entropy 8.00
PE imports
SetSecurityDescriptorOwner
RegCreateKeyExW
RegCloseKey
RegQueryValueExA
RegCreateKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW
SetSecurityDescriptorDacl
OpenProcessToken
RegEnumKeyW
RegOpenKeyW
RegOpenKeyExA
GetTokenInformation
RegDeleteValueW
RegEnumKeyExW
OpenThreadToken
RegEnumValueW
RegSetValueExW
FreeSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
EqualSid
SetSecurityDescriptorGroup
GetDeviceCaps
RealizePalette
TranslateCharsetInfo
DeleteDC
CreateFontIndirectW
SetBkMode
BitBlt
CreatePalette
GetStockObject
CreateDIBitmap
GetSystemPaletteEntries
SelectPalette
CreateSolidBrush
DeleteObject
GetObjectW
SelectObject
CreateCompatibleDC
GetTextExtentPoint32W
CreateFontW
SetTextColor
GetStdHandle
GetDriveTypeW
WaitForSingleObject
HeapDestroy
GetFileAttributesW
DuplicateHandle
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
LocalAlloc
UnhandledExceptionFilter
SetErrorMode
FreeEnvironmentStringsW
lstrcatW
GetThreadContext
GetLocaleInfoW
SetStdHandle
GetFileTime
WideCharToMultiByte
lstrcmpiA
GetStringTypeA
GetDiskFreeSpaceW
InterlockedExchange
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetExitCodeProcess
LocalFree
FormatMessageW
ResumeThread
CreateEventW
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
MoveFileW
SetFileAttributesW
SetLastError
GetEnvironmentVariableA
CopyFileW
WriteProcessMemory
RemoveDirectoryW
ExitProcess
VerLanguageNameW
GetModuleFileNameA
GetVersionExA
LoadLibraryA
RaiseException
EnumSystemLocalesA
SetConsoleCtrlHandler
GetSystemDefaultLCID
LoadLibraryExW
MultiByteToWideChar
FatalAppExitA
FlushInstructionCache
SetFilePointer
HeapAlloc
CreateThread
GetSystemDirectoryW
GetExitCodeThread
SetUnhandledExceptionFilter
MulDiv
ExitThread
SetEnvironmentVariableA
SetThreadContext
TerminateProcess
SearchPathW
SetCurrentDirectoryW
VirtualQuery
SetEndOfFile
GetVersion
LeaveCriticalSection
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
FlushFileBuffers
lstrcmpiW
RtlUnwind
GetStartupInfoA
GetDateFormatA
GetWindowsDirectoryW
GetFileSize
OpenProcess
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
VirtualProtectEx
GetProcessHeap
GetTempFileNameW
CreateFileMappingW
WriteFile
CompareStringW
lstrcpyW
GetModuleFileNameW
ExpandEnvironmentStringsW
lstrcmpA
FindNextFileW
lstrcpyA
CompareStringA
FindFirstFileW
IsValidLocale
lstrcmpW
GetProcAddress
SetEvent
GetCurrentDirectoryW
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
GetCurrentThreadId
InterlockedIncrement
GetLastError
InitializeCriticalSection
SystemTimeToFileTime
LCMapStringW
UnmapViewOfFile
GetSystemInfo
lstrlenA
GlobalFree
LCMapStringA
GetTimeFormatW
GetProcessTimes
GetEnvironmentStringsW
GlobalUnlock
GlobalAlloc
lstrlenW
VirtualFree
FileTimeToLocalFileTime
SizeofResource
CompareFileTime
GetCurrentProcessId
LockResource
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
GetCurrentThread
lstrcpynW
QueryPerformanceFrequency
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetTimeFormatA
lstrcpynA
GetACP
GlobalLock
GetModuleHandleW
FindResourceExW
GetEnvironmentStrings
TlsGetValue
IsValidCodePage
HeapCreate
FindResourceW
CreateProcessW
Sleep
IsBadReadPtr
IsBadCodePtr
VirtualAlloc
GetOEMCP
ResetEvent
CreateErrorInfo
VariantChangeType
SysStringLen
SysAllocStringLen
RegisterTypeLib
VariantClear
SysAllocString
SysReAllocStringLen
GetErrorInfo
SysFreeString
LoadTypeLib
SetErrorInfo
UuidFromStringW
UuidCreate
RpcStringFreeW
UuidToStringW
SHBrowseForFolderW
SHFileOperationW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetMalloc
CommandLineToArgvW
SetFocus
ClientToScreen
GetParent
CreateDialogIndirectParamW
UpdateWindow
IntersectRect
EndDialog
BeginPaint
GetMessageW
DefWindowProcW
DrawIcon
KillTimer
WaitForInputIdle
PostQuitMessage
ShowWindow
CharUpperW
SetWindowPos
EndPaint
wvsprintfW
GetDesktopWindow
GetSystemMetrics
SetWindowLongW
IsWindow
SendMessageW
GetWindowRect
DestroyWindow
EnableWindow
MoveWindow
DialogBoxParamW
GetClassInfoW
SendDlgItemMessageW
GetWindowDC
TranslateMessage
GetWindowTextLengthW
PostMessageW
GetSysColor
SetDlgItemTextW
DispatchMessageW
CreateDialogParamW
ReleaseDC
GetDlgCtrlID
DestroyIcon
RegisterClassW
wsprintfW
GetWindowPlacement
LoadStringW
SubtractRect
GetDlgItem
GetWindow
MessageBoxW
GetDC
ScreenToClient
SetRect
PeekMessageW
CharPrevW
SetTimer
GetClientRect
IsDialogMessageW
FillRect
FindWindowW
SetWindowTextW
GetWindowTextW
GetSysColorBrush
DialogBoxIndirectParamW
LoadCursorW
LoadIconW
FindWindowExW
CreateWindowExW
MsgWaitForMultipleObjects
GetWindowLongW
GetDlgItemTextW
CharNextW
ExitWindowsEx
SetCursor
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
ProgIDFromCLSID
CLSIDFromProgID
CoInitialize
CreateItemMoniker
GetRunningObjectTable
CoCreateInstance
CoInitializeSecurity
StringFromCLSID
CoUninitialize
CoCreateGuid
CoTaskMemFree
StringFromGUID2
Number of PE resources by type
RT_ICON 9
RT_DIALOG 7
RT_STRING 3
GIF 2
RT_GROUP_CURSOR 1
RT_MANIFEST 1
RT_CURSOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 24
NEUTRAL 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
15.0.0.591

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Setup Launcher Unicode

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
200704

InternalBuildNumber
82160

OriginalFileName
Setup.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.

FileVersion
5.01

TimeStamp
2008:09:11 06:56:48+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Setup

ProductVersion
5.01

SubsystemVersion
4.0

OSVersion
4.0

EntryPoint
0x48417

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
RealZeal Soft

CodeSize
512000

ProductName
RZPowerPointConverter

ProductVersionNumber
15.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 f69c5ea22c4adf1a17b2776a8b4f67e6
SHA1 45cd5fbeb8dd0c3a6a6eb988dfa5b4fc95ed95af
SHA256 5bc9c24f3cfa11bbb53ff226d67d21f32814162fd84a38ae8f69e8a866878de7
ssdeep
786432:HcW9PebtMANwgRhdryy+BMyW7x2U5mpCo0:HcWhebtMAN12y+B8x2U5W6

authentihash 3c05a859f4a36b9dd1f5e6169df081fe4cc8b5e62c23d3ac892342be0cccbf12
imphash 8e9143421e5b76a73aa0992f04566913
File size 25.7 MB ( 26896731 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (44.9%)
Win64 Executable (generic) (39.8%)
Win32 Executable (generic) (6.4%)
OS/2 Executable (generic) (2.9%)
Generic Win/DOS Executable (2.8%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-01-09 10:08:26 UTC ( 4 years, 1 month ago )
Last submission 2018-09-23 13:38:42 UTC ( 4 months, 4 weeks ago )
File names rzpowerpointconverter.exe
rzpowerpointconverter.exe
rzpowerpointconverter.exe
Setup
rzpowerpointconverter.exe
614110
5BC9C24F3CFA11BBB53FF226D67D21F32814162FD84A38AE8F69E8A866878DE7
Setup.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!