× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5c260b82aacaa8fae72cc1e118da2603dab84b49d5207e030a946899086d238d
File name: Plagiarism-Detector-Setup-1092-a.exe
Detection ratio: 0 / 68
Analysis date: 2019-01-02 13:33:14 UTC ( 1 month, 3 weeks ago )
Antivirus Result Update
Acronis 20181227
Ad-Aware 20190102
AegisLab 20190102
Alibaba 20180921
ALYac 20190102
Antiy-AVL 20190102
Arcabit 20190102
Avast 20190102
Avast-Mobile 20190102
AVG 20190102
Avira (no cloud) 20190101
Babable 20180918
Baidu 20181207
BitDefender 20190102
Bkav 20190102
CAT-QuickHeal 20190102
ClamAV 20190102
CMC 20190101
Comodo 20190102
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20190102
Cyren 20190102
DrWeb 20190102
Emsisoft 20190102
Endgame 20181108
ESET-NOD32 20190102
F-Prot 20190102
F-Secure 20190102
Fortinet 20190102
GData 20190102
Ikarus 20190101
Sophos ML 20181128
Jiangmin 20190102
K7AntiVirus 20190102
K7GW 20190102
Kaspersky 20190102
Kingsoft 20190102
Malwarebytes 20190102
MAX 20190102
McAfee 20190102
McAfee-GW-Edition 20190102
Microsoft 20190102
eScan 20190102
NANO-Antivirus 20190102
Palo Alto Networks (Known Signatures) 20190102
Panda 20190101
Qihoo-360 20190102
Rising 20190102
SentinelOne (Static ML) 20181223
Sophos AV 20190102
SUPERAntiSpyware 20181226
Symantec 20190101
TACHYON 20190102
Tencent 20190102
TheHacker 20181230
Trapmine 20181205
TrendMicro 20190102
TrendMicro-HouseCall 20190102
Trustlook 20190102
VBA32 20181229
VIPRE 20190102
ViRobot 20190102
Webroot 20190102
Yandex 20181229
Zillya 20181231
ZoneAlarm by Check Point 20190102
Zoner 20190102
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
2000-2010 SkyLine LLC.

Product Plagiarism Detector
Original name suf_launch.exe
Internal name PlagiarismDetector
File version 1092.0.0.0
Description Setup
Comments Plagiarism Detector
Signature verification Signed file, verified signature
Signing date 11:50 PM 3/12/2018
Signers
[+] Yurii Palkovskii
Status Valid
Issuer StartCom Class 2 Object CA
Valid from 2:38 PM 3/9/2017
Valid to 2:38 PM 3/9/2019
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 487815F2BDE3A4EFB852995BEB4336C3E945A2F1
Serial number 48 0C 22 42 00 24 DB 57 DF 05 8E 99 73 C9 67 EA
[+] StartCom Class 2 Object CA
Status Valid
Issuer StartCom Certification Authority
Valid from 2:00 AM 12/16/2015
Valid to 2:00 AM 12/16/2030
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 1F6421C176CF03ED52CC37F21B587F166CEB828B
Serial number 6C 3B D2 7E DD 3C 94 9E 95 8E 28 A9 B3 C7 57 A0
[+] StartCom Certification Authority
Status Valid
Issuer StartCom Certification Authority
Valid from 8:46 PM 9/17/2006
Valid to 8:46 PM 9/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbprint 3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F
Serial number 01
Counter signers
[+] COMODO SHA-1 Time Stamping Signer
Status Valid
Issuer UTN-USERFirst-Object
Valid from 1:00 AM 12/31/2015
Valid to 7:40 PM 7/9/2019
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 03A5B14663EB12023091B84A6D6A68BC871DE66B
Serial number 16 88 F0 39 25 5E 63 8E 69 14 39 07 E6 33 0B
[+] USERTrust (Code Signing)
Status Valid
Issuer UTN-USERFirst-Object
Valid from 7:31 PM 7/9/1999
Valid to 7:40 PM 7/9/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm sha1RSA
Thumbrint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-02-09 21:57:00
Entry Point 0x000029E1
Number of sections 5
PE sections
Overlays
MD5 f91b1648bdd48356b8db8b08d52bac43
File type data
Offset 192512
Size 36431784
Entropy 8.00
PE imports
GetTokenInformation
OpenProcessToken
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
lstrlenA
GetFileAttributesA
GetExitCodeProcess
QueryPerformanceCounter
HeapReAlloc
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
GetTempPathA
RemoveDirectoryA
RtlUnwind
LoadLibraryA
HeapSetInformation
GetCurrentProcess
_lwrite
GetFileType
GetStringTypeW
InterlockedIncrement
lstrcatA
CreateDirectoryA
DeleteFileA
GetCurrentDirectoryA
UnhandledExceptionFilter
InterlockedDecrement
_llseek
HeapSize
FreeEnvironmentStringsW
GetCPInfo
MultiByteToWideChar
GetProcAddress
_lread
EncodePointer
GetStartupInfoW
GetModuleFileNameW
_lclose
WideCharToMultiByte
LoadLibraryW
TlsFree
_lcreat
GetSystemTimeAsFileTime
DeleteCriticalSection
GetCurrentProcessId
SetUnhandledExceptionFilter
lstrcpyA
_lopen
DecodePointer
CloseHandle
IsProcessorFeaturePresent
GetCommandLineA
GetACP
GetDiskFreeSpaceA
MoveFileExA
GetModuleHandleW
FreeLibrary
LocalFree
TerminateProcess
GetModuleFileNameA
IsValidCodePage
HeapCreate
WriteFile
TlsGetValue
Sleep
SetLastError
GetTickCount
TlsSetValue
HeapAlloc
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
GetOEMCP
CompareStringA
ShellExecuteExA
wsprintfA
LoadCursorA
DispatchMessageA
MessageBoxA
PeekMessageA
MsgWaitForMultipleObjects
TranslateMessage
SetCursor
Number of PE resources by type
RT_ICON 9
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 12
PE resources
ExifTool file metadata
CodeSize
22528

SubsystemVersion
5.1

Comments
Plagiarism Detector

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1092.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Setup

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
ASCII

InitializedDataSize
168960

EntryPoint
0x29e1

OriginalFileName
suf_launch.exe

MIMEType
application/octet-stream

LegalCopyright
2000-2010 SkyLine LLC.

FileVersion
1092.0.0.0

TimeStamp
2015:02:09 22:57:00+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
PlagiarismDetector

ProductVersion
1092.0.0.0

UninitializedDataSize
0

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
SkyLine LLC.

LegalTrademarks
Plagiarism Detector is a trademark of SkyLine LLC.

ProductName
Plagiarism Detector

ProductVersionNumber
1092.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 48a7b6e7497e58099b3cabf9eca1f6b7
SHA1 9effb6d12b5a50d9ca38f7b1261967fa6cb33bff
SHA256 5c260b82aacaa8fae72cc1e118da2603dab84b49d5207e030a946899086d238d
ssdeep
393216:JVjShydD/WEzmECkNTmVBUKCsy5y1URtxAOfmGfJj8FXE2E4mPNIGUjNac//P1GO:DXKTC3yurBPoocf1GbN9O8FWl+A5xgS

authentihash 49b536073270bba438115b58abcee5c501c08fb727ae6b552276c6e5ab901402
imphash 1ff847646487d56f85778df99ff3728a
File size 34.9 MB ( 36624296 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID MS generic-sfx Cabinet File Unpacker (32/64bit MSCFU) (74.6%)
Win32 Executable Microsoft Visual Basic 6 (17.4%)
Win32 EXE Yoda's Crypter (5.6%)
Win32 Executable (generic) (0.9%)
OS/2 Executable (generic) (0.4%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2018-03-16 16:19:54 UTC ( 11 months, 1 week ago )
Last submission 2019-01-02 13:33:14 UTC ( 1 month, 3 weeks ago )
File names suf_launch.exe
PlagiarismDetector
Plagiarism-Detector-Setup-1092-a (1).exe
Plagiarism-Detector-Setup-1092.exe
Plagiarism-Detector-Setup-1092-a.exe
1042030
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!