× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5c260b82aacaa8fae72cc1e118da2603dab84b49d5207e030a946899086d238d
File name: Plagiarism-Detector-Setup-1092-a.exe
Detection ratio: 0 / 67
Analysis date: 2018-11-25 11:21:15 UTC ( 2 weeks, 1 day ago )
Antivirus Result Update
Ad-Aware 20181125
AegisLab 20181125
AhnLab-V3 20181125
Alibaba 20180921
ALYac 20181125
Antiy-AVL 20181125
Arcabit 20181125
Avast 20181125
Avast-Mobile 20181125
AVG 20181125
Avira (no cloud) 20181125
Babable 20180918
Baidu 20181123
BitDefender 20181125
Bkav 20181123
CAT-QuickHeal 20181124
ClamAV 20181125
CMC 20181125
Comodo 20181125
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181125
Cyren 20181125
DrWeb 20181125
eGambit 20181125
Emsisoft 20181125
Endgame 20181108
ESET-NOD32 20181125
F-Prot 20181125
F-Secure 20181125
Fortinet 20181125
GData 20181125
Ikarus 20181125
Sophos ML 20181108
Jiangmin 20181125
K7AntiVirus 20181125
K7GW 20181125
Kaspersky 20181125
Kingsoft 20181125
Malwarebytes 20181125
MAX 20181125
McAfee 20181125
McAfee-GW-Edition 20181125
Microsoft 20181125
eScan 20181125
NANO-Antivirus 20181125
Palo Alto Networks (Known Signatures) 20181125
Panda 20181125
Qihoo-360 20181125
Rising 20181125
SentinelOne (Static ML) 20181011
Sophos AV 20181125
SUPERAntiSpyware 20181121
Symantec 20181124
Symantec Mobile Insight 20181121
TACHYON 20181125
Tencent 20181125
TheHacker 20181118
Trapmine 20180918
TrendMicro 20181125
TrendMicro-HouseCall 20181125
Trustlook 20181125
VBA32 20181123
ViRobot 20181124
Webroot 20181125
Yandex 20181123
Zillya 20181123
ZoneAlarm by Check Point 20181125
Zoner 20181125
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
2000-2010 SkyLine LLC.

Product Plagiarism Detector
Original name suf_launch.exe
Internal name PlagiarismDetector
File version 1092.0.0.0
Description Setup
Comments Plagiarism Detector
Signature verification Signed file, verified signature
Signing date 11:50 PM 3/12/2018
Signers
[+] Yurii Palkovskii
Status Valid
Issuer StartCom Class 2 Object CA
Valid from 2:38 PM 3/9/2017
Valid to 2:38 PM 3/9/2019
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 487815F2BDE3A4EFB852995BEB4336C3E945A2F1
Serial number 48 0C 22 42 00 24 DB 57 DF 05 8E 99 73 C9 67 EA
[+] StartCom Class 2 Object CA
Status Valid
Issuer StartCom Certification Authority
Valid from 2:00 AM 12/16/2015
Valid to 2:00 AM 12/16/2030
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 1F6421C176CF03ED52CC37F21B587F166CEB828B
Serial number 6C 3B D2 7E DD 3C 94 9E 95 8E 28 A9 B3 C7 57 A0
[+] StartCom Certification Authority
Status Valid
Issuer StartCom Certification Authority
Valid from 8:46 PM 9/17/2006
Valid to 8:46 PM 9/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbprint 3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F
Serial number 01
Counter signers
[+] COMODO SHA-1 Time Stamping Signer
Status Valid
Issuer UTN-USERFirst-Object
Valid from 1:00 AM 12/31/2015
Valid to 7:40 PM 7/9/2019
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 03A5B14663EB12023091B84A6D6A68BC871DE66B
Serial number 16 88 F0 39 25 5E 63 8E 69 14 39 07 E6 33 0B
[+] UTN-USERFirst-Object
Status Valid
Issuer AddTrust External CA Root
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm sha1RSA
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] The USERTrust Network™
Status Valid
Issuer AddTrust External CA Root
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-02-09 21:57:00
Entry Point 0x000029E1
Number of sections 5
PE sections
Overlays
MD5 f91b1648bdd48356b8db8b08d52bac43
File type data
Offset 192512
Size 36431784
Entropy 8.00
PE imports
GetTokenInformation
OpenProcessToken
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
lstrlenA
GetFileAttributesA
GetExitCodeProcess
QueryPerformanceCounter
HeapReAlloc
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
GetTempPathA
RemoveDirectoryA
RtlUnwind
LoadLibraryA
HeapSetInformation
GetCurrentProcess
_lwrite
GetFileType
GetStringTypeW
InterlockedIncrement
lstrcatA
CreateDirectoryA
DeleteFileA
GetCurrentDirectoryA
UnhandledExceptionFilter
InterlockedDecrement
_llseek
HeapSize
FreeEnvironmentStringsW
GetCPInfo
MultiByteToWideChar
GetProcAddress
_lread
EncodePointer
GetStartupInfoW
GetModuleFileNameW
_lclose
WideCharToMultiByte
LoadLibraryW
TlsFree
_lcreat
GetSystemTimeAsFileTime
DeleteCriticalSection
GetCurrentProcessId
SetUnhandledExceptionFilter
lstrcpyA
_lopen
DecodePointer
CloseHandle
IsProcessorFeaturePresent
GetCommandLineA
GetACP
GetDiskFreeSpaceA
MoveFileExA
GetModuleHandleW
FreeLibrary
LocalFree
TerminateProcess
GetModuleFileNameA
IsValidCodePage
HeapCreate
WriteFile
TlsGetValue
Sleep
SetLastError
GetTickCount
TlsSetValue
HeapAlloc
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
GetOEMCP
CompareStringA
ShellExecuteExA
wsprintfA
LoadCursorA
DispatchMessageA
MessageBoxA
PeekMessageA
MsgWaitForMultipleObjects
TranslateMessage
SetCursor
Number of PE resources by type
RT_ICON 9
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
PE resources
ExifTool file metadata
LegalTrademarks
Plagiarism Detector is a trademark of SkyLine LLC.

SubsystemVersion
5.1

Comments
Plagiarism Detector

InitializedDataSize
168960

ImageVersion
0.0

ProductName
Plagiarism Detector

FileVersionNumber
1092.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
ASCII

LinkerVersion
10.0

FileTypeExtension
exe

OriginalFileName
suf_launch.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1092.0.0.0

TimeStamp
2015:02:09 22:57:00+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
PlagiarismDetector

ProductVersion
1092.0.0.0

FileDescription
Setup

OSVersion
5.1

FileOS
Win32

LegalCopyright
2000-2010 SkyLine LLC.

MachineType
Intel 386 or later, and compatibles

CompanyName
SkyLine LLC.

CodeSize
22528

FileSubtype
0

ProductVersionNumber
1092.0.0.0

EntryPoint
0x29e1

ObjectFileType
Executable application

File identification
MD5 48a7b6e7497e58099b3cabf9eca1f6b7
SHA1 9effb6d12b5a50d9ca38f7b1261967fa6cb33bff
SHA256 5c260b82aacaa8fae72cc1e118da2603dab84b49d5207e030a946899086d238d
ssdeep
393216:JVjShydD/WEzmECkNTmVBUKCsy5y1URtxAOfmGfJj8FXE2E4mPNIGUjNac//P1GO:DXKTC3yurBPoocf1GbN9O8FWl+A5xgS

authentihash 49b536073270bba438115b58abcee5c501c08fb727ae6b552276c6e5ab901402
imphash 1ff847646487d56f85778df99ff3728a
File size 34.9 MB ( 36624296 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID MS generic-sfx Cabinet File Unpacker (32/64bit MSCFU) (74.6%)
Win32 Executable Microsoft Visual Basic 6 (17.4%)
Win32 EXE Yoda's Crypter (5.6%)
Win32 Executable (generic) (0.9%)
OS/2 Executable (generic) (0.4%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2018-03-16 16:19:54 UTC ( 8 months, 4 weeks ago )
Last submission 2018-11-25 11:21:15 UTC ( 2 weeks, 1 day ago )
File names suf_launch.exe
PlagiarismDetector
Plagiarism-Detector-Setup-1092-a (1).exe
Plagiarism-Detector-Setup-1092.exe
Plagiarism-Detector-Setup-1092-a.exe
1042030
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!