× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5f1144462e7552c670ba9b963e9966d825bc9a27536315d99354ab5d4c7b0095
File name: ESET Online Scanner.exe
Detection ratio: 0 / 66
Analysis date: 2019-02-16 22:04:42 UTC ( 1 month ago ) View latest
Antivirus Result Update
Acronis 20190213
Ad-Aware 20190216
AegisLab 20190216
AhnLab-V3 20190216
Alibaba 20180921
ALYac 20190216
Antiy-AVL 20190216
Arcabit 20190216
Avast 20190216
Avast-Mobile 20190216
AVG 20190216
Avira (no cloud) 20190216
Babable 20180918
Baidu 20190215
BitDefender 20190216
Bkav 20190216
CAT-QuickHeal 20190216
ClamAV 20190216
CMC 20190216
Comodo 20190216
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190216
Cyren 20190216
DrWeb 20190216
eGambit 20190216
Emsisoft 20190216
Endgame 20190215
ESET-NOD32 20190216
F-Prot 20190216
F-Secure 20190216
Fortinet 20190216
GData 20190216
Sophos ML 20181128
Jiangmin 20190216
K7AntiVirus 20190216
K7GW 20190216
Kaspersky 20190216
Kingsoft 20190216
Malwarebytes 20190216
MAX 20190216
McAfee 20190216
McAfee-GW-Edition 20190216
Microsoft 20190216
eScan 20190216
NANO-Antivirus 20190216
Palo Alto Networks (Known Signatures) 20190216
Panda 20190216
Qihoo-360 20190216
Rising 20190216
SentinelOne (Static ML) 20190203
Sophos AV 20190216
SUPERAntiSpyware 20190213
Symantec 20190216
Symantec Mobile Insight 20190207
TACHYON 20190216
Tencent 20190216
TheHacker 20190215
Trapmine 20190123
Trustlook 20190216
VBA32 20190215
ViRobot 20190216
Webroot 20190216
Yandex 20190215
Zillya 20190215
ZoneAlarm by Check Point 20190216
Zoner 20190216
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (c) ESET 1992-2018. All rights reserved.

Product ESET OnlineScanner
Original name ESETOnlineScanner.exe
Internal name EOS_v3.exe
File version 3.0.17.0
Description ESET Online Scanner
Signature verification Signed file, verified signature
Signing date 10:28 AM 12/13/2018
Signers
[+] ESET, spol. s r.o.
Status Valid
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 12:00 AM 04/19/2016
Valid to 11:59 PM 07/19/2019
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint F83099622B4A9F72CB5081F742164AD1B8D048C9
Serial number 1D E1 0D ED 54 1D 51 E7 3B C4 86 F4 92 49 88 36
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 12:00 AM 02/08/2010
Valid to 11:59 PM 02/07/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 12:00 AM 11/08/2006
Valid to 11:59 PM 07/16/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 12:00 AM 10/18/2012
Valid to 11:59 PM 12/29/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 12/21/2012
Valid to 11:59 PM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 01/01/1997
Valid to 11:59 PM 12/31/2020
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-12-13 09:28:47
Entry Point 0x001C8983
Number of sections 5
PE sections
Overlays
MD5 12e2308bd35d4a08a83797a4d9735ae2
File type data
Offset 7641088
Size 16504
Entropy 7.39
PE imports
RegOpenCurrentUser
AdjustTokenPrivileges
LookupPrivilegeValueW
RegDeleteKeyW
GetNamedSecurityInfoW
OpenProcessToken
QueryServiceStatus
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
GetTokenInformation
GetUserNameW
RegQueryInfoKeyW
RegEnumKeyExW
OpenThreadToken
RegEnumKeyExA
RegDeleteValueW
FreeSid
OpenSCManagerW
RegEnumValueW
AllocateAndInitializeSid
EqualSid
SetNamedSecurityInfoW
ImageList_GetImageCount
ImageList_Replace
InitCommonControlsEx
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_Add
SetDIBits
GetTextMetricsW
SetMapMode
GetWindowOrgEx
GetPaletteEntries
CombineRgn
GetViewportOrgEx
GetObjectType
GetBoundsRect
SetLayout
SetPixel
IntersectClipRect
OffsetWindowOrgEx
CreateEllipticRgn
GetTextFaceW
CreatePalette
CreateDIBitmap
GetDIBits
SetTextAlign
StretchBlt
ScaleViewportExtEx
SetWindowExtEx
SetViewportExtEx
SetBkColor
GetBkColor
SetRectRgn
MoveToEx
GetTextCharsetInfo
TextOutW
CreateFontIndirectW
OffsetRgn
CreateRectRgnIndirect
LPtoDP
GetPixel
GetLayout
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
EnumFontFamiliesW
PtInRegion
BitBlt
FillRgn
FrameRgn
SelectPalette
PtVisible
ExtSelectClipRgn
ScaleWindowExtEx
SetROP2
GetNearestPaletteIndex
SetDIBColorTable
GetTextColor
SetPixelV
DeleteObject
GetWindowExtEx
PatBlt
CreatePen
GetClipBox
Rectangle
GetDeviceCaps
LineTo
DeleteDC
GetSystemPaletteEntries
GetObjectW
CreateDCW
RealizePalette
CreateHatchBrush
CreatePatternBrush
ExtTextOutW
SetPaletteEntries
CreateBitmap
RectVisible
GetStockObject
SelectClipRgn
RoundRect
SetWindowOrgEx
GetViewportExtEx
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
GetRgnBox
SaveDC
RestoreDC
CreateDIBSection
SetTextColor
ExtFloodFill
GetCurrentObject
Escape
EnumFontFamiliesExW
SetViewportOrgEx
CreateRoundRectRgn
CreateCompatibleDC
CreateRectRgn
SelectObject
SetPolyFillMode
CopyMetaFileW
Ellipse
CreateSolidBrush
Polyline
DPtoLP
CreateCompatibleBitmap
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
GetStdHandle
FileTimeToSystemTime
WaitForSingleObject
FindNextFileA
GetFileAttributesW
lstrcmpW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
UnhandledExceptionFilter
SetErrorMode
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetFileTime
GetTempPathA
WideCharToMultiByte
GetDiskFreeSpaceW
WriteFile
GetProfileIntW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
FormatMessageW
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
GetFullPathNameW
OutputDebugStringA
WritePrivateProfileStringW
SetLastError
GetUserDefaultUILanguage
GetSystemTime
CopyFileW
lstrcpynW
OutputDebugStringW
GetModuleFileNameW
HeapAlloc
lstrcmpiW
VerSetConditionMask
SetThreadPriority
GetUserDefaultLCID
EnumSystemLocalesW
LoadLibraryExW
MultiByteToWideChar
VerifyVersionInfoW
GetPrivateProfileStringW
GetModuleHandleA
GlobalAddAtomW
GetSystemDefaultUILanguage
MoveFileExW
GetSystemDirectoryW
SetUnhandledExceptionFilter
CreateMutexW
MulDiv
IsProcessorFeaturePresent
UnlockFile
ExitThread
SetEnvironmentVariableA
TerminateProcess
SearchPathW
SetCurrentDirectoryW
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
WriteConsoleW
AreFileApisANSI
HeapFree
EnterCriticalSection
TerminateThread
LoadLibraryW
GlobalGetAtomNameW
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
GlobalFindAtomW
GlobalSize
GetDateFormatA
GetFileSize
GlobalDeleteAtom
OpenProcess
DeleteFileA
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GlobalLock
GetPrivateProfileIntW
GetProcessHeap
GetTempFileNameW
GetTimeFormatW
lstrcpyW
GlobalReAlloc
RemoveDirectoryW
ExpandEnvironmentStringsW
lstrcmpA
FindNextFileW
GetTimeFormatA
GetTempFileNameA
FindFirstFileW
IsValidLocale
DuplicateHandle
FindFirstFileExW
GetProcAddress
ReadConsoleW
GetTempPathW
GetTimeZoneInformation
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GetLastError
LocalReAlloc
SystemTimeToFileTime
LCMapStringW
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
FindResourceW
CompareStringW
GetVolumeInformationW
GetEnvironmentStringsW
GlobalUnlock
VirtualQuery
LockFile
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCommandLineW
GetCPInfo
HeapSize
GetCurrentThread
SuspendThread
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
FindFirstFileA
GetACP
GetModuleHandleW
FreeResource
GetFileAttributesExW
IsValidCodePage
FindResourceExW
Sleep
VirtualAlloc
GetOEMCP
CompareStringA
TransparentBlt
LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SystemTimeToVariantTime
SysAllocStringLen
VarBstrFromDate
VariantClear
SysAllocString
VariantCopy
LoadTypeLib
SysFreeString
SysAllocStringByteLen
VariantInit
DragQueryFileW
DragFinish
Shell_NotifyIconW
ShellExecuteW
ExtractIconExW
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetDesktopFolder
SHGetMalloc
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
StrStrIW
PathFindExtensionW
StrFormatKBSizeW
PathStripToRootW
MapWindowPoints
GetMessagePos
SetWindowRgn
RedrawWindow
SetMenuItemBitmaps
DrawTextW
MoveWindow
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
DrawStateW
SetWindowPos
GetNextDlgTabItem
IsWindow
GrayStringW
EndPaint
WindowFromPoint
DrawIcon
GetMessageTime
SetMenuItemInfoW
SendMessageW
SetActiveWindow
GetMenuItemID
GetAsyncKeyState
MapDialogRect
GetDlgCtrlID
GetMenu
GetClassInfoW
SetMenuDefaultItem
SetScrollPos
CallNextHookEx
IsClipboardFormatAvailable
LoadImageW
GetKeyboardState
GetActiveWindow
CopyAcceleratorTableW
OpenClipboard
GetWindowTextW
RegisterClipboardFormatW
LockWindowUpdate
GetWindowTextLengthW
LoadAcceleratorsW
GetTopWindow
GetKeyState
PtInRect
DrawEdge
GetClassInfoExW
UpdateWindow
GetPropW
EqualRect
SetClassLongW
MapVirtualKeyExW
ShowWindow
DrawFrameControl
GetNextDlgGroupItem
SetPropW
EnumDisplayMonitors
PeekMessageW
TranslateMDISysAccel
InsertMenuItemW
SetWindowPlacement
CharUpperW
LoadIconW
TranslateMessage
IsWindowEnabled
GetWindow
GetMenuDefaultItem
GetIconInfo
SetParent
SetClipboardData
ScrollWindow
IsZoomed
GetWindowPlacement
LoadStringW
DrawMenuBar
IsCharLowerW
EnableMenuItem
InvertRect
DrawFocusRect
CreateMenu
IsDialogMessageW
FillRect
MonitorFromPoint
CreateAcceleratorTableW
DeferWindowPos
RealChildWindowFromPoint
TabbedTextOutW
GetWindowLongW
GetUpdateRect
GetMenuStringW
IsChild
SetFocus
RegisterWindowMessageW
IsIconic
EmptyClipboard
BeginPaint
OffsetRect
DefMDIChildProcW
GetScrollPos
CopyIcon
KillTimer
MapVirtualKeyW
GetComboBoxInfo
GetParent
ToUnicodeEx
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
GetScrollRange
ShowOwnedPopups
InvalidateRect
CheckDlgButton
DrawTextExW
WaitMessage
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetClassLongW
GetLastActivePopup
DrawIconEx
CharUpperBuffW
SetWindowTextW
SetTimer
GetDlgItem
RemovePropW
SetCursor
BringWindowToTop
ClientToScreen
GetScrollInfo
TrackPopupMenu
GetMenuItemCount
DestroyAcceleratorTable
GetMenuState
SetWindowsHookExW
LoadCursorW
GetSystemMenu
ReuseDDElParam
GetDC
InsertMenuW
SetForegroundWindow
GetClientRect
NotifyWinEvent
GetMenuItemInfoW
GetCursorPos
CreateDialogIndirectParamW
ReleaseDC
IntersectRect
EndDialog
HideCaret
GetKeyboardLayout
CopyRect
GetCapture
ScreenToClient
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
GetSysColorBrush
BeginDeferWindowPos
MessageBoxW
DefFrameProcW
RegisterClassExW
SetMenu
SetRectEmpty
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
SetDlgItemTextW
SetScrollInfo
CopyImage
EndDeferWindowPos
GetWindowRgn
GetDoubleClickTime
DestroyIcon
ShowScrollBar
WinHelpW
LoadBitmapW
GetDesktopWindow
SubtractRect
UnpackDDElParam
SetCursorPos
SystemParametersInfoW
UnionRect
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
GetKeyNameTextW
CallWindowProcW
GetClassNameW
ModifyMenuW
ValidateRect
IsRectEmpty
IsMenu
GetFocus
EnableWindow
CloseClipboard
IsWindowVisible
TranslateAcceleratorW
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
IsAppThemed
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
DrawThemeText
DrawThemeParentBackground
GetThemeColor
IsThemeBackgroundPartiallyTransparent
PlaySoundW
DocumentPropertiesW
ClosePrinter
OpenPrinterW
__WSAFDIsSet
htonl
socket
setsockopt
recv
inet_addr
send
ioctlsocket
gethostbyname
select
connect
inet_ntoa
htons
closesocket
WSASetLastError
WSAGetLastError
getservbyname
WSAStartup
WSACleanup
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipGetImagePalette
GdipDisposeImage
GdipBitmapUnlockBits
GdiplusStartup
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipGetImageWidth
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipGetImagePaletteSize
GdipDrawImageI
GdipDrawImageRectI
GdipSetInterpolationMode
GdipFree
GdipGetImageHeight
GdipCloneImage
GdipGetImageGraphicsContext
CreateStreamOnHGlobal
OleLockRunning
CoTaskMemAlloc
CoLockObjectExternal
IsAccelerator
CoCreateGuid
OleTranslateAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
ReleaseStgMedium
DoDragDrop
RevokeDragDrop
CoDisconnectObject
OleGetClipboard
OleDuplicateData
CoTaskMemFree
RegisterDragDrop
Number of PE resources by type
PNG 553
RT_RCDATA 77
RT_DIALOG 59
RT_BITMAP 50
RT_STRING 47
RT_CURSOR 28
RT_GROUP_CURSOR 27
RT_ICON 19
RT_GROUP_ICON 7
STYLE_XML 5
Struct(241) 2
RT_MANIFEST 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 749
SLOVAK DEFAULT 90
NEUTRAL DEFAULT 38
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

InitializedDataSize
5517824

ImageVersion
0.0

ProductName
ESET OnlineScanner

FileVersionNumber
3.0.17.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
12.0

FileTypeExtension
exe

OriginalFileName
ESETOnlineScanner.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
3.0.17.0

TimeStamp
2018:12:13 10:28:47+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
EOS_v3.exe

ProductVersion
3.0.17.0

FileDescription
ESET Online Scanner

OSVersion
5.1

FileOS
Windows NT 32-bit

LegalCopyright
Copyright (c) ESET 1992-2018. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
ESET spol. s r.o.

CodeSize
2154496

FileSubtype
0

ProductVersionNumber
3.0.17.0

EntryPoint
0x1c8983

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 67b940bdb8550e698d42aff09ef28767
SHA1 6fcf744ee5a374d04c44c18abda8b47d6e109f8b
SHA256 5f1144462e7552c670ba9b963e9966d825bc9a27536315d99354ab5d4c7b0095
ssdeep
98304:gS3t7MlYuUZuFosSr6BT3S3mC0vgTaZH7j7etoB6pnevnFLOAkGkzdnEVomFHKnR:h3mDUmC0vyYf8ynFLOyomFHKnP5

authentihash 76755d172ef1d2cf93aab02c0eb9dd378f12aa595c68b6a7313c6525b16ca104
imphash 592f1e4cd388d2bccc127c170aa44296
File size 7.3 MB ( 7657592 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (72.3%)
Win32 Executable (generic) (11.8%)
OS/2 Executable (generic) (5.3%)
Generic Win/DOS Executable (5.2%)
DOS Executable Generic (5.2%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2018-12-13 15:00:54 UTC ( 3 months, 1 week ago )
Last submission 2019-03-23 03:11:17 UTC ( 1 day, 3 hours ago )
File names esetonlinescanner_enu.exe
esetonlinescanner_enu (1).exe
esetonlinescanner_enu.exe
esetonlinescanner_enu.exe
ESET OnlineScan.exe
ESET Online Scanner.exe
esetonlinescanner_enu.exe
EOS_v3.exe
esetonlinescanner_enu.exe
esetonlinescanner_enu.exe
esetonlinescanner_enu.exe
Eset Online Scanner.exe
esetonlinescanner_enu[1].exe
esetonlinescanner_enu.exe
esetonlinescanner_enu.exe
esetonlinescanner_enu.bin
esetonlinescanner_enu (1).exe
esetonlinescanner_enu.exe
esetonlinescanner_enu.exe
ESETOnlineScanner.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Hooking activity
Runtime DLLs
Additional details
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.