× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6204fe0416640b38424c9d796b5be7c43b8ba749a6d425df892f5619003ad1d2
File name: GameLauncher
Detection ratio: 0 / 57
Analysis date: 2016-03-31 08:28:04 UTC ( 2 years, 11 months ago )
Antivirus Result Update
Ad-Aware 20160331
AegisLab 20160331
AhnLab-V3 20160330
Alibaba 20160323
ALYac 20160331
Antiy-AVL 20160331
Arcabit 20160331
Avast 20160331
AVG 20160331
Avira (no cloud) 20160331
AVware 20160331
Baidu 20160331
Baidu-International 20160330
BitDefender 20160331
Bkav 20160330
CAT-QuickHeal 20160330
ClamAV 20160331
CMC 20160322
Comodo 20160331
Cyren 20160331
DrWeb 20160331
Emsisoft 20160331
ESET-NOD32 20160331
F-Prot 20160331
F-Secure 20160331
Fortinet 20160330
GData 20160331
Ikarus 20160331
Jiangmin 20160331
K7AntiVirus 20160331
K7GW 20160331
Kaspersky 20160331
Kingsoft 20160331
Malwarebytes 20160331
McAfee 20160331
McAfee-GW-Edition 20160331
Microsoft 20160331
eScan 20160331
NANO-Antivirus 20160331
nProtect 20160330
Panda 20160330
Qihoo-360 20160331
Rising 20160331
Sophos AV 20160331
SUPERAntiSpyware 20160331
Symantec 20160331
Tencent 20160331
TheHacker 20160330
TotalDefense 20160330
TrendMicro 20160331
TrendMicro-HouseCall 20160331
VBA32 20160331
VIPRE 20160331
ViRobot 20160331
Yandex 20160316
Zillya 20160331
Zoner 20160331
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
©2012 Sony Online Entertainment, LLC.

Product LaunchPad
Original name GameLauncher
Internal name GameLauncher
File version 5,2,5,22
Description Sony Online Entertainment LaunchPad
Signature verification Signed file, verified signature
Signing date 12:14 AM 1/11/2013
Signers
[+] Sony Online Entertainment
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 1/21/2011
Valid to 12:59 AM 3/17/2013
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 86E61907F6B8A7AA356787AD555E4EF3C7CC1711
Serial number 68 DF 7F 78 F6 83 6E D5 C4 AF 0C 3A FD 4F 65 CE
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-01-10 23:14:10
Entry Point 0x0007D861
Number of sections 5
PE sections
Overlays
MD5 09df9ac3c448a54312d0f26bac3aa118
File type data
Offset 1008640
Size 6528
Entropy 7.31
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegQueryValueExW
DeleteDC
TextOutW
SelectObject
GetStockObject
GetObjectW
BitBlt
GdiFlush
CreateRoundRectRgn
CreateDIBSection
CreateCompatibleDC
DeleteObject
GetAdaptersAddresses
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
WaitForSingleObject
GetDriveTypeA
QueueUserAPC
GetExitCodeProcess
GetProcessId
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
FormatMessageW
GetSystemTimeAsFileTime
GetCommandLineA
GlobalMemoryStatusEx
HeapReAlloc
GetStringTypeW
GetThreadPriority
GetFullPathNameA
FreeLibrary
MoveFileA
IsWow64Process
ResumeThread
SetWaitableTimer
GetTimeZoneInformation
FindClose
InterlockedDecrement
FormatMessageA
SetFileAttributesW
SetLastError
GetUserDefaultUILanguage
DeviceIoControl
InitializeCriticalSection
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
GetFileAttributesW
QueryPerformanceFrequency
SetThreadPriority
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
SetFilePointerEx
CreateMutexA
GetModuleHandleA
GetFullPathNameW
CreateSemaphoreA
CreateThread
SetEnvironmentVariableW
SetUnhandledExceptionFilter
CreateMutexW
GetSystemTimes
ExitThread
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
SetCurrentDirectoryW
GetDiskFreeSpaceExW
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
SleepEx
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
LoadLibraryW
OpenThread
GetComputerNameW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetDateFormatA
OpenProcess
CreateDirectoryA
DeleteFileA
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CreateWaitableTimerW
CompareStringW
GetFileSizeEx
RemoveDirectoryW
GetFileInformationByHandle
FindFirstFileA
CompareStringA
FindNextFileA
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
SystemTimeToFileTime
LCMapStringW
GetSystemInfo
GetConsoleCP
LCMapStringA
GetProcessTimes
GetEnvironmentStringsW
RemoveDirectoryA
CreateProcessW
CancelWaitableTimer
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
GetCommandLineW
GetCurrentDirectoryA
HeapSize
SetThreadAffinityMask
InterlockedCompareExchange
GetCurrentThread
RaiseException
ReleaseSemaphore
TlsFree
SetFilePointer
ReadFile
CloseHandle
SetDllDirectoryW
GetACP
GetModuleHandleW
CreateProcessA
WideCharToMultiByte
IsValidCodePage
HeapCreate
VirtualFree
Sleep
VirtualAlloc
GetTimeFormatA
GetProcessMemoryInfo
GetPerformanceInfo
SetWindowRgn
UpdateWindow
BeginPaint
DefWindowProcW
ReleaseCapture
PostQuitMessage
ScreenToClient
ShowWindow
SetWindowPos
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
GetWindowRect
EndPaint
SetCapture
MoveWindow
TranslateMessage
LoadCursorFromFileW
PostMessageW
DispatchMessageW
GetCursorPos
ReleaseDC
DestroyIcon
IsWindowVisible
UnregisterClassW
GetClientRect
SystemParametersInfoW
LoadCursorA
IsHungAppWindow
GetDC
ClientToScreen
GetWindowLongA
LoadImageW
LoadIconA
AdjustWindowRect
SetWindowTextW
CreateWindowExW
RegisterClassExW
DestroyWindow
SetCursor
timeGetTime
timeBeginPeriod
htonl
accept
ioctlsocket
WSAStartup
connect
getsockname
htons
select
gethostname
getsockopt
recv
inet_addr
send
ntohs
WSAGetLastError
listen
__WSAFDIsSet
WSACleanup
gethostbyname
getpeername
closesocket
setsockopt
socket
bind
recvfrom
sendto
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
Number of PE resources by type
RT_ICON 9
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 11
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.2.5.22

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

CharacterSet
Unicode

InitializedDataSize
331776

EntryPoint
0x7d861

OriginalFileName
GameLauncher

MIMEType
application/octet-stream

LegalCopyright
2012 Sony Online Entertainment, LLC.

FileVersion
5,2,5,22

TimeStamp
2013:01:11 00:14:10+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
GameLauncher

ProductVersion
5,2,5,22

FileDescription
Sony Online Entertainment LaunchPad

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Sony Online Entertainment

CodeSize
690688

ProductName
LaunchPad

ProductVersionNumber
5.2.5.22

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 68114a4ed29d9e5bbcb036cf6af38a6d
SHA1 46b3eb1dffa5cdbefa6ad08a5a22a1dcdfdb46e6
SHA256 6204fe0416640b38424c9d796b5be7c43b8ba749a6d425df892f5619003ad1d2
ssdeep
24576:Ty2B2P0U5DRJFnSGMEHCSr9G/JY5EH5KuR9Ttnt:TvUBJWExG/70UTL

authentihash 247d7ad9735540e53c96208dac15f17a39dd3e15a8bfac55abe8d88f8effc641
imphash 90b08f59db376940f5ba580c79e06b22
File size 991.4 KB ( 1015168 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2013-01-16 14:56:28 UTC ( 6 years, 2 months ago )
Last submission 2014-03-27 13:47:32 UTC ( 4 years, 12 months ago )
File names launchpad.exe
6204fe0416640b38424c9d796b5be7c43b8ba749a6d425df892f5619003ad1d2
LaunchPad.exe
LaunchPad.exe
launchpad.exe
vt-upload-h4cr5C
LaunchPad.exe
LaunchPad.exe
LaunchPad.exe
GameLauncher
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Deleted files
Code injections in the following processes
Created mutexes
Opened mutexes
Runtime DLLs
Additional details
The file uses the IsDebuggerPresent Windows API function in order to see whether it is being debugged.
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
HTTP requests
DNS requests
TCP connections
UDP communications