× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 631cd8d401ac57944d88182d6a86c9d8556c4bdd3d7cffe8473dad7074c55789
File name: FMFix6.exe
Detection ratio: 0 / 68
Analysis date: 2018-06-09 07:42:04 UTC ( 11 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware 20180609
AegisLab 20180609
AhnLab-V3 20180608
Alibaba 20180608
ALYac 20180609
Antiy-AVL 20180609
Arcabit 20180609
Avast 20180609
Avast-Mobile 20180608
AVG 20180609
Avira (no cloud) 20180609
AVware 20180609
Babable 20180406
Baidu 20180608
BitDefender 20180609
Bkav 20180609
CAT-QuickHeal 20180609
ClamAV 20180609
CMC 20180608
Comodo 20180609
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180609
Cyren 20180609
DrWeb 20180609
eGambit 20180609
Emsisoft 20180609
Endgame 20180507
ESET-NOD32 20180609
F-Prot 20180609
F-Secure 20180609
Fortinet 20180609
GData 20180609
Ikarus 20180608
Sophos ML 20180601
Jiangmin 20180609
K7AntiVirus 20180609
K7GW 20180609
Kaspersky 20180609
Kingsoft 20180609
Malwarebytes 20180609
MAX 20180609
McAfee 20180609
McAfee-GW-Edition 20180608
Microsoft 20180609
eScan 20180609
NANO-Antivirus 20180609
Palo Alto Networks (Known Signatures) 20180609
Panda 20180608
Qihoo-360 20180609
Rising 20180609
SentinelOne (Static ML) 20180225
Sophos AV 20180609
SUPERAntiSpyware 20180609
Symantec 20180608
Symantec Mobile Insight 20180605
TACHYON 20180608
Tencent 20180609
TheHacker 20180608
TotalDefense 20180609
TrendMicro 20180609
TrendMicro-HouseCall 20180609
Trustlook 20180609
VBA32 20180608
VIPRE 20180609
ViRobot 20180609
Webroot 20180609
Yandex 20180608
Zillya 20180608
ZoneAlarm by Check Point 20180609
Zoner 20180608
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1996 InstallShield Software Corporation

Product PackageForTheWeb Stub
Original name STUB32.EXE
Internal name STUB.EXE
File version 2.02.001
Description PackageForTheWeb Stub
Packers identified
F-PROT CAB
PEiD InstallShield 2000
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1998-03-26 14:31:20
Entry Point 0x0000C110
Number of sections 5
PE sections
Overlays
MD5 86836163a7d7075f5c9cf1456ac0bb18
File type data
Offset 130560
Size 1708358
Entropy 8.00
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
PropertySheetA
Ord(17)
GetDeviceCaps
GetObjectA
SetBkMode
TextOutA
CreateFontIndirectA
SelectObject
GetTextExtentPointA
DeleteObject
SetTextColor
GetLastError
HeapFree
GetStdHandle
DosDateTimeToFileTime
LCMapStringW
LoadResource
CreateFileMappingA
GetFileAttributesA
WaitForSingleObject
FreeLibrary
LCMapStringA
HeapDestroy
ExitProcess
CreateDirectoryA
GetEnvironmentStringsW
FlushFileBuffers
LoadLibraryA
RtlUnwind
RemoveDirectoryA
GetACP
FreeEnvironmentStringsA
GetStartupInfoA
GetEnvironmentStrings
GetPrivateProfileStringA
FreeEnvironmentStringsW
GetFileSize
lstrcatA
LockResource
SetFileTime
DeleteFileA
GetWindowsDirectoryA
GetSystemDefaultLCID
MultiByteToWideChar
SetHandleCount
GetModuleFileNameA
GetProcAddress
GetFileType
SetStdHandle
lstrlenA
GetTempPathA
CloseHandle
GetCPInfo
MapViewOfFile
GetStringTypeA
SetFilePointer
lstrcmpA
ReadFile
GetCommandLineA
WriteFile
GetCurrentProcess
FindFirstFileA
CompareStringA
GetTempFileNameA
lstrcpynA
FindNextFileA
GetSystemDirectoryA
GetDiskFreeSpaceA
GetStringTypeW
SetFileAttributesA
GetOEMCP
TerminateProcess
CreateProcessA
WideCharToMultiByte
UnhandledExceptionFilter
UnmapViewOfFile
lstrcpyA
VirtualFree
LocalFileTimeToFileTime
FindClose
Sleep
FormatMessageA
CreateFileA
HeapAlloc
GetVersion
FindResourceA
VirtualAlloc
HeapCreate
GetModuleHandleA
MulDiv
LZCopy
LZClose
LZOpenFileA
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
SetFocus
MapWindowPoints
GetParent
SystemParametersInfoA
EndDialog
KillTimer
MessageBeep
SetWindowPos
SendDlgItemMessageA
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
PostMessageA
GetDlgItemTextA
MessageBoxA
PeekMessageA
IsCharAlphaA
TranslateMessage
DialogBoxParamA
GetWindow
GetSysColor
GetDC
SetWindowLongA
ReleaseDC
SetWindowTextA
GetWindowLongA
SendMessageA
GetClientRect
CreateWindowExA
GetDlgItem
CreateDialogParamA
ScreenToClient
wsprintfA
SetTimer
LoadStringA
CharNextA
GetDesktopWindow
GetClassNameA
GetWindowTextA
DestroyWindow
Number of PE resources by type
RT_DIALOG 6
RT_STRING 6
RT_ICON 5
RT_GROUP_ICON 2
RTF 1
AVI 1
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 23
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
5.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.1.5.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
PackageForTheWeb Stub

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
75776

EntryPoint
0xc110

OriginalFileName
STUB32.EXE

MIMEType
application/octet-stream

LegalCopyright
Copyright 1996 InstallShield Software Corporation

FileVersion
2.02.001

TimeStamp
1998:03:26 15:31:20+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
STUB.EXE

ProductVersion
2.02.001

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
InstallShield Software Corporation

CodeSize
69120

ProductName
PackageForTheWeb Stub

ProductVersionNumber
2.1.5.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 da7f6c2fd6846a2e2ccfa859a1ab4b0d
SHA1 73770f4f98ee2b72c3f6a4d521d15406233a30bc
SHA256 631cd8d401ac57944d88182d6a86c9d8556c4bdd3d7cffe8473dad7074c55789
ssdeep
24576:MdHia26CMXmgnvn2wim3mXacCxNzAMY+4QYiDEEiPZyc05zw1Jpdv+Ft5O5z0tKH:qH/2SvjIOYdZyVJ8X+FHO5wwLqjJ/gf

authentihash 524bd27db1b0a226499c8353849be7e4e45f1ed7f3963dd3491ca4fbb539af3f
imphash 4204e1fe9e2e0a7f6bec612446ce171b
File size 1.8 MB ( 1838918 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ 4.x (52.6%)
InstallShield setup (16.8%)
Win32 Executable MS Visual C++ (generic) (12.1%)
Win64 Executable (generic) (10.7%)
Win32 Dynamic Link Library (generic) (2.5%)
Tags
peexe installshield overlay

VirusTotal metadata
First submission 2017-06-29 14:35:50 UTC ( 1 year, 10 months ago )
Last submission 2018-05-26 22:35:03 UTC ( 11 months, 3 weeks ago )
File names STUB32.EXE
FMFix6.exe
STUB.EXE
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Runtime DLLs
UDP communications