× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 68129fe65564e327c7e24f4766c7595dec4809bdf4d8867d550f2e59056ea632
File name: SunsetScreen_Setup.exe
Detection ratio: 1 / 54
Analysis date: 2016-08-16 06:26:24 UTC ( 2 years, 9 months ago ) View latest
Antivirus Result Update
Rising PUA.InstallRex!1.9E4C 20160815
Ad-Aware 20160816
AegisLab 20160816
AhnLab-V3 20160815
Alibaba 20160816
ALYac 20160816
Antiy-AVL 20160819
Arcabit 20160816
Avast 20160816
AVG 20160816
Avira (no cloud) 20160816
AVware 20160816
Baidu 20160813
BitDefender 20160816
Bkav 20160815
CAT-QuickHeal 20160813
ClamAV 20160815
CMC 20160816
Comodo 20160816
Cyren 20160816
DrWeb 20160816
Emsisoft 20160816
ESET-NOD32 20160816
F-Prot 20160816
F-Secure 20160816
Fortinet 20160816
GData 20160816
Ikarus 20160815
Jiangmin 20160816
K7AntiVirus 20160816
K7GW 20160816
Kaspersky 20160816
Kingsoft 20160816
Malwarebytes 20160816
McAfee 20160816
McAfee-GW-Edition 20160816
Microsoft 20160816
eScan 20160816
NANO-Antivirus 20160816
nProtect 20160812
Panda 20160815
Qihoo-360 20160816
Sophos AV 20160816
SUPERAntiSpyware 20160816
Symantec 20160816
Tencent 20160816
TheHacker 20160814
TrendMicro 20160816
TrendMicro-HouseCall 20160816
VBA32 20160815
VIPRE 20160816
ViRobot 20160816
Zillya 20160815
Zoner 20160816
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © 2015 onwards Skytopia

Product SunsetScreen
Original name TSULoader.exe
Internal name TSULoader
File version 2016.6.10.1924
Description Installer for SunsetScreen
Comments WinNT (x86) Unicode Lib Rel
Signature verification Signed file, verified signature
Signing date 7:24 PM 6/10/2016
Signers
[+] Daniel White
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer COMODO Code Signing CA 2
Valid from 11:00 PM 07/17/2013
Valid to 10:59 PM 07/17/2016
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 3050917AB42F04D4600913E70047EF50989A8CD3
Serial number 00 F9 7F 23 72 EC AD 1F A4 35 B0 AD 02 C8 B6 07 E7
[+] COMODO Code Signing CA 2
Status Valid
Issuer UTN-USERFirst-Object
Valid from 11:00 PM 08/23/2011
Valid to 09:48 AM 05/30/2020
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint B64771392538D1EB7A9281998791C14AFD0C5035
Serial number 10 70 9D 4F F5 54 08 D7 30 60 01 D8 EA 91 75 BB
[+] UTN-USERFirst-Object
Status Valid
Issuer AddTrust External CA Root
Valid from 07:09 AM 06/07/2005
Valid to 09:48 AM 05/30/2020
Valid usage All
Algorithm sha1RSA
Thumbprint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] The USERTrust Network™
Status Valid
Issuer AddTrust External CA Root
Valid from 09:48 AM 05/30/2000
Valid to 09:48 AM 05/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbprint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Counter signers
[+] COMODO SHA-1 Time Stamping Signer
Status Valid
Issuer UTN-USERFirst-Object
Valid from 12:00 AM 12/31/2015
Valid to 05:40 PM 07/09/2019
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 03A5B14663EB12023091B84A6D6A68BC871DE66B
Serial number 16 88 F0 39 25 5E 63 8E 69 14 39 07 E6 33 0B
[+] UTN-USERFirst-Object
Status Valid
Issuer AddTrust External CA Root
Valid from 07:09 AM 06/07/2005
Valid to 09:48 AM 05/30/2020
Valid usage All
Algorithm sha1RSA
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] The USERTrust Network™
Status Valid
Issuer AddTrust External CA Root
Valid from 09:48 AM 05/30/2000
Valid to 09:48 AM 05/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-06-19 18:03:03
Entry Point 0x00001495
Number of sections 7
PE sections
Overlays
MD5 1adefd6fcde5f38153b93f444e3768b3
File type data
Offset 896512
Size 6264
Entropy 7.40
PE imports
GetLastError
HeapFree
CreateFileMappingW
LoadLibraryW
FreeLibrary
ExitProcess
GetFileAttributesW
lstrlenW
HeapAlloc
GetFileSize
SetFileTime
GetCommandLineW
MultiByteToWideChar
DeleteFileW
GetProcAddress
GetProcessHeap
lstrcpynW
GetModuleFileNameW
MapViewOfFile
SetFilePointer
ReadFile
GetCurrentThreadId
GetTempPathW
CloseHandle
GetSystemTimeAsFileTime
GetModuleHandleW
UnmapViewOfFile
WriteFile
CreateFileW
Sleep
SetFileAttributesW
GetTickCount
OutputDebugStringA
GetCurrentProcessId
MessageBoxA
PostMessageW
wvsprintfA
wsprintfW
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
Number of PE resources by type
RT_ICON 3
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 6
PE resources
Debug information
ExifTool file metadata
WebSite
http://www.skytopia.com/software/sunsetscreen/

SubsystemVersion
4.0

Comments
WinNT (x86) Unicode Lib Rel

LinkerVersion
8.0

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
2016.6.10.1924

Email
orders@skytopia.com

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Installer for SunsetScreen

LegalCopyright
Copyright 2015 onwards Skytopia

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

PackageCode
{5FD0E632-06CC-4E4B-025D-80E4312EF0B2}

InitializedDataSize
887808

EntryPoint
0x1495

OriginalFileName
TSULoader.exe

MIMEType
application/octet-stream

ProductCode
{155DF28A-39B0-4447-BA5F-4347AC6A3197}

FileVersion
2016.6.10.1924

TimeStamp
2015:06:19 20:03:03+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
TSULoader

UninitializedDataSize
0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Skytopia

CodeSize
7680

ProductName
SunsetScreen

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 ee43ce23ad48efd480ea2b6ec181509f
SHA1 eafc3b89c8df739e9e5801007f0814e73b3b3ab3
SHA256 68129fe65564e327c7e24f4766c7595dec4809bdf4d8867d550f2e59056ea632
ssdeep
24576:mfMnlTW34guaUKCQ6eEkS4AhmIMFzl4SzSZptGLk:KMnZW1ZUK7EeuMj4SzS3tb

authentihash f6f3bb216aed0e24eb66ed0dfd4fbafebc8496b107936a356f021a1e4bda0670
imphash 05ea7b0d93fd49dca73c49b148424e88
File size 881.6 KB ( 902776 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2016-06-11 05:13:30 UTC ( 2 years, 11 months ago )
Last submission 2018-05-26 02:39:20 UTC ( 1 year ago )
File names sunsetscreen_1-24_fr_433063.exe
TSULoader
SunsetScreen_Setup.exe
68129FE65564E327C7E24F4766C7595DEC4809BDF4D8867D550F2E59056EA632
SunsetScreen v1.24.exe
863140
TSULoader.exe
SunsetScreen_Setup.exe
sunsetscreen_setup.exe
sunsetscreen_1-24_fr_433063.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Deleted files
Created mutexes
Opened mutexes
Opened service managers
Runtime DLLs
UDP communications