× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6860ae27203a571488206e6f9b094491a0d829517725b2546838771f7ecf730d
File name: IE6.exe
Detection ratio: 0 / 40
Analysis date: 2009-02-24 15:29:37 UTC ( 8 years, 4 months ago ) View latest
Antivirus Result Update
a-squared 20090224
AhnLab-V3 20090224
AntiVir 20090224
Authentium 20090224
Avast 20090223
AVG 20090224
BitDefender 20090224
CAT-QuickHeal 20090222
ClamAV 20090224
Comodo 20090220
DrWeb 20090224
eSafe 20090219
eTrust-Vet 20090223
F-Prot 20090224
F-Secure 20090224
Fortinet 20090224
GData 20090224
Ikarus 20090224
K7AntiVirus 20090221
Kaspersky 20090224
McAfee 20090223
McAfee+Artemis 20090223
Microsoft 20090224
NOD32 20090224
NOD32Beta 20090224
Norman 20090224
nProtect 20090224
Panda 20090223
PCTools 20090224
Prevx1 20090224
Rising 20090224
SecureWeb-Gateway 20090224
Sophos 20090224
Sunbelt 20090224
Symantec 20090224
TheHacker 20090224
TrendMicro 20090224
VBA32 20090224
ViRobot 20090224
VirusBuster 20090224
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft Internet Explorer 6
Original name IEXPLORE.EXE
Internal name iexplore
File version 6.00.2800.1106
Description Internet Explorer
Signature verification Certificate out of its validity period
Signers
[+] Code Systems Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer UTN-USERFirst-Object
Valid from 1:00 AM 12/10/2008
Valid to 12:59 AM 12/11/2009
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 7E42AF955A9483F89D326B5380817AB05E9E8C83
Serial number 12 EA 8B 38 0E 14 E9 04 FF FE D5 62 41 E2 7F B4
[+] USERTrust (Code Signing)
Status Valid
Issuer UTN-USERFirst-Object
Valid from 7:31 PM 7/9/1999
Valid to 7:40 PM 7/9/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm sha1RSA
Thumbprint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1970-01-01 00:00:49
Entry Point 0x000041B9
Number of sections 6
PE sections
Overlays
MD5 70e75b681ce55d25fde76ffd1829a8d4
File type data
Offset 35840
Size 13046016
Entropy 7.99
PE imports
CreateFileMappingW
GetLastError
HeapFree
LoadLibraryW
OpenFileMappingW
MapViewOfFile
GetCurrentProcessId
GetModuleHandleA
GetModuleFileNameW
UnmapViewOfFile
CreateFileW
VirtualFree
HeapAlloc
CloseHandle
GetFileInformationByHandle
GetTickCount
GetProcAddress
VirtualAlloc
GetProcessHeap
Number of PE resources by type
RT_ICON 3
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
ENGLISH US 1
PE resources
ExifTool file metadata
PackagerVersion
7.1.139

SubsystemVersion
5.0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.0.2800.1106

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Internet Explorer

CharacterSet
Unicode

InitializedDataSize
28672

EntryPoint
0x41b9

Packager
Xenocode Virtual Application Studio 2009

OriginalFileName
IEXPLORE.EXE

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.00.2800.1106

TimeStamp
1970:01:01 01:00:49+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
iexplore

ProductVersion
6.00.2800.1106

UninitializedDataSize
0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
16384

ProductName
Microsoft Internet Explorer 6

ProductVersionNumber
6.0.2800.1106

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 5b8c290c847da3ac5cf1ddd8d78115c2
SHA1 cb8a6b7c4fec7a3f84663658f3667e4564ebe2d4
SHA256 6860ae27203a571488206e6f9b094491a0d829517725b2546838771f7ecf730d
ssdeep
393216:eI82YwzMsn6fBPAtc+C8dZtvWSCWLVBS1fNJV:E2Ywzd6d6cwhFCWLVCF/

authentihash b2197ec70a90654bbac37f15f905a79e42e513dbb0449c86510356b4016e5ddb
imphash 4582ffdd7eb98cb63a937096204182b7
File size 12.5 MB ( 13081856 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2009-02-24 15:29:37 UTC ( 8 years, 4 months ago )
Last submission 2017-01-30 08:54:30 UTC ( 4 months, 3 weeks ago )
File names Internet Explorer 6 portable.exe
cb8a6b7c4fec7a3f84663658f3667e4564ebe2d4
Portable IE6.exe
IEPortable.exe
ie6.exe
6860AE27203A571488206E6F9B094491A0D829517725B2546838771F7ECF730D.dat
A0055725.exe
file-3152804_exe
Internet Explorer 6 Portable.exe
filename
Explorer 6.exe
IEXPLORE.EXE
file-507950_exe
IE6.exe
5b8c290c847da3ac5cf1ddd8d78115c2_INFC7E.tmp
ie6.exe
iexplore
IE6免安裝.exe
5b8c290c847da3ac5cf1ddd8d78115c2.cb8a6b7c4fec7a3f84663658f3667e4564ebe2d4
IE6.exe
ie6(1).exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!