× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6ed8949bc6e8b39cb3d49cc7d65abb69c474f5b134f9102200298cf32aa6a00a
File name: metadata_1.05.2.exe
Detection ratio: 2 / 62
Analysis date: 2017-06-15 12:33:02 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20170615
TrendMicro-HouseCall Suspicious_GEN.F47V0321 20170615
Ad-Aware 20170615
AegisLab 20170615
AhnLab-V3 20170615
Alibaba 20170615
ALYac 20170615
Antiy-AVL 20170615
Arcabit 20170615
Avast 20170615
AVG 20170615
Avira (no cloud) 20170615
AVware 20170615
BitDefender 20170615
Bkav 20170615
CAT-QuickHeal 20170615
ClamAV 20170615
CMC 20170615
Comodo 20170615
CrowdStrike Falcon (ML) 20170420
Cyren 20170615
DrWeb 20170615
Emsisoft 20170615
Endgame 20170614
ESET-NOD32 20170615
F-Prot 20170615
F-Secure 20170615
Fortinet 20170615
GData 20170615
Ikarus 20170615
Sophos ML 20170607
Jiangmin 20170615
K7AntiVirus 20170615
K7GW 20170615
Kaspersky 20170615
Kingsoft 20170615
Malwarebytes 20170615
McAfee 20170615
McAfee-GW-Edition 20170615
Microsoft 20170615
eScan 20170615
NANO-Antivirus 20170615
nProtect 20170615
Palo Alto Networks (Known Signatures) 20170615
Panda 20170614
Qihoo-360 20170615
Rising 20170615
SentinelOne (Static ML) 20170516
Sophos AV 20170615
SUPERAntiSpyware 20170615
Symantec 20170615
Symantec Mobile Insight 20170614
Tencent 20170615
TheHacker 20170615
TotalDefense 20170615
TrendMicro 20170615
Trustlook 20170615
VBA32 20170615
VIPRE 20170615
ViRobot 20170615
Webroot 20170615
WhiteArmor 20170614
Yandex 20170614
Zillya 20170614
ZoneAlarm by Check Point 20170615
Zoner 20170615
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Signature verification Certificate out of its validity period
Signers
[+] Logipole
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer COMODO RSA Code Signing CA
Valid from 1:00 AM 6/24/2015
Valid to 12:59 AM 6/24/2017
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint CC600CAEB5FB6FB06A74488BF3A9817166FF6615
Serial number 75 45 6C 4B 92 AA AD 95 EF B9 7E CD 50 36 09 52
[+] COMODO RSA Code Signing CA
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 5/9/2013
Valid to 12:59 AM 5/9/2028
Valid usage Code Signing
Algorithm sha384RSA
Thumbprint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
[+] COMODO SECURE™
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 1/19/2010
Valid to 12:59 AM 1/19/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha384RSA
Thumbprint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-02-25 14:10:46
Entry Point 0x000F6BA5
Number of sections 5
PE sections
Overlays
MD5 0ed55ec1cf54e746d747d4d352e27f0a
File type data
Offset 1758208
Size 5168
Entropy 7.51
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW
RegQueryValueW
ImageList_GetIconSize
InitCommonControlsEx
GetFileTitleW
GetTextMetricsW
SetMapMode
GetWindowOrgEx
GetPaletteEntries
CombineRgn
GetViewportOrgEx
GetObjectType
GetBoundsRect
SetLayout
SetPixel
IntersectClipRect
OffsetWindowOrgEx
CreateEllipticRgn
GetTextFaceW
CreatePalette
CreateDIBitmap
SetTextAlign
StretchBlt
Escape
ScaleViewportExtEx
SetWindowExtEx
SetViewportExtEx
SetBkColor
GetBkColor
SetRectRgn
GetTextCharsetInfo
TextOutW
CreateFontIndirectW
OffsetRgn
CreateRectRgnIndirect
LPtoDP
GetPixel
GetLayout
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
EnumFontFamiliesW
PtInRegion
BitBlt
FillRgn
FrameRgn
ScaleWindowExtEx
PtVisible
ExtSelectClipRgn
SelectPalette
SetROP2
GetNearestPaletteIndex
SetDIBColorTable
GetTextColor
SetPixelV
DeleteObject
GetWindowExtEx
PatBlt
CreatePen
GetClipBox
Rectangle
GetDeviceCaps
LineTo
DeleteDC
GetSystemPaletteEntries
GetObjectW
CreateDCW
RealizePalette
CreateHatchBrush
CreatePatternBrush
ExtTextOutW
SetPaletteEntries
CreateBitmap
RectVisible
GetStockObject
SelectClipRgn
SetWindowOrgEx
GetViewportExtEx
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
GetRgnBox
SaveDC
RestoreDC
CreateDIBSection
SetTextColor
ExtFloodFill
MoveToEx
EnumFontFamiliesExW
SetViewportOrgEx
CreateRoundRectRgn
CreateCompatibleDC
CreateRectRgn
SelectObject
SetPolyFillMode
CopyMetaFileW
CreateCompatibleBitmap
CreateSolidBrush
Polyline
DPtoLP
Ellipse
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
GetStdHandle
GetDriveTypeW
FileTimeToSystemTime
DeactivateActCtx
WaitForSingleObject
EncodePointer
GetFileAttributesW
lstrcmpW
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
LocalAlloc
UnhandledExceptionFilter
GetLogicalDrives
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetFileTime
WideCharToMultiByte
InterlockedExchange
WriteFile
GetProfileIntW
GetSystemTimeAsFileTime
ReleaseActCtx
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
FormatMessageW
ResumeThread
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
GetFullPathNameW
SetLastError
GetUserDefaultUILanguage
DeviceIoControl
CopyFileW
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
HeapSetInformation
SetThreadPriority
ActivateActCtx
GetVolumeInformationW
InterlockedDecrement
MultiByteToWideChar
GetPrivateProfileStringW
GlobalAddAtomW
CreateThread
GetSystemDirectoryW
SetUnhandledExceptionFilter
MulDiv
IsProcessorFeaturePresent
ExitThread
DecodePointer
SetEnvironmentVariableA
TerminateProcess
SearchPathW
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
GetNumberFormatW
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetLastError
GetVersionExW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
lstrcmpiW
RtlUnwind
GlobalFindAtomW
GlobalSize
UnlockFile
GetWindowsDirectoryW
GetFileSize
LCMapStringW
GetStartupInfoW
CreateDirectoryW
GlobalLock
GetPrivateProfileIntW
GetProcessHeap
GetTempFileNameW
CompareStringW
lstrcpyW
GetFileSizeEx
GlobalReAlloc
lstrcmpA
FindFirstFileW
DuplicateHandle
GetProcAddress
GetTempPathW
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
HeapAlloc
InterlockedIncrement
GlobalGetAtomNameW
LocalReAlloc
GlobalDeleteAtom
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCommandLineW
HeapQueryInformation
GetCPInfo
HeapSize
WritePrivateProfileStringW
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
GetACP
GetModuleHandleW
FreeResource
GetFileAttributesExW
FindResourceExW
IsValidCodePage
HeapCreate
FindResourceW
VirtualQuery
CreateProcessW
Sleep
VirtualAlloc
GetOEMCP
TransparentBlt
AlphaBlend
LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SystemTimeToVariantTime
VarBstrFromDate
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString
VariantInit
DragQueryFileW
SHCreateDirectoryExW
DragFinish
SHGetKnownFolderPath
SHGetDesktopFolder
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetFileInfoW
SHParseDisplayName
SHBrowseForFolderW
UrlUnescapeW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathFindExtensionW
PathStripToRootW
SetFocus
GetMessagePos
SetWindowRgn
RedrawWindow
SetMenuItemBitmaps
SetMenuDefaultItem
MoveWindow
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
DrawStateW
SetWindowPos
SetScrollPos
IsWindow
GrayStringW
EndPaint
WindowFromPoint
GetMessageTime
SetActiveWindow
GetMenuItemID
GetAsyncKeyState
MapDialogRect
LoadBitmapW
DefFrameProcW
IsDialogMessageW
GetMenuStringW
CharUpperW
GetClientRect
DefWindowProcW
DrawTextW
GetNextDlgTabItem
CallNextHookEx
IsClipboardFormatAvailable
LoadImageW
TrackPopupMenu
GetTopWindow
MapVirtualKeyExW
RegisterClipboardFormatW
LockWindowUpdate
GetWindowTextLengthW
LoadAcceleratorsW
GetActiveWindow
GetKeyState
PtInRect
DrawEdge
GetParent
UpdateWindow
GetPropW
EqualRect
SetClassLongW
ShowScrollBar
GetMenuState
GetWindowTextW
GetMessageW
ShowWindow
DrawFrameControl
GetNextDlgGroupItem
SetPropW
EnumDisplayMonitors
GetCursorPos
PeekMessageW
TranslateMDISysAccel
InsertMenuItemW
SetWindowPlacement
CopyAcceleratorTableW
GetClassInfoW
LoadIconW
GetMenuCheckMarkDimensions
TranslateMessage
IsWindowEnabled
GetWindow
GetMenuDefaultItem
RegisterClassW
GetIconInfo
SetParent
SetClipboardData
ScrollWindow
IsZoomed
GetWindowPlacement
DestroyWindow
SetWindowLongW
DrawMenuBar
IsCharLowerW
EnableMenuItem
InvertRect
GetScrollPos
DrawFocusRect
GetScrollRange
SetTimer
ShowOwnedPopups
FillRect
MonitorFromPoint
CreateAcceleratorTableW
GetSysColorBrush
RealChildWindowFromPoint
CreateWindowExW
TabbedTextOutW
GetWindowLongW
GetUpdateRect
GetMenuItemInfoW
IsChild
MapWindowPoints
RegisterWindowMessageW
GetMonitorInfoW
BeginPaint
OffsetRect
DefMDIChildProcW
DrawIcon
CopyIcon
KillTimer
MapVirtualKeyW
GetClassInfoExW
ToUnicodeEx
SendDlgItemMessageA
GetSystemMetrics
IsIconic
SetScrollRange
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
IntersectRect
SendDlgItemMessageW
PostMessageW
InvalidateRect
CheckDlgButton
WaitMessage
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetClassLongW
GetLastActivePopup
DrawIconEx
CharUpperBuffW
SetWindowTextW
CreateMenu
GetDlgItem
RemovePropW
BringWindowToTop
ClientToScreen
GetScrollInfo
GetKeyboardState
PostThreadMessageW
GetMenuItemCount
IsDlgButtonChecked
DestroyAcceleratorTable
GetDesktopWindow
GetKeyboardLayout
LoadCursorW
GetSystemMenu
ReuseDDElParam
GetDC
InsertMenuW
SetForegroundWindow
NotifyWinEvent
OpenClipboard
EmptyClipboard
CreateDialogIndirectParamW
ReleaseDC
DrawTextExW
SetLayeredWindowAttributes
EndDialog
HideCaret
CopyRect
GetCapture
GetDlgCtrlID
ScreenToClient
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
DeferWindowPos
BeginDeferWindowPos
MessageBoxW
SendMessageW
RegisterClassExW
UnhookWindowsHookEx
SetRectEmpty
DialogBoxParamW
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
DispatchMessageW
SetDlgItemTextW
SetScrollInfo
CopyImage
EndDeferWindowPos
GetWindowRgn
UpdateLayeredWindow
GetDoubleClickTime
DestroyIcon
IsWindowVisible
WinHelpW
SubtractRect
UnpackDDElParam
SetCursorPos
SystemParametersInfoW
UnionRect
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
GetKeyNameTextW
CallWindowProcW
GetClassNameW
ModifyMenuW
SetWindowsHookExW
ValidateRect
IsRectEmpty
IsMenu
GetFocus
EnableWindow
CloseClipboard
GetDlgItemTextW
TranslateAcceleratorW
GetMenu
SetMenu
SetCursor
InternetSetOptionExW
HttpQueryInfoW
InternetOpenW
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetWriteFile
InternetReadFile
InternetCloseHandle
InternetCrackUrlW
InternetSetStatusCallbackW
InternetOpenUrlW
InternetSetFilePointer
InternetGetLastResponseInfoW
PlaySoundW
ClosePrinter
DocumentPropertiesW
OpenPrinterW
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipGetImagePalette
GdipDisposeImage
GdipBitmapUnlockBits
GdiplusStartup
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipGetImageWidth
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipGetImagePaletteSize
GdipDrawImageI
GdipDrawImageRectI
GdipSetInterpolationMode
GdipFree
GdipGetImageHeight
GdipCloneImage
GdipGetImageGraphicsContext
CreateStreamOnHGlobal
OleLockRunning
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoLockObjectExternal
IsAccelerator
CoCreateInstance
RegisterDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
ReleaseStgMedium
DoDragDrop
RevokeDragDrop
OleGetClipboard
CoInitializeEx
OleDuplicateData
CoTaskMemFree
OleTranslateAccelerator
Number of PE resources by type
RT_ICON 5
RT_BITMAP 2
RT_DIALOG 1
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
FRENCH 2
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2017:02:25 15:10:46+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
1151488

LinkerVersion
10.0

EntryPoint
0xf6ba5

InitializedDataSize
605696

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 98505aeaaec5146748c7d7b10a229478
SHA1 498dc05317eab5e40a4153a26de1667e6abc2e1d
SHA256 6ed8949bc6e8b39cb3d49cc7d65abb69c474f5b134f9102200298cf32aa6a00a
ssdeep
49152:6vOV/cg+7gKYUXjZC5xxArr1MxJMYisd+I2RdejMqsoTuBFmTIZ+ua6QlJw9p:6K/c7gKYUXjGxxAP1MxJMYisd+I6d9oE

authentihash 5bec9c2e4eee2e81428749eaecd4b63aa7b5062814d77a038677ef855193df76
imphash 2ad28f1ecce52b0386926c0a57019718
File size 1.7 MB ( 1763376 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (44.9%)
Win64 Executable (generic) (39.8%)
Win32 Executable (generic) (6.4%)
OS/2 Executable (generic) (2.9%)
Generic Win/DOS Executable (2.8%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2017-03-04 21:53:35 UTC ( 1 year, 5 months ago )
Last submission 2018-05-21 19:27:02 UTC ( 2 months, 3 weeks ago )
File names metadata_1.05.2.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!