× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6f7840c77f99049d788155c1351e1560b62b8ad18ad0e9adda8218b9f432f0a9
Detection ratio: 45 / 64
Analysis date: 2017-09-22 22:39:25 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.PRForm.A 20170922
AhnLab-V3 Trojan/Win32.Floxif.C2148591 20170922
ALYac Trojan.CChack.A 20170922
Antiy-AVL Trojan[FakeAV]/Win32.CCleaner 20170922
Arcabit Trojan.PRForm.A 20170922
Avast Win32:TlsHack-A [Trj] 20170922
AVG Win32:TlsHack-A [Trj] 20170922
Avira (no cloud) TR/CCleanerHKed.533.1 20170922
BitDefender Trojan.PRForm.A 20170922
CAT-QuickHeal Backdoor.Infecleaner 20170922
ClamAV Win.Trojan.Floxif-6336251-0 20170922
Comodo TrojWare.Win32.CCleaner.~A 20170922
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170804
Cylance Unsafe 20170922
Cyren W32/CChack.SQBY-7641 20170922
DrWeb Trojan.CCleaner.2 20170922
Emsisoft Backdoor.CCHack (A) 20170922
ESET-NOD32 Win32/HackedApp.CCleaner.A 20170922
F-Prot W32/CChack.A 20170922
F-Secure Trojan.PRForm.A 20170922
GData Win32.Backdoor.Forpivast.B 20170922
Ikarus Backdoor.Hacked.CCleaner 20170922
K7AntiVirus Trojan ( 005174a31 ) 20170922
K7GW Trojan ( 005174a31 ) 20170922
Kaspersky Backdoor.Win32.InfeCleaner.a 20170922
Malwarebytes Trojan.Floxif 20170922
McAfee BackDoor-FDQI 20170922
McAfee-GW-Edition BackDoor-FDQI 20170922
Microsoft Backdoor:Win32/Floxif 20170922
eScan Trojan.PRForm.A 20170922
NANO-Antivirus Trojan.Win32.Floxif.estdxt 20170922
nProtect Backdoor/W32.Floxif.7680216 20170922
Palo Alto Networks (Known Signatures) generic.ml 20170922
Panda Generic Malware 20170922
Qihoo-360 Trojan.Generic 20170922
Rising Trojan.Win32.Generic.19DED509 (C64:YzY0OrBzlxbsmvBB) 20170922
Sophos AV Troj/Mogoa-A 20170922
Symantec Trojan.Sibakdi 20170922
Tencent Win32.Trojan.Gen.Anvr 20170922
TrendMicro BKDR_CCHACK.A 20170922
TrendMicro-HouseCall BKDR_CCHACK.A 20170922
VBA32 Trojan.Nyetya 20170922
ViRobot Backdoor.Win32.S.HackedCcleaner.7680216 20170922
Webroot W32.Trojan.Floxif 20170922
ZoneAlarm by Check Point Backdoor.Win32.InfeCleaner.a 20170922
AegisLab 20170922
Alibaba 20170911
Avast-Mobile 20170922
AVware 20170922
Baidu 20170922
CMC 20170920
Endgame 20170821
Fortinet 20170922
Sophos ML 20170914
Jiangmin 20170922
Kingsoft 20170922
MAX 20170922
SentinelOne (Static ML) 20170806
SUPERAntiSpyware 20170922
Symantec Mobile Insight 20170922
TheHacker 20170921
Trustlook 20170922
VIPRE 20170922
WhiteArmor 20170829
Yandex 20170908
Zillya 20170922
Zoner 20170922
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © 2005-2017 Piriform Ltd

Product CCleaner
Original name ccleaner.exe
Internal name ccleaner
File version 5, 33, 00, 6162
Description CCleaner
Comments CCleaner
Signature verification A certificate was explicitly revoked by its issuer.
Signing date 10:42 AM 8/3/2017
Signers
[+] Piriform Ltd
Status This certificate or one of the certificates in the certificate chain is not time valid., Trust for this certificate or one of the certificates in the certificate chain has been revoked.
Issuer Symantec Class 3 SHA256 Code Signing CA
Valid from 1:00 AM 8/12/2015
Valid to 12:59 AM 10/11/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint F4BDA9EFA31EF4A8FA3B6BB0BE13862D7B8ED9B0
Serial number 4B 48 B2 7C 82 24 FE 37 B1 7A 6A 2E D7 A8 1C 9F
[+] Symantec Class 3 SHA256 Code Signing CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 12/10/2013
Valid to 12:59 AM 12/10/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint 007790F6561DAD89B0BCD85585762495E358F8A5
Serial number 3D 78 D7 F9 76 49 60 B2 61 7D F4 F0 1E CA 86 2A
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec SHA256 TimeStamping Signer - G2
Status Valid
Issuer Symantec SHA256 TimeStamping CA
Valid from 1:00 AM 1/2/2017
Valid to 12:59 AM 4/2/2028
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 625AEC3AE4EDA1D169C4EE909E85B3BBC61076D3
Serial number 54 58 F2 AA D7 41 D6 44 BC 84 A9 7B A0 96 52 E6
[+] Symantec SHA256 TimeStamping CA
Status Valid
Issuer VeriSign Universal Root Certification Authority
Valid from 1:00 AM 1/12/2016
Valid to 12:59 AM 1/12/2031
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 6FC9EDB5E00AB64151C1CDFCAC74AD2C7B7E3BE4
Serial number 7B 05 B1 D4 49 68 51 44 F7 C9 89 D2 9C 19 9D 12
[+] VeriSign Universal Root Certification Authority
Status Valid
Issuer VeriSign Universal Root Certification Authority
Valid from 1:00 AM 4/2/2008
Valid to 12:59 AM 12/2/2037
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha256RSA
Thumbrint 3679CA35668772304D30A5FB873B0FA77BB70D54
Serial number 40 1A C4 64 21 B3 13 21 03 0E BB E4 12 1A C5 1D
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-08-03 09:25:13
Entry Point 0x000D4DFD
Number of sections 7
PE sections
Overlays
MD5 1115e9abe998051167ea4936fade955f
File type data
Offset 7667200
Size 13016
Entropy 7.35
PE imports
RegCreateKeyExW
RegCloseKey
LookupAccountSidW
RegDeleteKeyW
CopySid
SetEntriesInAclW
AccessCheck
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExW
RegNotifyChangeKeyValue
CryptHashData
RegQueryValueExW
CryptCreateHash
GetSidSubAuthorityCount
GetFileSecurityW
OpenProcessToken
GetUserNameW
DuplicateToken
ClearEventLogW
LookupAccountNameW
OpenEventLogW
ConvertSidToStringSidW
GetTokenInformation
LookupPrivilegeNameW
CryptReleaseContext
CryptAcquireContextA
CloseEventLog
IsValidSid
GetSidIdentifierAuthority
RegQueryInfoKeyW
CryptGenRandom
RegEnumKeyExW
CryptAcquireContextW
GetSidSubAuthority
RegLoadKeyW
GetLengthSid
MapGenericMask
OpenThreadToken
RegDeleteValueW
RegSetValueExW
FreeSid
CryptGetHashParam
RegEnumValueW
AllocateAndInitializeSid
EqualSid
RegUnLoadKeyW
SetNamedSecurityInfoW
ImageList_GetImageCount
ImageList_Duplicate
InitCommonControlsEx
ImageList_Destroy
_TrackMouseEvent
ImageList_LoadImageW
ImageList_Draw
ImageList_GetIconSize
ImageList_Remove
ImageList_Create
ImageList_SetIconSize
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Add
GetSaveFileNameW
GetOpenFileNameW
GetDIBColorTable
GetTextMetricsW
PolylineTo
TextOutW
CreateFontIndirectW
PatBlt
CreatePen
SaveDC
CreateRectRgnIndirect
EndPath
CombineRgn
GetClipBox
GetClipRgn
Rectangle
GetDeviceCaps
ExcludeClipRect
LineTo
DeleteDC
RestoreDC
SetBkMode
DeleteObject
GetObjectW
BitBlt
CreateDIBSection
SetTextColor
CreatePatternBrush
MoveToEx
ExtTextOutW
CreateBitmap
CreateDCW
GetStockObject
SetViewportOrgEx
UnrealizeObject
SelectClipRgn
CreateCompatibleDC
StrokeAndFillPath
StretchBlt
CreateRectRgn
GetTextExtentPoint32W
SetDIBColorTable
Ellipse
GetTextColor
CreateSolidBrush
SelectObject
SetBkColor
BeginPath
GetBkColor
CreateCompatibleBitmap
GetStdHandle
GetDriveTypeW
InterlockedPopEntrySList
CreateWaitableTimerA
GetFileAttributesA
SetEvent
LockResource
HeapDestroy
GetPrivateProfileSectionNamesW
CreateTimerQueue
GetFileAttributesW
GetCommandLineW
lstrcmpW
SystemTimeToTzSpecificLocalTime
HeapAlloc
GetCurrentProcess
CompareFileTime
GetConsoleMode
FreeEnvironmentStringsW
LocalAlloc
EnumSystemLocalesW
SetFilePointer
SetErrorMode
GetLogicalDrives
GetFileInformationByHandle
InitializeSListHead
GetThreadContext
GetLocaleInfoW
SetStdHandle
GetTempPathA
GetCPInfo
GetDiskFreeSpaceW
InterlockedExchange
GetTempPathW
WaitForSingleObject
GetSystemTimeAsFileTime
GetCommandLineA
GetThreadTimes
GetDiskFreeSpaceA
GetStringTypeW
QueryDepthSList
ResumeThread
GetFullPathNameA
FreeLibrary
LocalFree
FormatMessageW
GetThreadPriority
FreeLibraryAndExitThread
UnhandledExceptionFilter
OutputDebugStringW
GlobalHandle
FindClose
TlsGetValue
MoveFileW
GetFullPathNameW
SignalObjectAndWait
OutputDebugStringA
GetCurrentThread
GetEnvironmentVariableW
SetLastError
GetSystemTime
DeviceIoControl
InitializeCriticalSection
CopyFileW
GetUserDefaultLangID
LoadResource
RemoveDirectoryW
TryEnterCriticalSection
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
FlushViewOfFile
lstrcmpiW
VerSetConditionMask
SetProcessWorkingSetSize
LoadLibraryExA
GetCurrentDirectoryW
SetThreadPriority
GetVolumeInformationW
InterlockedDecrement
MultiByteToWideChar
VerifyVersionInfoW
SetFilePointerEx
DeleteTimerQueueTimer
FlushInstructionCache
GetPrivateProfileStringW
FormatMessageA
RegisterWaitForSingleObject
SetFileAttributesW
LockFileEx
CreateThread
GetSystemDirectoryW
MoveFileExW
InterlockedFlushSList
DeleteCriticalSection
SetNamedPipeHandleState
SetUnhandledExceptionFilter
CreateMutexW
MulDiv
IsProcessorFeaturePresent
ExitThread
SetEnvironmentVariableA
WaitForMultipleObjectsEx
GlobalMemoryStatus
CreateSemaphoreW
GetModuleHandleExW
SetCurrentDirectoryW
VirtualQuery
ChangeTimerQueueTimer
CreateEventW
SetEndOfFile
BackupSeek
SetWaitableTimer
GetProcAddress
GetNumberFormatW
WriteConsoleW
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
TerminateThread
LoadLibraryW
OpenThread
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
LocalLock
LeaveCriticalSection
UnlockFile
GetWindowsDirectoryW
GetFileSize
LCMapStringW
OpenProcess
DeleteFileA
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
VirtualProtectEx
GetProcessHeap
GetTempFileNameW
GetComputerNameW
GetTimeFormatW
lstrcpyW
WaitNamedPipeW
GetModuleFileNameW
ExpandEnvironmentStringsW
lstrcmpA
FindNextFileW
HeapValidate
ResetEvent
CreateTimerQueueTimer
CreateFileMappingA
FindFirstFileW
IsValidLocale
DuplicateHandle
FindFirstFileExW
GetUserDefaultLCID
GetLongPathNameW
GetDiskFreeSpaceExW
GetPrivateProfileSectionW
GetProcessAffinityMask
GetTimeZoneInformation
Sleep
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
GetCurrentThreadId
LocalUnlock
InterlockedIncrement
FileTimeToSystemTime
InterlockedPushEntrySList
SystemTimeToFileTime
CreateFileMappingW
GetShortPathNameW
HeapCreate
GetSystemInfo
GlobalFree
GetConsoleCP
FindResourceW
UnregisterWaitEx
CompareStringW
GetProcessTimes
GlobalAlloc
GetEnvironmentStringsW
GlobalUnlock
QueryPerformanceFrequency
LockFile
lstrlenW
CreateProcessW
HeapCompact
WaitForSingleObjectEx
GetLastError
SwitchToThread
SizeofResource
UnregisterWait
GetCurrentProcessId
VirtualQueryEx
SetFileTime
GetCompressedFileSizeW
WideCharToMultiByte
HeapSize
RaiseException
BackupRead
SetThreadAffinityMask
InterlockedCompareExchange
WritePrivateProfileStringW
SuspendThread
ReadConsoleW
ReleaseSemaphore
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
LoadLibraryExW
RtlCaptureContext
CloseHandle
UnlockFileEx
GetACP
GlobalLock
GetModuleHandleW
GetVersion
FileTimeToLocalFileTime
IsBadStringPtrW
GetFileAttributesExW
FindResourceExW
GetLogicalProcessorInformation
GetNumaHighestNodeNumber
GetLocalTime
IsValidCodePage
UnmapViewOfFile
WriteFile
VirtualFree
HeapReAlloc
TransactNamedPipe
TerminateProcess
OpenEventA
VirtualAlloc
VarUI4FromStr
OleCreateFontIndirect
VariantTimeToSystemTime
SysStringLen
VarBstrFromI4
LoadRegTypeLib
SysAllocStringLen
VariantChangeType
VariantClear
SysAllocString
DispCallFunc
LoadTypeLib
SysFreeString
VariantInit
VarBstrFromR8
UuidFromStringA
DragQueryFileW
SHEmptyRecycleBinW
SHAddToRecentDocs
SHBrowseForFolderW
Shell_NotifyIconW
ShellExecuteW
SHGetPathFromIDListW
ExtractIconExW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFileInfoW
DragFinish
PathIsUNCW
PathFindExtensionW
PathRemoveArgsW
SHStrDupW
PathIsRelativeW
PathIsDirectoryW
PathRemoveBackslashW
PathCompactPathW
PathRemoveExtensionA
PathGetDriveNumberW
PathStripToRootW
PathCombineW
PathRemoveExtensionW
PathStripPathW
PathRemoveFileSpecW
PathIsDirectoryEmptyW
PathCreateFromUrlW
PathAppendW
PathStripPathA
PathMatchSpecW
PathUnquoteSpacesW
PathFindFileNameW
Ord(487)
PathIsURLW
PathAddExtensionW
PathSkipRootW
PathFileExistsW
StrRetToStrW
RedrawWindow
GetForegroundWindow
LoadBitmapW
SetRectEmpty
EnableScrollBar
DestroyMenu
PostQuitMessage
GetMessagePos
DrawStateW
SetWindowPos
SetScrollPos
IsWindow
DispatchMessageA
EndPaint
ScrollWindowEx
OpenIcon
WindowFromPoint
CopyRect
GetDC
GetAsyncKeyState
ReleaseDC
GetDlgCtrlID
GetMenu
UnregisterClassW
GetClientRect
SetMenuDefaultItem
GetNextDlgTabItem
CallNextHookEx
IsClipboardFormatAvailable
LoadImageW
ClientToScreen
GetActiveWindow
FindWindowW
GetWindowTextW
LockWindowUpdate
GetWindowTextLengthW
MsgWaitForMultipleObjects
InvalidateRgn
DrawTextW
PtInRect
DrawEdge
GetParent
UpdateWindow
GetWindow
GetPropW
EnumWindows
GetMessageW
ShowWindow
DrawFrameControl
GetNextDlgGroupItem
SetPropW
PeekMessageW
EnableWindow
LoadIconW
ChildWindowFromPoint
TranslateMessage
IsWindowEnabled
GetDlgItemTextW
GetDlgItemInt
RegisterClassW
SetClipboardData
CharLowerA
IsZoomed
GetWindowPlacement
LoadStringW
IsIconic
DrawFocusRect
SetTimer
IsDialogMessageW
FillRect
CreateAcceleratorTableW
WaitForInputIdle
GetSysColorBrush
GetDialogBaseUnits
CreateWindowExW
GetWindowLongW
GetCursorPos
GetWindowInfo
DestroyWindow
IsChild
MapWindowPoints
RegisterWindowMessageW
GetMonitorInfoW
ReleaseCapture
GetMessageA
BeginPaint
OffsetRect
DefWindowProcW
GetScrollPos
KillTimer
TrackMouseEvent
GetComboBoxInfo
IsWindowUnicode
GetClipboardData
GetClassInfoExW
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
SetCapture
DrawIcon
DrawTextExW
CharLowerW
SendDlgItemMessageW
PostMessageW
EndDialog
CreateDialogParamW
WaitMessage
CreatePopupMenu
GetClassLongW
GetLastActivePopup
SetWindowTextW
GetDlgItem
RemovePropW
BringWindowToTop
GetSystemMenu
ScreenToClient
TrackPopupMenu
IsDlgButtonChecked
DestroyAcceleratorTable
CheckDlgButton
GetDesktopWindow
SetWindowsHookExW
LoadCursorW
EnumDisplaySettingsW
FindWindowExW
GetMenuItemID
InsertMenuW
SetForegroundWindow
ExitWindowsEx
OpenClipboard
EmptyClipboard
CreateDialogIndirectParamW
MapDialogRect
GetScrollRange
SetLayeredWindowAttributes
GetScrollInfo
SetWindowContextHelpId
GetCapture
GetShellWindow
MessageBeep
SetFocus
GetWindowThreadProcessId
ShowScrollBar
GetLastInputInfo
SendMessageW
RegisterClassExW
UnhookWindowsHookEx
MoveWindow
DialogBoxParamW
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetFocus
GetSysColor
DispatchMessageW
SetDlgItemTextW
SetScrollInfo
GetKeyState
SystemParametersInfoA
DestroyIcon
IsWindowVisible
WinHelpW
SetCursorPos
SystemParametersInfoW
MessageBoxW
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
InvalidateRect
CharNextW
CallWindowProcW
GetClassNameW
GetClassInfoW
EnableMenuItem
SendMessageTimeoutW
wsprintfW
CloseClipboard
SetCursor
GdipBitmapLockBits
GdipCreateBitmapFromFile
GdipDrawRectangleI
GdipDrawLine
GdipCreateSolidFill
GdipSetSmoothingMode
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipGetImagePalette
GdipDisposeImage
GdipBitmapUnlockBits
GdipCreateHatchBrush
GdiplusStartup
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipCreatePen1
GdipGetImageWidth
GdipAlloc
GdipGetImagePaletteSize
GdipDrawImageI
GdipDeletePen
GdipFillRectangleI
GdipCloneBrush
GdipFree
GdipGetImageHeight
GdipFillRectangle
GdipCloneImage
GdipDeleteBrush
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
OleLockRunning
CoUninitialize
StgOpenStorageEx
OleUninitialize
DoDragDrop
StringFromGUID2
CoSetProxyBlanket
CreateStreamOnHGlobal
ReleaseStgMedium
RegisterDragDrop
RevokeDragDrop
OleDuplicateData
CLSIDFromString
CoGetClassObject
CoInitialize
OleInitialize
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc
CoInitializeEx
StgIsStorageFile
CLSIDFromProgID
CoInitializeSecurity
PropVariantClear
CoTaskMemFree
Number of PE resources by type
PNG 391
RT_STRING 97
RT_DIALOG 71
RT_BITMAP 22
AFX_DIALOG_LAYOUT 17
RT_ICON 11
RT_MENU 9
RT_GROUP_ICON 6
INI 3
Struct(240) 2
BRANDING 1
RT_MANIFEST 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH UK 628
ENGLISH US 4
ENGLISH CAN 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

Comments
CCleaner

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.33.0.6162

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
CCleaner

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
6420992

EntryPoint
0xd4dfd

OriginalFileName
ccleaner.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2005-2017 Piriform Ltd

FileVersion
5, 33, 00, 6162

TimeStamp
2017:08:03 10:25:13+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
ccleaner

ProductVersion
5, 33, 00, 6162

UninitializedDataSize
0

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Piriform Ltd

CodeSize
3362304

ProductName
CCleaner

ProductVersionNumber
5.33.0.6162

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Execution parents
Compressed bundles
File identification
MD5 ef694b89ad7addb9a16bb6f26f1efaf7
SHA1 8983a49172af96178458266f93d65fa193eaaef2
SHA256 6f7840c77f99049d788155c1351e1560b62b8ad18ad0e9adda8218b9f432f0a9
ssdeep
98304:K/IuhWF8V2T29N/78QsAYOj0exgPujgFPGctXLcaDR8:iWFmNT8QsHGkx95R8

authentihash 2ad2a4ecb5a25e4d7e2a02a51436c94f63a3075985ef81dc01b017f3cb01ecd2
imphash 0a2846d08c140716112b3f476b4f75f8
File size 7.3 MB ( 7680216 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Windows ActiveX control (59.3%)
Win32 EXE PECompact compressed (generic) (21.1%)
Win64 Executable (generic) (14.0%)
Win32 Executable (generic) (2.2%)
OS/2 Executable (generic) (1.0%)
Tags
revoked-cert peexe signed overlay

VirusTotal metadata
First submission 2017-08-15 08:23:31 UTC ( 1 year, 4 months ago )
Last submission 2018-12-12 20:35:25 UTC ( 1 day, 13 hours ago )
File names CCleaner.exe
ccleaner.exe
CCleaner533.exe
localfile~
CCleaner.exe
ccleaner.exe
CCleaner.exe
6f7840c77f99049d788155c1351e1560b62b8ad18ad0e9adda8218b9f432f0a9.bin
CCleaner.exe
ccleaner
CCleaner (2017_08_26 16_59_31 UTC).exe
CCleaner.exe
CCleaner [32-bit].exe
CCleaner_v5.33.6162.exe
CCleaner.exe
CCleaner.exe
CCleaner_PORTABLE.exe
ef694b89ad7addb9a16bb6f26f1efaf7
backdoor.exe
ccleaner.exe
CCLEANER.EXE
CCleaner.exe
A0521780.exe
6F7840C77F99049D788155C1351E1560B62B8AD18AD0E9ADDA8218B9F432F0A9.exe
CCleaner.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Created mutexes
Runtime DLLs