× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 70a1999f0daae30ffae445b7dc10bf0c9301b4b58963cc79bf45ef4e91e778f8
File name: setup-Paporize-SecureViewer-0.2.2.0.exe
Detection ratio: 0 / 55
Analysis date: 2015-06-24 16:50:42 UTC ( 3 years, 5 months ago )
Antivirus Result Update
Ad-Aware 20150623
AegisLab 20150623
Yandex 20150623
AhnLab-V3 20150623
Alibaba 20150624
ALYac 20150624
Antiy-AVL 20150623
Arcabit 20150624
Avast 20150623
AVG 20150623
Avira (no cloud) 20150624
AVware 20150623
Baidu-International 20150624
BitDefender 20150623
Bkav 20150623
ByteHero 20150624
CAT-QuickHeal 20150623
ClamAV 20150624
Comodo 20150623
Cyren 20150623
DrWeb 20150623
Emsisoft 20150623
ESET-NOD32 20150623
F-Prot 20150623
F-Secure 20150623
Fortinet 20150624
GData 20150623
Ikarus 20150623
Jiangmin 20150623
K7AntiVirus 20150623
K7GW 20150623
Kaspersky 20150623
Kingsoft 20150624
Malwarebytes 20150624
McAfee 20150624
McAfee-GW-Edition 20150623
Microsoft 20150624
eScan 20150623
NANO-Antivirus 20150623
nProtect 20150623
Panda 20150623
Qihoo-360 20150624
Rising 20150618
Sophos AV 20150624
SUPERAntiSpyware 20150623
Symantec 20150623
Tencent 20150624
TheHacker 20150622
TrendMicro 20150623
TrendMicro-HouseCall 20150624
VBA32 20150624
VIPRE 20150623
ViRobot 20150623
Zillya 20150624
Zoner 20150624
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Paporize

Publisher Paporize Inc.
Product SecureViewer Setup
File version 0.2.2.0
Description SecureViewer
Comments Paporize
Signature verification Signed file, verified signature
Signing date 5:28 PM 6/24/2015
Signers
[+] Paporize Inc.
Status Valid
Issuer None
Valid from 1:00 AM 4/13/2015
Valid to 12:59 AM 4/13/2016
Valid usage Code Signing
Algorithm 1.2.840.113549.1.1.11
Thumbprint 139A037FDB6F7C7B744756CDFE339674C940FFE1
Serial number 22 D1 CB A4 4E E7 92 D4 59 4E 6D 49 64 0A 9B 32
[+] COMODO RSA Code Signing CA
Status Valid
Issuer None
Valid from 1:00 AM 5/9/2013
Valid to 12:59 AM 5/9/2028
Valid usage Code Signing
Algorithm 1.2.840.113549.1.1.12
Thumbprint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
[+] COMODO
Status Valid
Issuer None
Valid from 1:00 AM 1/19/2010
Valid to 12:59 AM 1/19/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm 1.2.840.113549.1.1.12
Thumbprint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
Counter signers
[+] COMODO Time Stamping Signer
Status Valid
Issuer None
Valid from 1:00 AM 5/5/2015
Valid to 12:59 AM 1/1/2016
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint DF946A5E503015777FD22F46B5624ECD27BEE376
Serial number 00 9F EA C8 11 B0 F1 62 47 A5 FC 20 D8 05 23 AC E6
[+] USERTrust
Status Valid
Issuer None
Valid from 7:31 PM 7/9/1999
Valid to 7:40 PM 7/9/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm SHA1
Thumbrint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
Packers identified
F-PROT NSIS
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-12-05 22:50:52
Entry Point 0x000030FA
Number of sections 5
PE sections
Overlays
MD5 0ca15980d0fae7ba89f13aa0983827e2
File type data
Offset 49152
Size 7079904
Entropy 8.00
PE imports
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyA
RegDeleteValueA
ImageList_Create
Ord(17)
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
SetBkMode
CreateBrushIndirect
CreateFontIndirectA
SelectObject
SetBkColor
DeleteObject
SetTextColor
GetLastError
lstrlenA
GetFileAttributesA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
CopyFileA
ExitProcess
SetFileTime
GlobalUnlock
LoadLibraryA
GetModuleFileNameA
GetShortPathNameA
GetCurrentProcess
LoadLibraryExA
CompareFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileSize
lstrcatA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GlobalLock
SetFileAttributesA
SetFilePointer
GetTempPathA
CreateThread
lstrcmpiA
GetModuleHandleA
lstrcmpA
ReadFile
WriteFile
FindFirstFileA
CloseHandle
GetTempFileNameA
lstrcpynA
FindNextFileA
RemoveDirectoryA
GetSystemDirectoryA
GetDiskFreeSpaceA
ExpandEnvironmentStringsA
GetFullPathNameA
FreeLibrary
MoveFileA
CreateProcessA
GlobalAlloc
SearchPathA
FindClose
Sleep
CreateFileA
GetTickCount
GetVersion
GetProcAddress
SetCurrentDirectoryA
MulDiv
SHGetFileInfoA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHFileOperationA
EmptyClipboard
GetMessagePos
EndPaint
CharPrevA
EndDialog
BeginPaint
PostQuitMessage
DefWindowProcA
SetWindowTextA
SetClassLongA
LoadBitmapA
SetWindowPos
GetSystemMetrics
IsWindow
AppendMenuA
GetWindowRect
DispatchMessageA
ScreenToClient
SetDlgItemTextA
MessageBoxIndirectA
LoadImageA
GetDlgItemTextA
PeekMessageA
SetWindowLongA
IsWindowEnabled
GetSysColor
CheckDlgButton
GetDC
FindWindowExA
SystemParametersInfoA
CreatePopupMenu
wsprintfA
DialogBoxParamA
SetClipboardData
IsWindowVisible
GetClassInfoA
SetForegroundWindow
GetClientRect
CreateWindowExA
GetDlgItem
CreateDialogParamA
DrawTextA
EnableMenuItem
RegisterClassA
InvalidateRect
GetWindowLongA
SendMessageTimeoutA
SetTimer
LoadCursorA
TrackPopupMenu
SendMessageA
FillRect
ShowWindow
OpenClipboard
CharNextA
CallWindowProcA
GetSystemMenu
EnableWindow
CloseClipboard
DestroyWindow
ExitWindowsEx
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
OleUninitialize
CoTaskMemFree
OleInitialize
CoCreateInstance
Number of PE resources by type
RT_ICON 7
RT_DIALOG 5
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 14
NEUTRAL 1
PE resources
ExifTool file metadata
LegalTrademarks
SecureViewer is a trademark of Paporize

UninitializedDataSize
1024

Comments
Paporize

LinkerVersion
6.0

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
0.2.2.0

LanguageCode
Neutral

FileFlagsMask
0x0000

CharacterSet
Windows, Latin1

InitializedDataSize
164864

EntryPoint
0x30fa

MIMEType
application/octet-stream

LegalCopyright
Paporize

FileVersion
0.2.2.0

TimeStamp
2009:12:05 23:50:52+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
4.0

FileDescription
SecureViewer

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Paporize

CodeSize
24064

ProductName
SecureViewer Setup

ProductVersionNumber
0.2.2.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 0dded59745129ec87e3cb197e11a9419
SHA1 d904730056d5ef15174867a22f8b6bf0a978b715
SHA256 70a1999f0daae30ffae445b7dc10bf0c9301b4b58963cc79bf45ef4e91e778f8
ssdeep
196608:oJCn/K/tqvGn8njV0evQUdEqCGye4vx61nkTZ9rqR4PBsW4Ka/n4Q8oZaV9:oJCn/K/tqT5vQU+CyXvstSZ9mR4b4Kfb

authentihash dd541f2de9e073bf9ee4239571f7a763305bdb04ff9777d1a25876f06d9e17ed
imphash 7fa974366048f9c551ef45714595665e
File size 6.8 MB ( 7129056 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID NSIS - Nullsoft Scriptable Install System (94.8%)
Win32 Executable MS Visual C++ (generic) (3.4%)
Win32 Dynamic Link Library (generic) (0.7%)
Win32 Executable (generic) (0.5%)
Generic Win/DOS Executable (0.2%)
Tags
nsis peexe signed overlay

VirusTotal metadata
First submission 2015-06-24 16:50:42 UTC ( 3 years, 5 months ago )
Last submission 2015-06-24 16:50:42 UTC ( 3 years, 5 months ago )
File names setup-Paporize-SecureViewer-0.2.2.0.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!