× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 72bc8b4e9576c264d5b0495b22d29e303ee4069ea61b42bbaf8b653340851ec8
File name: 72bc8b4e9576c264d5b0495b22d29e303ee4069ea61b42bbaf8b653340851ec8
Detection ratio: 0 / 66
Analysis date: 2017-12-19 11:18:02 UTC ( 2 months ago ) View latest
Antivirus Result Update
Ad-Aware 20171219
AegisLab 20171219
AhnLab-V3 20171219
Alibaba 20171219
ALYac 20171219
Antiy-AVL 20171219
Arcabit 20171219
Avast 20171219
Avast-Mobile 20171218
AVG 20171219
Avira (no cloud) 20171219
AVware 20171219
Baidu 20171219
BitDefender 20171219
Bkav 20171218
CAT-QuickHeal 20171219
ClamAV 20171219
CMC 20171218
Comodo 20171219
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20171219
Cyren 20171219
DrWeb 20171219
eGambit 20171219
Emsisoft 20171219
Endgame 20171130
ESET-NOD32 20171219
F-Prot 20171219
F-Secure 20171219
Fortinet 20171219
GData 20171219
Sophos ML 20170914
Jiangmin 20171218
K7AntiVirus 20171219
K7GW 20171219
Kaspersky 20171219
Kingsoft 20171219
Malwarebytes 20171219
MAX 20171219
McAfee 20171219
McAfee-GW-Edition 20171219
Microsoft 20171219
eScan 20171219
NANO-Antivirus 20171219
nProtect 20171219
Palo Alto Networks (Known Signatures) 20171219
Panda 20171218
Qihoo-360 20171219
Rising 20171219
SentinelOne (Static ML) 20171207
Sophos AV 20171219
SUPERAntiSpyware 20171219
Symantec 20171219
Symantec Mobile Insight 20171219
Tencent 20171219
TheHacker 20171210
TotalDefense 20171219
TrendMicro-HouseCall 20171219
Trustlook 20171219
VBA32 20171218
VIPRE 20171219
ViRobot 20171219
Webroot 20171219
WhiteArmor 20171204
Yandex 20171219
Zillya 20171218
ZoneAlarm by Check Point 20171219
Zoner 20171219
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
(C) 2017 Malwarebytes

Product AdwCleaner
Original name AdwCleaner.exe
Internal name AdwCleaner
File version 7.0.1.0
Description AdwCleaner
Signature verification Signed file, verified signature
Signing date 5:00 AM 7/23/2017
Signers
[+] Malwarebytes Corporation
Status Valid
Issuer DigiCert Assured ID Code Signing CA-1
Valid from 1:00 AM 7/21/2016
Valid to 1:00 PM 7/25/2019
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 249BDA38A611CD746A132FA2AF995A2D3C941264
Serial number 04 4E 3B F5 89 76 88 0F FD 07 44 48 A8 F7 A0 58
[+] DigiCert Assured ID Code Signing CA-1
Status Valid
Issuer DigiCert Assured ID Root CA
Valid from 1:00 PM 2/11/2011
Valid to 1:00 PM 2/10/2026
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 409AA4A74A0CDA7C0FEE6BD0BB8823D16B5F1875
Serial number 0F A8 49 06 15 D7 00 A0 BE 21 76 FD C5 EC 6D BD
[+] DigiCert
Status Valid
Issuer DigiCert Assured ID Root CA
Valid from 1:00 AM 11/10/2006
Valid to 1:00 AM 11/10/2031
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha1RSA
Thumbprint 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Serial number 0C E7 E0 E5 17 D8 46 FE 8F E5 60 FC 1B F0 30 39
Counter signers
[+] DigiCert Timestamp Responder
Status Valid
Issuer DigiCert Assured ID CA-1
Valid from 1:00 AM 10/22/2014
Valid to 1:00 AM 10/22/2024
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 614D271D9102E30169822487FDE5DE00A352B01D
Serial number 03 01 9A 02 3A FF 58 B1 6B D6 D5 EA E6 17 F0 66
[+] DigiCert Assured ID CA-1
Status Valid
Issuer DigiCert Assured ID Root CA
Valid from 1:00 AM 11/10/2006
Valid to 1:00 AM 11/10/2021
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing
Algorithm sha1RSA
Thumbrint 19A09B5A36F4DD99727DF783C17A51231A56C117
Serial number 06 FD F9 03 96 03 AD EA 00 0A EB 3F 27 BB BA 1B
[+] DigiCert
Status Valid
Issuer DigiCert Assured ID Root CA
Valid from 1:00 AM 11/10/2006
Valid to 1:00 AM 11/10/2031
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha1RSA
Thumbrint 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Serial number 0C E7 E0 E5 17 D8 46 FE 8F E5 60 FC 1B F0 30 39
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-07-23 04:00:18
Entry Point 0x0037C73D
Number of sections 6
PE sections
Overlays
MD5 fafddbaff5bccf2f5c564b72a5c5ab7f
File type data
Offset 8145408
Size 15312
Entropy 7.19
PE imports
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
ConvertSidToStringSidW
RegDeleteTreeW
RegCreateKeyW
OpenServiceW
AdjustTokenPrivileges
ControlService
LookupPrivilegeValueW
RegOpenKeyExW
RegRestoreKeyW
DeleteService
CryptHashData
RegQueryValueExW
CryptCreateHash
CloseServiceHandle
OpenProcessToken
RegGetValueW
RegEnumKeyW
RegDeleteKeyValueW
IsValidSid
SystemFunction036
LookupAccountNameW
CryptReleaseContext
GetUserNameW
EnumServicesStatusExW
RegQueryInfoKeyW
RegDeleteValueW
RegEnumKeyExW
CryptAcquireContextW
CryptDestroyHash
RegEnumValueW
RegSetValueExW
FreeSid
CryptGetHashParam
OpenSCManagerW
QueryServiceStatusEx
RegDeleteKeyExW
RegSaveKeyW
EnumDependentServicesW
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_BeginDrag
ImageList_Destroy
ImageList_SetBkColor
ImageList_Draw
ImageList_GetImageInfo
ImageList_Create
ImageList_Remove
ImageList_DragEnter
ImageList_DragMove
ImageList_DragLeave
Ord(17)
Ord(16)
ImageList_Add
ImageList_Replace
ImageList_Copy
ImageList_ReplaceIcon
ImageList_SetDragCursorImage
ImageList_EndDrag
ImageList_GetIcon
PrintDlgW
GetOpenFileNameW
ChooseFontW
GetSaveFileNameW
CommDlgExtendedError
PageSetupDlgW
CertFreeCertificateContext
CryptBinaryToStringW
CryptVerifyMessageSignature
CertGetNameStringW
GetCharABCWidthsW
GetTextMetricsW
SetMapMode
GetPaletteEntries
CombineRgn
GetObjectType
SetLayout
SetPixel
SetWorldTransform
DeleteObject
CreatePalette
EqualRgn
CreateDIBitmap
GetDIBits
ExtCreateRegion
StretchBlt
StretchDIBits
Pie
SetWindowExtEx
Arc
ExtCreatePen
SetBkColor
GetBkColor
GetDIBColorTable
DeleteEnhMetaFile
GetSystemPaletteEntries
GetClipBox
CreateRectRgnIndirect
GetEnhMetaFileW
GetPixel
GetLayout
ExcludeClipRect
SetBkMode
RectInRegion
PtInRegion
GetRegionData
BitBlt
CreateEnhMetaFileW
SetAbortProc
SelectPalette
GetOutlineTextMetricsW
ExtSelectClipRgn
CloseEnhMetaFile
SetROP2
EndPage
GetNearestPaletteIndex
PolyPolygon
SetViewportExtEx
SetGraphicsMode
CreatePen
SetStretchBltMode
Rectangle
GetDeviceCaps
LineTo
DeleteDC
EndDoc
CreateFontIndirectW
GetWorldTransform
StartPage
GetObjectW
CreateDCW
RealizePalette
CreateHatchBrush
CreatePatternBrush
OffsetRgn
ExtTextOutW
CreateBitmap
GetStockObject
PlayEnhMetaFile
GdiFlush
SelectClipRgn
RoundRect
GetEnhMetaFileHeader
SetWindowOrgEx
GetTextExtentPoint32W
Polygon
GetRgnBox
CreateICW
MaskBlt
ModifyWorldTransform
GetTextExtentExPointW
CreateDIBSection
SetTextColor
ExtFloodFill
MoveToEx
EnumFontFamiliesExW
SetViewportOrgEx
CreateCompatibleDC
PolyBezier
SetBrushOrgEx
CreateRectRgn
SelectObject
SetPolyFillMode
CreateCompatibleBitmap
CreateSolidBrush
Polyline
StartDocW
Ellipse
SetThreadLocale
GetStdHandle
GetDriveTypeW
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
HeapDestroy
EncodePointer
SetConsoleCursorPosition
GetFileAttributesW
GetExitCodeProcess
DeleteCriticalSection
FindFirstFileExW
GetConsoleMode
LocalAlloc
UnhandledExceptionFilter
SetErrorMode
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetFileTime
GetTempPathA
GetCPInfo
GetDiskFreeSpaceW
GetTempPathW
MoveFileA
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
GetStringTypeW
GetFullPathNameA
GetOEMCP
LocalFree
FormatMessageW
ResumeThread
CreateEventW
OutputDebugStringW
GetLogicalDriveStringsW
FindClose
TlsGetValue
MoveFileW
GetFullPathNameW
GetPrivateProfileSectionNamesW
OutputDebugStringA
GetEnvironmentVariableW
SetLastError
VirtualLock
GetSystemTime
InitializeCriticalSection
CopyFileW
LoadResource
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
FlushViewOfFile
LoadLibraryA
VerSetConditionMask
SetThreadPriority
EnumSystemLocalesW
LoadLibraryExW
MultiByteToWideChar
VerifyVersionInfoW
SetFilePointerEx
GetPrivateProfileStringW
FormatMessageA
SetFilePointer
SetFileAttributesW
LockFileEx
CreateThread
SetEnvironmentVariableW
MoveFileExW
GetSystemDirectoryW
Wow64DisableWow64FsRedirection
GetExitCodeThread
SetUnhandledExceptionFilter
GetCurrentProcess
CreateMutexW
MulDiv
IsProcessorFeaturePresent
ExitThread
GetUserDefaultLocaleName
DecodePointer
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
GetModuleHandleExW
SetCurrentDirectoryW
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
GetProcAddress
WriteConsoleW
CreateToolhelp32Snapshot
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
TerminateThread
LoadLibraryW
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
UnlockFileEx
VirtualProtect
FlushFileBuffers
FillConsoleOutputCharacterW
RtlUnwind
FreeLibrary
GlobalSize
UnlockFile
GetWindowsDirectoryW
GetFileSize
OpenProcess
DeleteFileA
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetConsoleScreenBufferInfo
GetProcessHeap
GetTempFileNameW
GetComputerNameW
EnumResourceNamesW
CompareStringW
RemoveDirectoryW
ExpandEnvironmentStringsW
FindNextFileW
HeapValidate
FreeConsole
CreateFileMappingA
FindFirstFileW
IsValidLocale
lstrcmpW
WaitForMultipleObjects
GlobalLock
CreateFileMappingW
GetTimeZoneInformation
CreateFileW
CopyFileA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetNativeSystemInfo
GetLastError
AttachConsole
SystemTimeToFileTime
LCMapStringW
HeapCreate
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
FindResourceW
HeapReAlloc
GetTimeFormatW
GetThreadLocale
GetVolumeInformationW
GetEnvironmentStringsW
GlobalUnlock
QueryPerformanceFrequency
LockFile
lstrlenW
Process32NextW
VirtualFree
HeapCompact
WaitForSingleObjectEx
SwitchToThread
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCommandLineW
WideCharToMultiByte
HeapSize
RaiseException
GetCommandLineA
Process32FirstW
GetCurrentThread
ReadConsoleW
MapViewOfFile
TlsFree
GetModuleHandleA
VirtualUnlock
ReadFile
CloseHandle
ReadConsoleOutputCharacterA
GetACP
GetModuleHandleW
GetFileAttributesExW
GetLongPathNameW
CreateProcessA
IsValidCodePage
UnmapViewOfFile
WriteFile
CreateProcessW
Sleep
IsBadReadPtr
IsBadStringPtrA
InitializeCriticalSectionEx
VirtualAlloc
AlphaBlend
GradientFill
VarBstrFromCy
SysFreeString
SysStringLen
VariantClear
SysAllocString
RpcStringFreeW
UuidToStringW
SHGetFolderPathW
DragFinish
DragQueryFileW
DragAcceptFiles
SHFileOperationW
ShellExecuteW
DragQueryPoint
ExtractIconExW
ShellExecuteExW
SHGetFileInfoW
ExtractIconW
PathIsRelativeW
StrTrimW
Ord(487)
PathAddBackslashW
PathCanonicalizeW
SHAutoComplete
RedrawWindow
GetMessagePos
SetWindowRgn
UnregisterHotKey
LoadBitmapW
MoveWindow
EnableScrollBar
DestroyMenu
PostQuitMessage
DrawStateW
SetWindowPos
DdeDisconnect
IsWindow
EndPaint
DdePostAdvise
WindowFromPoint
DdeCreateStringHandleW
GetMessageTime
VkKeyScanW
SetMenuItemInfoW
GetMenuItemID
GetCursorPos
ChildWindowFromPointEx
SendMessageW
UnregisterClassW
GetClassInfoW
DdeInitializeW
DefWindowProcW
DrawTextW
LoadImageW
CallNextHookEx
DdeFreeDataHandle
IsClipboardFormatAvailable
GetClientRect
DdeQueryStringW
GetActiveWindow
ShowCursor
GetUpdateRgn
DdeCreateDataHandle
GetWindowTextW
ChangeDisplaySettingsExW
GetWindowTextLengthW
MsgWaitForMultipleObjects
ScrollWindow
PtInRect
DrawEdge
RegisterHotKey
GetParent
UpdateWindow
EnumWindows
GetMessageW
ShowWindow
SetMenuInfo
DrawFrameControl
EnumDisplayMonitors
ValidateRgn
PeekMessageW
InsertMenuItemW
CharUpperW
GetClipboardFormatNameW
EnumDisplaySettingsW
ChildWindowFromPoint
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
GetIconInfo
SetParent
RegisterClassW
CharLowerA
IsZoomed
GetWindowPlacement
SetWindowLongW
DrawMenuBar
EnableMenuItem
GetSubMenu
CreateMenu
DdeClientTransaction
IsDialogMessageW
EnableWindow
MonitorFromPoint
CreateAcceleratorTableW
GetSysColorBrush
GetDialogBaseUnits
DdeConnect
CreateWindowExW
GetWindowLongW
DestroyWindow
MapWindowPoints
RegisterWindowMessageW
GetMonitorInfoW
BeginPaint
OffsetRect
SetFocus
DdeFreeStringHandle
keybd_event
KillTimer
MapVirtualKeyW
GetComboBoxInfo
CheckMenuRadioItem
GetSystemMetrics
IsIconic
DdeGetData
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
CreateIconIndirect
PostMessageW
CreateDialogParamW
CreatePopupMenu
CheckMenuItem
DrawFocusRect
DrawIconEx
SetWindowTextW
SetTimer
GetDlgItem
BringWindowToTop
GetSystemMenu
ClientToScreen
TrackPopupMenu
PostThreadMessageW
GetMenuItemCount
DestroyAcceleratorTable
GetMenuState
SetWindowsHookExW
LoadCursorW
LoadIconW
FindWindowExW
GetDC
InsertMenuW
FillRect
SetForegroundWindow
ExitWindowsEx
GetMenuItemInfoW
GetAsyncKeyState
CreateDialogIndirectParamW
ReleaseDC
SetLayeredWindowAttributes
GetScrollInfo
HideCaret
CopyRect
GetCapture
ScreenToClient
MessageBeep
RemoveMenu
GetWindowThreadProcessId
DeferWindowPos
BeginDeferWindowPos
MessageBoxW
DdeUninitialize
FlashWindowEx
SetMenu
SetRectEmpty
MessageBoxA
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
DispatchMessageW
RegisterClipboardFormatW
SetScrollInfo
GetKeyState
EndDeferWindowPos
GetProcessDefaultLayout
GetDoubleClickTime
DestroyIcon
IsWindowVisible
GetDesktopWindow
DdeNameService
SetCursorPos
SystemParametersInfoW
UnionRect
MonitorFromWindow
SetRect
InvalidateRect
AnimateWindow
CallWindowProcW
GetClassNameW
ModifyMenuW
ValidateRect
IsRectEmpty
GetFocus
wsprintfW
DdeGetLastError
SetCursor
UnhookWindowsHookEx
TranslateAcceleratorW
GetProfilesDirectoryW
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
WinHttpSetOption
WinHttpConnect
WinHttpQueryHeaders
WinHttpSendRequest
WinHttpCloseHandle
WinHttpQueryDataAvailable
WinHttpSetStatusCallback
WinHttpReceiveResponse
WinHttpQueryOption
WinHttpOpen
WinHttpOpenRequest
WinHttpReadData
DocumentPropertiesW
ClosePrinter
OpenPrinterW
WinVerifyTrust
ImageEnumerateCertificates
ImageGetCertificateHeader
ImageGetCertificateData
CoInitializeEx
OleUninitialize
CoUninitialize
CoInitialize
OleInitialize
CoLockObjectExternal
ReleaseStgMedium
CoCreateGuid
RegisterDragDrop
CoCreateInstance
CoInitializeSecurity
DoDragDrop
RevokeDragDrop
OleSetClipboard
OleGetClipboard
OleFlushClipboard
CoTaskMemFree
OleIsCurrentClipboard
CoSetProxyBlanket
CoTaskMemAlloc
Number of PE resources by type
MOFILE 28
RT_ICON 6
BINARY 1
RT_RCDATA 1
RT_MANIFEST 1
RT_BITMAP 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 40
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
Malwarebytes

SubsystemVersion
6.0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.0.1.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
AdwCleaner

CharacterSet
Unicode

InitializedDataSize
3822592

EntryPoint
0x37c73d

OriginalFileName
AdwCleaner.exe

MIMEType
application/octet-stream

LegalCopyright
(C) 2017 Malwarebytes

FileVersion
7.0.1.0

TimeStamp
2017:07:23 05:00:18+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
AdwCleaner

ProductVersion
7

UninitializedDataSize
0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Malwarebytes

CodeSize
4549632

ProductName
AdwCleaner

ProductVersionNumber
7.0.1.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 8d099d63e7f3c20600ade80a86d06acf
SHA1 77137cffe7f26ada622ce0779577aa482b8d9b6b
SHA256 72bc8b4e9576c264d5b0495b22d29e303ee4069ea61b42bbaf8b653340851ec8
ssdeep
196608:VEV19iv2Yf5HT4KJ4JtD3Wf3thzzrXJssCa2U:VEIv2Yf5B2tydles

authentihash 3fef4b922753881f827fb43bb39c3cb4d9f463cfc18d1b21fdd65b5d5e0ce97c
imphash c68a2a8b2de4fd3d952a51800fbe8517
File size 7.8 MB ( 8160720 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Windows ActiveX control (93.1%)
Win32 Executable (generic) (3.6%)
Generic Win/DOS Executable (1.6%)
DOS Executable Generic (1.5%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2017-07-23 05:01:29 UTC ( 7 months ago )
Last submission 2017-08-25 16:40:01 UTC ( 5 months, 4 weeks ago )
File names adwcleaner_7.0.1.0.exe
adwcleaner(1).exe
AdwCleaner
adwcleaner_7.0.1.0 (1).exe
adwcleaner.exe
adwcleaner_7.0.1.0.exe
adwcleaner_7.0.1.0.exe
AdwCleaner.exe
adwcleaner_7.0.1.0 (4).exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!