× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7737e6a0dc811ae36e93af9d287f8ad12ef752c8726ff006d7cc6b69869f4bcd
File name: Legacy8Setup.exe
Detection ratio: 1 / 57
Analysis date: 2015-02-14 15:35:30 UTC ( 3 years, 11 months ago )
Antivirus Result Update
Symantec WS.Reputation.1 20150214
Ad-Aware 20150214
AegisLab 20150214
Yandex 20150214
AhnLab-V3 20150214
Alibaba 20150214
ALYac 20150214
Antiy-AVL 20150214
Avast 20150214
AVG 20150214
Avira (no cloud) 20150214
AVware 20150214
Baidu-International 20150214
BitDefender 20150214
Bkav 20150213
ByteHero 20150214
CAT-QuickHeal 20150214
ClamAV 20150213
CMC 20150214
Comodo 20150214
Cyren 20150214
DrWeb 20150214
Emsisoft 20150214
ESET-NOD32 20150214
F-Prot 20150214
F-Secure 20150214
Fortinet 20150214
GData 20150214
Ikarus 20150214
Jiangmin 20150212
K7AntiVirus 20150214
K7GW 20150214
Kaspersky 20150214
Kingsoft 20150214
Malwarebytes 20150214
McAfee 20150214
McAfee-GW-Edition 20150213
Microsoft 20150214
eScan 20150214
NANO-Antivirus 20150214
Norman 20150214
nProtect 20150213
Panda 20150214
Qihoo-360 20150214
Rising 20150214
Sophos AV 20150214
SUPERAntiSpyware 20150214
Tencent 20150214
TheHacker 20150213
TotalDefense 20150214
TrendMicro 20150214
TrendMicro-HouseCall 20150214
VBA32 20150213
VIPRE 20150214
ViRobot 20150214
Zillya 20150214
Zoner 20150213
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
1995-2014

Publisher Millennia Corporation
File version 8.0
Description Legacy Family Tree
Signature verification Signed file, verified signature
Signers
[+] Millennia Corporation
Status Valid
Issuer None
Valid from 10:28 PM 11/27/2013
Valid to 9:01 PM 1/18/2017
Valid usage Code Signing
Algorithm SHA1
Thumbprint 8C2FF00F2EDCA0EAF86685B340DBA0682AB93097
Serial number 04 40 48 32 49 6C 8E
[+] Go Daddy Secure Certification Authority
Status Valid
Issuer None
Valid from 2:54 AM 11/16/2006
Valid to 2:54 AM 11/16/2026
Valid usage All
Algorithm SHA1
Thumbprint 7C4656C3061F7F4C0D67B319A855F60EBC11FC44
Serial number 03 01
[+] Go Daddy Class 2 Certification Authority
Status Valid
Issuer None
Valid from 6:06 PM 6/29/2004
Valid to 6:06 PM 6/29/2034
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm SHA1
Thumbprint 2796BAE63F1801E277261BA0D77770028F20EEE4
Serial number 00
Packers identified
PEiD Wise Installer Stub
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1999-04-08 20:24:47
Entry Point 0x00001000
Number of sections 4
PE sections
PE imports
GetTempPathA
CreateProcessA
MapViewOfFile
UnmapViewOfFile
WaitForSingleObject
DeleteFileA
WriteFile
CloseHandle
GetTempFileNameA
CreateFileMappingA
CreateFileA
GetCommandLineA
GetModuleFileNameA
GetShortPathNameA
wsprintfA
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_RCDATA 1
Number of PE resources by language
ENGLISH US 4
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
0.0

FileVersionNumber
8.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
70905344

MIMEType
application/octet-stream

Subsystem
Windows GUI

XXXXXXXXXXXXXXXXXX
,FileDescription

FileVersion
8.0

XXXXXXXX
|,LegalCopyright

TimeStamp
1999:04:08 21:24:47+01:00

FileType
Win32 EXE

PEType
PE32

FileAccessDate
2015:02:14 16:35:38+01:00

SubsystemVersion
4.0

OSVersion
4.0

FileCreateDate
2015:02:14 16:35:38+01:00

FileOS
Windows 16-bit

acyFamilyTree
XXXXXXXXXXXXXXXXXXXXXXX

MachineType
Intel 386 or later, and compatibles

CompanyName
Millennia Corporation

CodeSize
512

FileSubtype
0

ProductVersionNumber
8.0.0.0

EntryPoint
0x1000

ObjectFileType
Executable application

File identification
MD5 92ee0287142858eb7d581968f6f38df6
SHA1 86132fd904f767fb85ff1ac4714e201889f01cc3
SHA256 7737e6a0dc811ae36e93af9d287f8ad12ef752c8726ff006d7cc6b69869f4bcd
ssdeep
1572864:pnX476HrG/oc+kkjnFGmONszqcrrWq/CHkNgaWsBH8:pnuf/o3jnFdEWqcH/6kN936

authentihash 4b40017c334b56decc48113c56e4e69c6ecd5236c60eaeba14202f6056221624
imphash 81638d02019c0bfcaaf23a9c69f2f12c
File size 67.6 MB ( 70909744 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Wise Installer executable (98.1%)
Win32 Dynamic Link Library (generic) (0.8%)
Win32 Executable (generic) (0.5%)
Generic Win/DOS Executable (0.2%)
DOS Executable Generic (0.2%)
Tags
peexe wise signed

VirusTotal metadata
First submission 2014-12-12 06:41:56 UTC ( 4 years, 1 month ago )
Last submission 2015-02-14 15:35:30 UTC ( 3 years, 11 months ago )
File names Legacy8Setup.exe
7737e6a0dc811ae36e93af9d287f8ad12ef752c8726ff006d7cc6b69869f4bcd
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!