× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8127135485f33c12aeb2c56688078adac1daa3fc74df337fe192f585796d0403
File name: diablo-3-6322-jetelecharge.exe
Detection ratio: 0 / 62
Analysis date: 2017-05-12 22:14:27 UTC ( 7 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware 20170512
AegisLab 20170512
AhnLab-V3 20170512
Alibaba 20170512
ALYac 20170512
Antiy-AVL 20170512
Arcabit 20170512
Avast 20170512
AVG 20170512
Avira (no cloud) 20170512
AVware 20170512
Baidu 20170503
BitDefender 20170512
Bkav 20170512
CAT-QuickHeal 20170512
ClamAV 20170512
CMC 20170512
Comodo 20170512
CrowdStrike Falcon (ML) 20170130
Cyren 20170512
DrWeb 20170512
Emsisoft 20170512
Endgame 20170503
ESET-NOD32 20170512
F-Prot 20170512
F-Secure 20170512
Fortinet 20170512
GData 20170512
Ikarus 20170512
Sophos ML 20170413
Jiangmin 20170512
K7AntiVirus 20170512
K7GW 20170512
Kaspersky 20170512
Kingsoft 20170512
Malwarebytes 20170512
McAfee 20170512
McAfee-GW-Edition 20170512
Microsoft 20170512
eScan 20170512
NANO-Antivirus 20170512
nProtect 20170512
Palo Alto Networks (Known Signatures) 20170512
Panda 20170512
Qihoo-360 20170512
Rising 20170512
SentinelOne (Static ML) 20170330
Sophos AV 20170512
SUPERAntiSpyware 20170512
Symantec 20170511
Symantec Mobile Insight 20170512
Tencent 20170512
TheHacker 20170508
TotalDefense 20170512
TrendMicro 20170512
TrendMicro-HouseCall 20170512
Trustlook 20170512
VBA32 20170512
VIPRE 20170512
ViRobot 20170512
Webroot 20170512
WhiteArmor 20170512
Yandex 20170512
Zillya 20170511
ZoneAlarm by Check Point 20170512
Zoner 20170512
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
© 2005-2011 Blizzard Entertainment Inc.

Product Blizzard Setup
Original name Diablo III Setup.exe
Internal name Diablo III Setup
File version 1, 0, 0, 480
Description Diablo III Setup
Signature verification Signed file, verified signature
Signing date 7:31 PM 11/15/2011
Signers
[+] Blizzard Entertainment, Inc.
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Thawte Code Signing CA - G2
Valid from 1:00 AM 9/30/2011
Valid to 12:59 AM 12/5/2013
Valid usage Code Signing, 1.3.6.1.4.1.311.2.1.22
Algorithm sha1RSA
Thumbprint 605347878273BF45A0C3841287C09515747CBB38
Serial number 7D F5 74 30 25 E2 C2 20 2A 6B BD 0A F8 E5 70 FC
[+] Thawte Code Signing CA - G2
Status Valid
Issuer thawte Primary Root CA
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 808D62642B7D1C4A9A83FD667F7A2A9D243FB1C7
Serial number 47 97 4D 78 73 A5 BC AB 0D 2F B3 70 19 2F CE 5E
[+] thawte
Status Valid
Issuer thawte Primary Root CA
Valid from 1:00 AM 11/17/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 91C6D6EE3E8AC86384E548C299295C756C817B81
Serial number 34 4E D5 57 20 D5 ED EC 49 F4 2F CE 37 DB 2B 6D
Counter signers
[+] VeriSign Time Stamping Services Signer - G2
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown., Error 65536 (0x10000), The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer VeriSign Time Stamping Services CA
Valid from 1:00 AM 6/15/2007
Valid to 12:59 AM 6/15/2012
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE
Serial number 38 25 D7 FA F8 61 AF 9E F4 90 E7 26 B5 D6 5A D5
[+] VeriSign Time Stamping Services CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-11-02 01:24:04
Entry Point 0x00064483
Number of sections 6
PE sections
Overlays
MD5 2b7637e8c09e36d5262cbc72fb914c84
File type data
Offset 1720832
Size 44384072
Entropy 8.00
PE imports
GetFileSecurityW
RegCloseKey
OpenProcessToken
GetUserNameW
DuplicateToken
AccessCheck
SetFileSecurityW
OpenThreadToken
RegOpenKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
MapGenericMask
InitCommonControlsEx
DeleteDC
CreateFontIndirectW
SetDCPenColor
SelectObject
GetStockObject
SetDCBrushColor
CreateSolidBrush
SetTextColor
GetObjectW
SetBkMode
SetBkColor
CreateDIBSection
CreateCompatibleDC
CreateFontW
Rectangle
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
WaitForSingleObject
GetDriveTypeA
FindFirstFileW
HeapAlloc
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
UnhandledExceptionFilter
ExpandEnvironmentStringsA
FreeEnvironmentStringsW
GetThreadContext
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
GetStringTypeA
GetDiskFreeSpaceW
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
Thread32First
HeapReAlloc
GetStringTypeW
GetThreadPriority
GetFullPathNameA
FreeLibrary
LocalFree
ResumeThread
GetExitCodeProcess
CreateEventW
OutputDebugStringW
FindClose
InterlockedDecrement
FormatMessageA
SetFileAttributesW
OutputDebugStringA
SetLastError
PeekNamedPipe
OpenThread
InitializeCriticalSection
GetUserDefaultLangID
LoadResource
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetVersionExA
GetModuleFileNameA
QueryPerformanceFrequency
EnumSystemLocalesA
SetThreadPriority
Module32First
LoadLibraryExW
MultiByteToWideChar
MoveFileW
SetFilePointer
GetFullPathNameW
CreateThread
Module32Next
SetUnhandledExceptionFilter
ReadFile
ExitThread
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
SetCurrentDirectoryW
VirtualQuery
GetDiskFreeSpaceExW
SetEndOfFile
GetVersion
LeaveCriticalSection
SleepEx
WriteConsoleW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
Process32Next
GetStartupInfoA
GetFileSize
Process32First
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetProcessHeap
GetComputerNameW
CompareStringW
GetFileSizeEx
RemoveDirectoryW
GetFileInformationByHandle
FindNextFileW
CompareStringA
CreateFileMappingA
Thread32Next
IsValidLocale
WaitForMultipleObjects
GetProcAddress
SetEvent
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
GetCurrentThreadId
InterlockedIncrement
GetLastError
SystemTimeToFileTime
LCMapStringW
GetShortPathNameW
UnmapViewOfFile
GetSystemInfo
GetConsoleCP
FindResourceW
LCMapStringA
GetEnvironmentStringsW
GetCPInfo
VirtualFree
Module32FirstW
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
GetCurrentDirectoryA
HeapSize
SetThreadAffinityMask
InterlockedCompareExchange
GetCurrentThread
SuspendThread
RaiseException
MapViewOfFile
TlsFree
GetModuleHandleA
Module32NextW
FindFirstFileA
CloseHandle
lstrcpynA
GetACP
GetModuleHandleW
FreeResource
GetFileAttributesExW
TlsGetValue
IsValidCodePage
HeapCreate
FindResourceExW
CreateProcessW
Sleep
IsBadReadPtr
IsBadStringPtrA
VirtualAlloc
AlphaBlend
VariantClear
SHGetFolderPathW
ShellExecuteW
ShellExecuteExW
CommandLineToArgvW
EndPaint
UpdateWindow
SystemParametersInfoW
EnumWindows
DefWindowProcW
PostQuitMessage
ShowWindow
GetWindowThreadProcessId
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
RegisterClassExW
AdjustWindowRectEx
TranslateMessage
PostMessageW
GetSysColor
DispatchMessageW
ReleaseDC
BeginPaint
SendMessageW
GetClientRect
DrawTextW
GetDC
InvalidateRect
GetSysColorBrush
LoadCursorW
LoadIconW
CreateWindowExW
GetWindowLongW
DestroyWindow
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
InternetSetCookieW
HttpSendRequestA
InternetReadFileExA
InternetSetOptionA
HttpOpenRequestA
InternetCloseHandle
InternetOpenA
InternetConnectA
InternetSetStatusCallbackA
HttpQueryInfoA
InternetCrackUrlA
getaddrinfo
accept
ioctlsocket
WSAStartup
freeaddrinfo
connect
getsockname
htons
getpeername
WSAGetLastError
gethostname
getsockopt
closesocket
send
ntohs
select
listen
__WSAFDIsSet
WSACleanup
WSASetLastError
recv
setsockopt
socket
bind
recvfrom
sendto
PE exports
Number of PE resources by type
RT_ICON 8
RT_BITMAP 2
RT_MANIFEST 1
RT_VERSION 1
PNG 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 14
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.480

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
546304

EntryPoint
0x64483

OriginalFileName
Diablo III Setup.exe

MIMEType
application/octet-stream

LegalCopyright
2005-2011 Blizzard Entertainment Inc.

FileVersion
1, 0, 0, 480

TimeStamp
2011:11:02 02:24:04+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Diablo III Setup

ProductVersion
1, 0, 0, 480

FileDescription
Diablo III Setup

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Blizzard Entertainment

CodeSize
1173504

ProductName
Blizzard Setup

ProductVersionNumber
1.0.0.480

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 32020ecc7e5c4ebbf056fa4274e28074
SHA1 775ad19b706339e6ffe5e7fce3436aba42bec531
SHA256 8127135485f33c12aeb2c56688078adac1daa3fc74df337fe192f585796d0403
ssdeep
786432:zOnGGiu+2FUp63ljfbTfxCOY/AVLEaBrvjkebfbTfxCOY/AVLEaBrvT:sGGiu+26Sh/x70OEWvgc/x70OEWvT

authentihash db902f7f01b290327e3c3b025ee38811728b9a554a535aeb919823b425adf46f
imphash bc2447d04e539022626c7fe662851943
File size 44.0 MB ( 46104904 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2012-03-03 02:45:27 UTC ( 5 years, 9 months ago )
Last submission 2017-05-12 22:14:27 UTC ( 7 months, 1 week ago )
File names 8127135485F33C12AEB2C56688078ADAC1DAA3FC74DF337FE192F585796D0403.exe
Diablo III Setup.exe
Diablo-III-Beta-enUS-Setup.exe
diablo-3-6322-jetelecharge.exe
diablo-3-6322-jetelecharge.exe
Diablo III Setup
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!