× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 837d97a7d82890cf0c7a36478349306d9b7889b1b58bce8b1aa91eb235ee4dea
File name: AhnLabV3InternetSecurity_8.0_Softonic.exe
Detection ratio: 0 / 55
Analysis date: 2015-07-16 03:34:47 UTC ( 2 years, 2 months ago ) View latest
Antivirus Result Update
Ad-Aware 20150715
AegisLab 20150715
Yandex 20150713
AhnLab-V3 20150715
Alibaba 20150715
ALYac 20150715
Antiy-AVL 20150715
Arcabit 20150715
Avast 20150715
AVG 20150715
Avira (no cloud) 20150715
AVware 20150715
Baidu-International 20150715
BitDefender 20150715
Bkav 20150715
ByteHero 20150716
CAT-QuickHeal 20150715
ClamAV 20150715
Comodo 20150715
Cyren 20150715
DrWeb 20150715
Emsisoft 20150715
ESET-NOD32 20150715
F-Prot 20150714
F-Secure 20150715
Fortinet 20150715
GData 20150715
Ikarus 20150715
Jiangmin 20150714
K7AntiVirus 20150715
K7GW 20150715
Kaspersky 20150715
Kingsoft 20150716
Malwarebytes 20150715
McAfee 20150715
McAfee-GW-Edition 20150715
Microsoft 20150715
eScan 20150715
NANO-Antivirus 20150715
nProtect 20150715
Panda 20150715
Qihoo-360 20150716
Rising 20150713
Sophos AV 20150715
SUPERAntiSpyware 20150715
Symantec 20150715
Tencent 20150716
TheHacker 20150713
TrendMicro 20150715
TrendMicro-HouseCall 20150715
VBA32 20150715
VIPRE 20150715
ViRobot 20150715
Zillya 20150715
Zoner 20150715
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (c), AhnLab, Inc. 1988-2005, All rights reserved.

File version 8.0.1.488
Description AhnLab V3 Internet Security 8.0
Signature verification Signed file, verified signature
Signing date 3:16 AM 9/28/2009
Signers
[+] AhnLab
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2004 CA
Valid from 1:00 AM 10/6/2008
Valid to 12:59 AM 10/7/2009
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 7E4D38FE06B8A1B00BC7DF8B6ABF1DE311D03837
Serial number 2F FF 4C BB 36 84 A2 14 EB A5 4B DC D2 CE 51 2A
[+] VeriSign Class 3 Code Signing 2004 CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Class 3 Public Primary Certification Authority
Valid from 1:00 AM 7/16/2004
Valid to 12:59 AM 7/16/2014
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 197A4AEBDB25F0170079BB8C73CB2D655E0018A4
Serial number 41 91 A1 5A 39 78 DF CF 49 65 66 38 1D 4C 75 C2
[+] VeriSign Class 3 Public Primary CA
Status Valid
Issuer Class 3 Public Primary Certification Authority
Valid from 1:00 AM 1/29/1996
Valid to 12:59 AM 8/2/2028
Valid usage Email Protection, Client Auth, Code Signing, Server Auth
Algorithm md2RSA
Thumbprint 742C3192E607E424EB4549542BE1BBC53E6174E2
Serial number 70 BA E4 1D 10 D9 29 34 B6 38 CA 7B 03 CC BA BF
Counter signers
[+] Comodo Time Stamping Signer
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer UTN-USERFirst-Object
Valid from 1:00 AM 5/17/2005
Valid to 12:59 AM 5/17/2010
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 95B2B8E34EB2CB768144ED07433EF0A3AFCAEEC0
Serial number 4F 63 D0 30 F8 15 A3 A5 B3 44 69 40 06 3D 16 89
[+] UTN-USERFirst-Object
Status Valid
Issuer AddTrust External CA Root
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm sha1RSA
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] The USERTrust Network?
Status Valid
Issuer AddTrust External CA Root
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Packers identified
F-PROT ZIP, appended, UPX_LZMA, Aspack, NSIS, 7Z
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-06-08 06:26:12
Entry Point 0x0001281F
Number of sections 4
PE sections
Overlays
MD5 57fdaa8ab13de50914ed41f9e47deb8b
File type data
Offset 148480
Size 75240000
Entropy 8.00
PE imports
GetStdHandle
WaitForSingleObject
FindFirstFileW
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
FreeEnvironmentStringsW
SetFileAttributesA
GetTempPathA
GetCPInfo
GetStringTypeA
WriteFile
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetOEMCP
LocalFree
FormatMessageW
InitializeCriticalSection
FindClose
InterlockedDecrement
FormatMessageA
GetFullPathNameW
SetLastError
GetEnvironmentVariableA
GetModuleFileNameW
HeapAlloc
GetModuleFileNameA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
SetFilePointer
SetFileAttributesW
CreateThread
SetUnhandledExceptionFilter
TerminateProcess
SetEndOfFile
GetVersion
LeaveCriticalSection
SetCurrentDirectoryA
AreFileApisANSI
HeapFree
EnterCriticalSection
SetHandleCount
SetEvent
IsBadWritePtr
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
CompareStringW
RemoveDirectoryW
FindFirstFileA
CompareStringA
GetTempFileNameA
FindNextFileA
GetProcAddress
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LCMapStringW
lstrlenA
LCMapStringA
GetEnvironmentStringsW
RemoveDirectoryA
GetEnvironmentStrings
SetFileTime
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
RaiseException
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetCurrentThreadId
CreateProcessA
WideCharToMultiByte
HeapCreate
VirtualFree
IsBadReadPtr
IsBadCodePtr
VirtualAlloc
ResetEvent
VariantClear
SysAllocString
CharUpperA
MessageBoxW
CharUpperW
Number of PE resources by type
RT_ICON 6
RT_STRING 2
RT_GROUP_ICON 2
RT_DIALOG 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 12
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileVersionNumber
8.0.1.488

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
53248

EntryPoint
0x1281f

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
8.0.1.488

TimeStamp
2006:06:08 07:26:12+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
8.0.1.488

FileDescription
AhnLab V3 Internet Security 8.0

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright (c), AhnLab, Inc. 1988-2005, All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
AhnLab, Inc.

CodeSize
97280

FileSubtype
0

ProductVersionNumber
8.0.1.488

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 20167208746a271d87d55bc1724760f5
SHA1 766528eeb43411939a3e9de57a58860956ae0f08
SHA256 837d97a7d82890cf0c7a36478349306d9b7889b1b58bce8b1aa91eb235ee4dea
ssdeep
1572864:RzL/3SmybG/1MhrerT+IKbEsjYQ5tHKBS8ONxI0:RH/3NFjrT6wsjTtHYS8sxI0

authentihash 808c7bfc164c2b08f7f2fba716571bcabdc88741ab6ddd9432e398befd6e42ca
imphash 7cf9444707a0c9ad03d94f930dc3134f
File size 71.9 MB ( 75388480 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (76.4%)
Win32 Executable (generic) (12.4%)
Generic Win/DOS Executable (5.5%)
DOS Executable Generic (5.5%)
Tags
peexe overlay aspack signed nsis armadillo software-collection

VirusTotal metadata
First submission 2015-02-07 18:31:49 UTC ( 2 years, 7 months ago )
Last submission 2017-03-23 10:17:21 UTC ( 6 months ago )
File names AhnLabV3InternetSecurity_8.0_Softonic.exe
AhnLabV3InternetSecurity_8.0_Softonic.exe
837D97A7D82890CF0C7A36478349306D9B7889B1B58BCE8B1AA91EB235EE4DEA
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!