× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 83df8f4349882ff858d77f557531d85fb9f57b097b1af22486fa4bf5351ba3cc
File name: PortableGit-2.21.0-32-bit.7z.exe
Detection ratio: 1 / 64
Analysis date: 2019-02-27 08:15:16 UTC ( 1 month, 3 weeks ago ) View latest
Antivirus Result Update
Zillya Trojan.Agent.Win32.930577 20190226
Acronis 20190222
Ad-Aware 20190226
AegisLab 20190226
AhnLab-V3 20190226
Alibaba 20180921
ALYac 20190226
Antiy-AVL 20190226
Arcabit 20190226
Avast 20190226
Avast-Mobile 20190226
AVG 20190226
Avira (no cloud) 20190226
Babable 20180917
Baidu 20190214
BitDefender 20190226
CAT-QuickHeal 20190225
ClamAV 20190226
CMC 20190226
Comodo 20190226
CrowdStrike Falcon (ML) 20190212
Cybereason 20190109
Cylance 20190227
Cyren 20190226
DrWeb 20190227
eGambit 20190227
Emsisoft 20190226
Endgame 20190215
ESET-NOD32 20190226
Fortinet 20190226
GData 20190226
Sophos ML 20181128
Jiangmin 20190226
K7AntiVirus 20190226
K7GW 20190226
Kaspersky 20190226
Kingsoft 20190227
Malwarebytes 20190226
MAX 20190227
McAfee 20190226
McAfee-GW-Edition 20190226
Microsoft 20190226
eScan 20190226
NANO-Antivirus 20190226
Palo Alto Networks (Known Signatures) 20190227
Panda 20190226
Qihoo-360 20190227
Rising 20190226
SentinelOne (Static ML) 20190203
Sophos AV 20190226
SUPERAntiSpyware 20190220
Symantec 20190226
Symantec Mobile Insight 20190220
TACHYON 20190226
Tencent 20190227
TheHacker 20190224
TotalDefense 20190226
Trapmine 20190123
TrendMicro 20190226
TrendMicro-HouseCall 20190226
Trustlook 20190227
VBA32 20190226
ViRobot 20190226
Webroot 20190227
Yandex 20190226
ZoneAlarm by Check Point 20190226
Zoner 20190226
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (c) 1999-2016 Igor Pavlov

Product 7-Zip
Original name 7zS.sfx.exe
Internal name 7zS.sfx
File version 16.04
Description 7z Setup SFX
Signature verification Signed file, verified signature
Signing date 9:17 PM 2/26/2019
Signers
[+] Johannes Schindelin
Status Valid
Issuer COMODO RSA Code Signing CA
Valid from 11:00 PM 06/11/2018
Valid to 10:59 PM 06/12/2019
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 40638A577904B7C1813FED7FFA5C09396BD723CE
Serial number 49 A7 43 48 45 17 1C F0 EA F0 BF 28 07 25 46 37
[+] COMODO RSA Code Signing CA
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 11:00 PM 05/08/2013
Valid to 10:59 PM 05/08/2028
Valid usage Code Signing
Algorithm sha384RSA
Thumbprint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
[+] COMODO SECURE™
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 12:00 AM 01/19/2010
Valid to 11:59 PM 01/18/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha384RSA
Thumbprint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
Counter signers
[+] COMODO SHA-256 Time Stamping Signer
Status Valid
Issuer UTN-USERFirst-Object
Valid from 12:00 AM 12/31/2015
Valid to 05:40 PM 07/09/2019
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 36527D4FA26A68F9EB4596F1D99ABB2C0EA76DFA
Serial number 4E B0 87 8F CC 24 35 36 B2 D8 C9 F7 BF 39 55 77
[+] USERTrust (Code Signing)
Status Valid
Issuer UTN-USERFirst-Object
Valid from 05:31 PM 07/09/1999
Valid to 05:40 PM 07/09/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm sha1RSA
Thumbrint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
Packers identified
F-PROT maxorder, appended, 7Z, UTF-8
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-04-05 22:33:08
Entry Point 0x0002075F
Number of sections 5
PE sections
Overlays
MD5 ca6e8c53cd52c4af7c95cb6ff62f1c8d
File type data
Offset 477184
Size 41704256
Entropy 8.00
PE imports
GetStdHandle
GetFileAttributesA
WaitForSingleObject
FindFirstFileW
EncodePointer
GetFileAttributesW
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
UnhandledExceptionFilter
GetFileInformationByHandle
lstrcatW
InitializeSListHead
GetLocaleInfoW
SetStdHandle
GetTempPathA
WideCharToMultiByte
GetTempPathW
FormatMessageW
GetSystemTimeAsFileTime
GetCPInfo
HeapReAlloc
GetStringTypeW
SetFileAttributesA
FreeLibrary
LocalFree
MoveFileA
ResumeThread
GetLogicalDriveStringsA
FreeLibraryAndExitThread
InitializeCriticalSection
OutputDebugStringW
GetLogicalDriveStringsW
FindClose
TlsGetValue
MoveFileW
SetFileAttributesW
OutputDebugStringA
InterlockedPushEntrySList
SetLastError
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
LoadLibraryExA
SetConsoleCtrlHandler
GetUserDefaultLCID
EnumSystemLocalesW
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
FormatMessageA
GetModuleHandleA
CreateSemaphoreA
CreateThread
SetEnvironmentVariableW
GetSystemDirectoryW
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetSystemDirectoryA
DecodePointer
SetEnvironmentVariableA
TerminateProcess
FindCloseChangeNotification
GetModuleHandleExW
SetCurrentDirectoryW
SetEndOfFile
GetCurrentThreadId
SetCurrentDirectoryA
WriteConsoleW
CloseHandle
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
ExitThread
GetWindowsDirectoryW
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CompareStringW
RemoveDirectoryW
FreeEnvironmentStringsW
FindFirstFileExA
FindNextFileW
ResetEvent
FindNextFileA
IsValidLocale
FindFirstFileExW
WaitForMultipleObjects
RemoveDirectoryA
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
IsValidCodePage
LCMapStringW
FindFirstChangeNotificationA
GetConsoleCP
GetTimeFormatW
GetEnvironmentStringsW
WaitForSingleObjectEx
lstrlenW
FindFirstChangeNotificationW
InterlockedFlushSList
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
ReleaseSemaphore
TlsFree
SetFilePointer
ReadFile
FindFirstFileA
GetACP
GetModuleHandleW
CreateProcessA
CompareFileTime
WriteFile
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
SysAllocString
VariantCopy
SysStringLen
VariantClear
SysAllocStringLen
DragQueryFileW
ShellExecuteExA
DragFinish
SHBrowseForFolderA
DragQueryFileA
SHGetPathFromIDListA
SHGetMalloc
MapDialogRect
EndDialog
MoveWindow
KillTimer
ShowWindow
MessageBoxW
GetWindowRect
ScreenToClient
PostMessageA
CharUpperW
DialogBoxParamW
SetWindowLongA
DialogBoxParamA
CharUpperA
GetDC
CreateDialogParamW
SystemParametersInfoA
SetWindowTextA
SendMessageW
LoadStringA
RegisterClassW
SendMessageA
LoadStringW
SetWindowTextW
CreateWindowExA
GetDlgItem
CreateDialogParamA
DrawTextW
RegisterClassA
CharPrevExA
InvalidateRect
GetWindowLongA
GetWindowTextLengthA
SetTimer
LoadIconA
GetWindowTextW
GetDialogBaseUnits
GetWindowTextLengthW
CreateWindowExW
GetWindowTextA
DestroyWindow
CoUninitialize
CoInitialize
Number of PE resources by type
RT_STRING 3
RT_DIALOG 2
RT_ICON 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 10
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
14.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
16.4.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
7z Setup SFX

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
106496

EntryPoint
0x2075f

OriginalFileName
7zS.sfx.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 1999-2016 Igor Pavlov

FileVersion
16.04

TimeStamp
2017:04:06 00:33:08+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
7zS.sfx

ProductVersion
16.04

SubsystemVersion
6.0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Igor Pavlov

CodeSize
382976

ProductName
7-Zip

ProductVersionNumber
16.4.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 cf1655a955df68febf40b7ff1935ca32
SHA1 db083fde82c743a26dbd7fbd597d3a6321522936
SHA256 83df8f4349882ff858d77f557531d85fb9f57b097b1af22486fa4bf5351ba3cc
ssdeep
786432:gdN9Ksuew6dWwhHFjiHtWxPAEkJQ+9u3OaLkUcKdlnxlUCAS0x8CzfzzYbPhSRTO:gzHJwwhHFjKtYPAEAYTLE8vdI84INeU

authentihash f394e776346e7c9db7f476ccad2e687cfefd10ff54e97f668d850499ba20befc
imphash 632f939005ccaa4d7643b0a302c14333
File size 40.2 MB ( 42181440 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2019-02-27 05:28:45 UTC ( 1 month, 3 weeks ago )
Last submission 2019-02-27 08:15:16 UTC ( 1 month, 3 weeks ago )
File names PortableGit-2.21.0-32-bit.7z.exe
7zS.sfx.exe
7zS.sfx
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!