× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8448253ca3ac1fed9d227ec18c40ff09f13057c95e5014e2fb986e5439fae833
File name: b8e4eac7480021dc2506c1cd9c6a17b8.77f751229ea180a0c64426bf4494efbf...
Detection ratio: 0 / 45
Analysis date: 2013-08-13 18:00:47 UTC ( 8 months, 1 week ago ) View latest
Antivirus Result Update
AVG 20130813
Agnitum 20130813
AhnLab-V3 20130813
AntiVir 20130813
Antiy-AVL 20130813
Avast 20130813
BitDefender 20130813
ByteHero 20130804
CAT-QuickHeal 20130813
ClamAV 20130813
Commtouch 20130813
Comodo 20130813
DrWeb 20130813
ESET-NOD32 20130813
Emsisoft 20130813
F-Prot 20130813
F-Secure 20130813
Fortinet 20130813
GData 20130813
Ikarus 20130813
Jiangmin 20130813
K7AntiVirus 20130813
K7GW 20130813
Kaspersky 20130813
Kingsoft 20130723
Malwarebytes 20130813
McAfee 20130813
McAfee-GW-Edition 20130813
MicroWorld-eScan 20130813
Microsoft 20130813
NANO-Antivirus 20130813
Norman 20130813
PCTools 20130813
Panda 20130813
Rising 20130813
SUPERAntiSpyware 20130813
Symantec 20130813
TheHacker 20130813
TotalDefense 20130813
TrendMicro 20130813
TrendMicro-HouseCall 20130813
VBA32 20130813
VIPRE 20130813
ViRobot 20130813
nProtect 20130813
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
Authenticode signature block
Copyright
Copyright © 1999 - 2013 abylonsoft

Publisher abylonsoft
Product abylon WLAN-LIVE-SCANNER
File version 2013.2
Description abylon WLAN-LIVE-SCANNER Setup
Comments This installation was built with Inno Setup.
Signature verification Signed file, verified signature
Signing date 11:18 AM 4/27/2013
Signers
[+] abylonsoft
Status Certificate out of its validity period
Valid from 1:00 AM 8/17/2012
Valid to 12:59 AM 8/18/2013
Valid usage Code Signing
Algorithm SHA1
Thumbrint F2582DD1545871D2F3C5562B207BED9AF6981A48
Serial number 31 70 12 B5 91 88 08 9B C3 30 F8 F1 AF 01 C7 79
[+] COMODO Code Signing CA 2
Status Valid
Valid from 1:00 AM 8/24/2011
Valid to 11:48 AM 5/30/2020
Valid usage Code Signing
Algorithm SHA1
Thumbrint B64771392538D1EB7A9281998791C14AFD0C5035
Serial number 10 70 9D 4F F5 54 08 D7 30 60 01 D8 EA 91 75 BB
[+] UTN-USERFirst-Object
Status Valid
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm SHA1
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] USERTrust
Status Valid
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm SHA1
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm MD5
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00009C40
Number of sections 8
PE sections
PE imports
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegQueryValueExA
AdjustTokenPrivileges
RegOpenKeyExA
InitCommonControls
GetSystemTime
GetLastError
GetEnvironmentVariableA
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
GetSystemInfo
GetFileAttributesA
GetExitCodeProcess
ExitProcess
CreateDirectoryA
VirtualProtect
GetVersionExA
RemoveDirectoryA
RtlUnwind
LoadLibraryA
DeleteCriticalSection
GetCurrentProcess
SizeofResource
GetLocaleInfoA
LocalAlloc
LockResource
IsDBCSLeadByte
DeleteFileA
GetWindowsDirectoryA
GetSystemDefaultLCID
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GetProcAddress
FormatMessageA
SetFilePointer
RaiseException
WideCharToMultiByte
GetModuleHandleA
ReadFile
InterlockedExchange
WriteFile
CloseHandle
GetACP
GetFullPathNameA
LocalFree
CreateProcessA
GetModuleFileNameA
InitializeCriticalSection
LoadResource
VirtualQuery
VirtualFree
TlsGetValue
Sleep
GetFileType
SetEndOfFile
TlsSetValue
CreateFileA
FindResourceA
VirtualAlloc
GetFileSize
SetLastError
LeaveCriticalSection
SysStringLen
SysAllocStringLen
VariantCopyInd
VariantClear
VariantChangeTypeEx
CharPrevA
CreateWindowExA
LoadStringA
DispatchMessageA
CallWindowProcA
MessageBoxA
PeekMessageA
SetWindowLongA
MsgWaitForMultipleObjects
TranslateMessage
ExitWindowsEx
DestroyWindow
Number of PE resources by type
RT_STRING 6
RT_ICON 4
RT_MANIFEST 1
RT_RCDATA 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
DUTCH 4
ENGLISH US 3
File identification
MD5 b8e4eac7480021dc2506c1cd9c6a17b8
SHA1 77f751229ea180a0c64426bf4494efbf3b5240fa
SHA256 8448253ca3ac1fed9d227ec18c40ff09f13057c95e5014e2fb986e5439fae833
ssdeep
393216:BKtHdb+KyQtzT3fhPXOWychGS6oHiUog9h8uaGdFXCamYg99:BqHdXyQt39hmyiIh8uJX8Ygn

File size 18.6 MB ( 19522048 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Inno Setup installer (91.1%)
Win32 Executable (generic) (3.7%)
Win16/32 Executable Delphi generic (1.7%)
Generic Win/DOS Executable (1.6%)
DOS Executable Generic (1.6%)
Tags
peexe signed

VirusTotal metadata
First submission 2013-05-01 01:38:12 UTC ( 11 months, 3 weeks ago )
Last submission 2013-05-01 01:38:12 UTC ( 11 months, 3 weeks ago )
File names b8e4eac7480021dc2506c1cd9c6a17b8.77f751229ea180a0c64426bf4494efbf3b5240fa
wlanscanner.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!