× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 846f3565f2b199d46d90392ce6e5098e8105e5c8d501d2450b247baa99a99650
File name: JoGoVEREIN.msi
Detection ratio: 0 / 60
Analysis date: 2017-10-12 11:33:12 UTC ( 1 week ago ) View latest
Antivirus Result Update
Ad-Aware 20171012
AegisLab 20171012
AhnLab-V3 20171012
Alibaba 20170911
ALYac 20171012
Antiy-AVL 20171012
Arcabit 20171012
Avast 20171012
Avast-Mobile 20171012
AVG 20171012
Avira (no cloud) 20171012
AVware 20171012
Baidu 20171012
BitDefender 20171012
Bkav 20171012
CAT-QuickHeal 20171011
ClamAV 20171012
CMC 20171012
Comodo 20171012
CrowdStrike Falcon (ML) 20170804
Cylance 20171012
Cyren 20171012
DrWeb 20171012
Emsisoft 20171012
Endgame 20170821
ESET-NOD32 20171012
F-Prot 20171012
F-Secure 20171012
Fortinet 20171012
GData 20171012
Ikarus 20171012
Sophos ML 20170914
Jiangmin 20171012
K7AntiVirus 20171012
K7GW 20171012
Kaspersky 20171012
Kingsoft 20171012
Malwarebytes 20171012
MAX 20171012
McAfee 20171012
McAfee-GW-Edition 20171012
Microsoft 20171012
eScan 20171012
NANO-Antivirus 20171012
nProtect 20171012
Palo Alto Networks (Known Signatures) 20171012
Panda 20171012
Qihoo-360 20171012
Rising 20171012
SentinelOne (Static ML) 20171001
Sophos AV 20171012
SUPERAntiSpyware 20171012
Symantec 20171012
Symantec Mobile Insight 20171011
Tencent 20171012
TheHacker 20171007
TotalDefense 20171012
TrendMicro 20171012
TrendMicro-HouseCall 20171012
Trustlook 20171012
VBA32 20171012
VIPRE 20171012
ViRobot 20171012
Webroot 20171012
WhiteArmor 20170927
Yandex 20171011
Zillya 20171012
ZoneAlarm by Check Point 20171012
Zoner 20171012
The file being studied is a Windows Installer file! These types of files are software components used for the installation, maintenance, and removal of software on modern Microsoft Windows systems.
Authenticode signature block
Signature verification Signed file, verified signature
Signing date 8:07 PM 10/10/2017
Signers
[+] Joachim Göldenitz
Status Valid
Valid from 1:00 AM 7/20/2017
Valid to 12:59 AM 7/21/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbrint BD76FE693F18B47468D67D9DFB60A5B80462D5DB
Serial number 53 1B 9D 1D 53 C1 0C EF 48 DA A9 A1 EF 06 FE 47
[+] COMODO RSA Code Signing CA
Status Valid
Valid from 1:00 AM 5/9/2013
Valid to 12:59 AM 5/9/2028
Valid usage Code Signing
Algorithm sha384RSA
Thumbrint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
[+] COMODO SECURE™
Status Valid
Valid from 1:00 AM 1/19/2010
Valid to 12:59 AM 1/19/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha384RSA
Thumbrint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
Counter signers
[+] COMODO SHA-1 Time Stamping Signer
Status Valid
Valid from 1:00 AM 12/31/2015
Valid to 7:40 PM 7/9/2019
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 03A5B14663EB12023091B84A6D6A68BC871DE66B
Serial number 16 88 F0 39 25 5E 63 8E 69 14 39 07 E6 33 0B
[+] UTN-USERFirst-Object
Status Valid
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm sha1RSA
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] The USERTrust Network™
Status Valid
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
OLE structured storage summary
creation_datetime
1999-06-21 08:00:00
author
Joachim G\ufffdldenitz
title
Setup
page_count
200
last_saved
2017-10-10 20:05:23
word_count
2
comments
Vereinsverwaltung
revision_number
{816E0A37-FB6D-4B3D-9FB5-6AB1369A49F8}
last_printed
2017-10-10 20:05:23
application_name
Windows Installer
security
1
code_page
Latin I
template
Intel;1031
OLE Streams
name
Root Entry
clsid
000c1084-0000-0000-c000-000000000046
type_literal
root
clsid_literal
on
sid
0
size
19904
type_literal
stream
size
5312
name
\x05DigitalSignature
sid
50
type_literal
stream
size
20
name
\x05MsiDigitalSignatureEx
sid
49
type_literal
stream
size
436
name
\x05SummaryInformation
sid
1
type_literal
stream
size
7456488
name
\u3aff\u3bcb\u3b82\u3a4b\u3885\u3acb\u3b45\u3880\u3a4a\u3a4d\u38c6\u384e\u3949\u3b45\u3884\u3b8f\u480e
sid
48
type_literal
stream
size
109564
name
\u4192\u4472\u47fe\u390a\u3a8b\u39c7\u3807\u3b8f\u3b0f\u3b42\u3bcb\u3882\u3a4d\u3bc2\u423e\u423b
sid
29
type_literal
stream
size
318
name
\u4192\u4472\u47fe\u3948\u3bc3\u39c6\u394d\u3905\u380f\u3905\u3a44\u38c4\u3b80\u3b87\u423e\u423b
sid
27
type_literal
stream
size
2238
name
\u4192\u4472\u47fe\u3b42\u39cb\u3900\u3bc8\u3989\u3947\u3845\u3a8d\u3bc2\u3bcb\u3bc9\u423e\u423b
sid
31
type_literal
stream
size
766
name
\u4192\u4472\u47fe\u3bce\u3acf\u3b47\u38c3\u3b8e\u3b47\u3a06\u3b02\u3904\u39c8\u3bc8\u423e\u423b
sid
32
type_literal
stream
size
105056
name
\u430b\u4131\u4735\u3b7e\u4268\u410b\u4471\u4568\u430b\u4437\u44e4
sid
44
type_literal
stream
size
303248
name
\u430b\u4131\u4735\u3dbe\u3fdc\u3b4b\u3b19\u3b4a\u3d55
sid
23
type_literal
stream
size
318
name
\u430b\u4131\u4735\u3dfe\u46a8\u43cf\u4567\u45cb\u4831
sid
35
type_literal
stream
size
318
name
\u430b\u4131\u4735\u3fbe\u3bf3\u41ef\u3af5\u4477
sid
34
type_literal
stream
size
11234
name
\u430b\u4131\u4735\u3ffe\u3b5c\u3b97\u3b1d\u3c0f
sid
25
type_literal
stream
size
10659
name
\u430b\u4131\u4735\u47fe\u3b0d\u38c4\u3b43\u398d\u3b80\u3b8c\u3840\u3b01\u38c5\u3ac8\u3a8a\u3a84\u3ace\u384d\u384c\u3882
sid
41
type_literal
stream
size
3328
name
\u4840\u3b3f\u43f2\u4438\u45b1
sid
4
type_literal
stream
size
204
name
\u4840\u3c9e\u421d\u45fb
sid
43
type_literal
stream
size
56004
name
\u4840\u3f3f\u4577\u446c\u3b6a\u45e4\u4824
sid
6
type_literal
stream
size
6284
name
\u4840\u3f3f\u4577\u446c\u3e6a\u44b2\u482f
sid
5
type_literal
stream
size
176
name
\u4840\u3f7f\u4164\u422f\u4836
sid
3
type_literal
stream
size
6
name
\u4840\u3fff\u41f6\u4115\u4478\u42e6\u448c\u41f1\u45ec\u44ac\u4831
sid
21
type_literal
stream
size
10248
name
\u4840\u3fff\u43e4\u41ec\u45e4\u44ac\u4831
sid
2
type_literal
stream
size
108
name
\u4840\u411b\u4327\u3af2\u45f8\u44b7\u4831
sid
42
type_literal
stream
size
16
name
\u4840\u4192\u4472
sid
26
type_literal
stream
size
54
name
\u4840\u41ca\u4330\u3bb1\u423b\u4626\u4237\u421c\u4634\u4468\u4226
sid
17
type_literal
stream
size
72
name
\u4840\u41ca\u4330\u3fb1\u3f12\u4528\u4238\u41b1\u4828
sid
19
type_literal
stream
size
96
name
\u4840\u41ca\u45f9\u46ce\u41a8\u45f8\u3f28\u4528\u4238\u41b1\u4828
sid
16
type_literal
stream
size
364
name
\u4840\u420f\u45e4\u4578\u3b28\u4432\u44b3\u4231\u45f1\u4836
sid
46
type_literal
stream
size
16
name
\u4840\u420f\u45e4\u4578\u4828
sid
7
type_literal
stream
size
12
name
\u4840\u4216\u4327\u4824
sid
47
type_literal
stream
size
40
name
\u4840\u421b\u44b0\u4239\u430f\u422f
sid
13
type_literal
stream
size
60
name
\u4840\u421d\u45fb\u45dc\u43fc\u4828
sid
40
type_literal
stream
size
72
name
\u4840\u42dc\u4572\u41b7\u45f8
sid
30
type_literal
stream
size
24
name
\u4840\u430b\u4131\u4735
sid
22
type_literal
stream
size
48
name
\u4840\u430d\u4235\u45e6\u4572\u483c
sid
12
type_literal
stream
size
528
name
\u4840\u430d\u43e4\u42b2
sid
39
type_literal
stream
size
1602
name
\u4840\u430f\u422f
sid
9
type_literal
stream
size
420
name
\u4840\u4452\u45f6\u43e4\u3baf\u423b\u4626\u4237\u421c\u4634\u4468\u4226
sid
15
type_literal
stream
size
132
name
\u4840\u4452\u45f6\u43e4\u3faf\u3f12\u4528\u4238\u41b1\u4828
sid
18
type_literal
stream
size
1092
name
\u4840\u448c\u44f0\u4472\u4468\u4837
sid
8
type_literal
stream
size
544
name
\u4840\u448c\u45f1\u44b5\u3b2f\u4472\u4327\u4337\u4472
sid
37
type_literal
stream
size
1044
name
\u4840\u448c\u45f1\u44b5\u3baf\u4239\u45f1
sid
38
type_literal
stream
size
5356
name
\u4840\u448c\u45f1\u44b5\u482f
sid
36
type_literal
stream
size
78
name
\u4840\u4496\u4627\u422f\u431c\u446a\u45e4\u4578\u4828
sid
33
type_literal
stream
size
16
name
\u4840\u44de\u456a\u41e4\u4828
sid
28
type_literal
stream
size
4
name
\u4840\u454c\u4128\u4237\u448f\u41ef\u4568
sid
20
type_literal
stream
size
140
name
\u4840\u4559\u44f2\u4568\u4737
sid
24
type_literal
stream
size
108
name
\u4840\u4596\u3aac\u45b6\u4428\u43e5\u3dfc\u4424\u4828
sid
11
type_literal
stream
size
40
name
\u4840\u4596\u3aac\u45b6\u4428\u43e5\u483c
sid
10
type_literal
stream
size
48
name
\u4840\u460c\u45f6\u4432\u418a\u4337\u4472
sid
14
type_literal
stream
size
192
name
\u4840\u464e\u4468\u3db7\u44e4\u4333\u42b1
sid
45
ExifTool file metadata
MIMEType
image/vnd.fpx

ModifyDate
2017:10:10 19:05:23

Template
Intel;1031

Title
Setup

FileType
FPX

Author
Joachim G ldenitz

Comments
Vereinsverwaltung

CodePage
Windows Latin 1 (Western European)

FileTypeExtension
fpx

Words
2

CreateDate
1999:06:21 07:00:00

LastPrinted
2017:10:10 19:05:23

Security
Password protected

Pages
200

RevisionNumber
{816E0A37-FB6D-4B3D-9FB5-6AB1369A49F8}

Software
Windows Installer

File identification
MD5 9b977203b49e03e3728e32f29a23f844
SHA1 dc1ac0ee98a7f24c0590f5eccb6c867ce301cc17
SHA256 846f3565f2b199d46d90392ce6e5098e8105e5c8d501d2450b247baa99a99650
ssdeep
196608:/YUUZ2MV129T8cDL/UmA36aC+Rhof1e3/U6:wUUP1UT8GwmAH/ofI3/

File size 7.8 MB ( 8175616 bytes )
File type Windows Installer
Magic literal
Windows, Version 10.0, Create Time/Date: Sun Jun 20 07:00:00 1999, Name of Creating Application: Windows Installer, Security: 1, Code page: 1252, Template: Intel;1031, Number of Pages: 200, Revision Number: {816E0A37-FB6D-4B3D-9FB5-6AB1369A49F8}, Title: Setup, Author: Joachim G�ldenitz, Comments: Vereinsverwaltung, Number of Words: 2, Last Saved Time/Date: Mon Oct 09 19:05:23 2017, Last Printed: Mon Oct 09 19:05:23 2017

TrID Microsoft Windows Installer (91.3%)
Windows Installer Patch (7.3%)
Generic OLE2 / Multistream Compound File (1.3%)
Tags
msi signed

VirusTotal metadata
First submission 2017-10-12 11:33:12 UTC ( 1 week ago )
Last submission 2017-10-12 11:33:12 UTC ( 1 week ago )
File names JoGoVEREIN.msi
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!