× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 84ff035461f5eea4e010c801707f7b33a4d8c3a920cb1cda0edb0570ec209c28
File name: spoon-plugin.exe
Detection ratio: 3 / 43
Analysis date: 2010-09-29 06:28:49 UTC ( 4 years, 7 months ago ) View latest
Antivirus Result Update
Jiangmin Backdoor/Poison.krb 20100929
TheHacker Backdoor/Poison.bxep 20100929
VBA32 Backdoor.Poison.bxep 20100927
AVG 20100928
AhnLab-V3 20100928
AntiVir 20100928
Antiy-AVL 20100929
Authentium 20100929
Avast 20100928
Avast5 20100928
BitDefender 20100929
CAT-QuickHeal 20100929
ClamAV 20100929
Comodo 20100929
DrWeb 20100928
Emsisoft 20100929
F-Prot 20100928
F-Secure 20100929
Fortinet 20100928
GData 20100929
Ikarus 20100929
K7AntiVirus 20100928
Kaspersky 20100929
McAfee 20100929
McAfee-GW-Edition 20100929
Microsoft 20100929
NOD32 20100928
Norman None
PCTools 20100928
Panda 20100928
Prevx 20100929
Rising 20100929
SUPERAntiSpyware 20100929
Sophos 20100929
Sunbelt 20100929
Symantec 20100929
TrendMicro 20100929
TrendMicro-HouseCall 20100929
ViRobot 20100929
VirusBuster 20100928
eSafe 20100928
eTrust-Vet 20100928
nProtect 20100929
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright © 2009

Publisher Code Systems Corporation
Product Spoon Plugin
Original name Spoon-Plugin.dll
Internal name Spoon-Plugin.dll
File version 3.21.0.22
Description Spoon Plugin 3.21
Signature verification Signed file, verified signature
Signing date 9:56 PM 8/3/2010
Signers
[+] Code Systems Corporation
Status Certificate out of its validity period
Valid from 1:00 AM 12/15/2009
Valid to 12:59 AM 12/15/2012
Valid usage Code Signing
Algorithm SHA1
Thumbprint B7CDADA4D2E73F8BFFE1EA98AC84B70C052848A6
Serial number 75 41 25 6D 84 CA AB B6 B0 D0 24 8B 21 11 B2 F5
[+] USERTrust
Status Valid
Valid from 7:31 PM 7/9/1999
Valid to 7:40 PM 7/9/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm SHA1
Thumbprint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
Counter signers
[+] COMODO Time Stamping Signer
Status Valid
Valid from 1:00 AM 5/10/2010
Valid to 12:59 AM 5/11/2015
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 3DBB6DB5085C6DD5A1CA7F9CF84ECB1A3910CAC8
Serial number 47 8A 8E FB 59 E1 D8 3F 0C E1 42 D2 A2 87 07 BE
[+] USERTrust
Status Valid
Valid from 7:31 PM 7/9/1999
Valid to 7:40 PM 7/9/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm SHA1
Thumbrint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-08-03 20:55:44
Entry Point 0x0000411A
Number of sections 6
PE sections
PE imports
CreateFileMappingW
GetLastError
GetModuleHandleA
HeapFree
LoadLibraryW
GetFileSizeEx
SetEnvironmentVariableW
GetSystemInfo
GetFileInformationByHandle
GetModuleFileNameW
UnmapViewOfFile
CreateFileW
VirtualQuery
VirtualFree
HeapAlloc
CloseHandle
MapViewOfFile
GetTickCount
GetProcAddress
VirtualAlloc
GetProcessHeap
Number of PE resources by type
RT_ICON 5
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 7
NEUTRAL 1
ExifTool file metadata
PackagerVersion
8.1.1349

SubsystemVersion
5.0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.21.0.22

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Spoon Plugin 3.21

CharacterSet
Windows, Latin1

InitializedDataSize
90112

FileOS
Win32

Packager
Spoon Studio

MIMEType
application/octet-stream

LegalCopyright
Copyright 2009

FileVersion
3.21.0.22

TimeStamp
2010:08:03 21:55:44+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Spoon-Plugin.dll

FileAccessDate
2014:11:26 05:02:35+01:00

ProductVersion
3.21.0.22

UninitializedDataSize
0

OSVersion
5.0

FileCreateDate
2014:11:26 05:02:35+01:00

OriginalFilename
Spoon-Plugin.dll

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Code Systems Corp.

CodeSize
16384

ProductName
Spoon Plugin

ProductVersionNumber
3.21.0.22

EntryPoint
0x411a

ObjectFileType
Dynamic link library

File identification
MD5 b460c6d93ed0bef955f5f524d444f81c
SHA1 8f5428f64cab2badc566740936773b051318747d
SHA256 84ff035461f5eea4e010c801707f7b33a4d8c3a920cb1cda0edb0570ec209c28
ssdeep
98304:Re/0fEXQk5mxMJkBV4bt3w24enXyVZC5MJxlCLx/g8W:ReOOQjWkBV4btgsXy/zqW

authentihash a9dd32f7f129bbcfda31f21b50fad3c78e1eb184bae38c0f3a69098a0b04928b
imphash 0931e97555ac33eb10aa9539fe890070
File size 3.6 MB ( 3791320 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe signed

VirusTotal metadata
First submission 2010-08-26 07:00:17 UTC ( 4 years, 8 months ago )
Last submission 2011-06-20 07:11:13 UTC ( 3 years, 10 months ago )
File names Spoon-Plugin.dll
spoon-plugin.exe
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/doc/pua.html .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!