× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 856560ef8a27001137fa02ffca3af0402ea188aa2b39bfefaa92e2e6a9acc8c2
File name: vt-upload-29Wgfv
Detection ratio: 0 / 54
Analysis date: 2014-08-15 19:18:01 UTC ( 4 years, 8 months ago )
Antivirus Result Update
Ad-Aware 20140815
AegisLab 20140815
Yandex 20140815
AhnLab-V3 20140815
AntiVir 20140815
Antiy-AVL 20140815
Avast 20140815
AVG 20140815
AVware 20140815
Baidu-International 20140815
BitDefender 20140815
Bkav 20140815
ByteHero 20140815
CAT-QuickHeal 20140814
ClamAV 20140815
CMC 20140814
Commtouch 20140815
Comodo 20140815
DrWeb 20140815
Emsisoft 20140815
ESET-NOD32 20140815
F-Prot 20140815
F-Secure 20140815
Fortinet 20140815
GData 20140815
Ikarus 20140815
Jiangmin 20140815
K7AntiVirus 20140814
K7GW 20140814
Kaspersky 20140815
Kingsoft 20140815
Malwarebytes 20140815
McAfee 20140815
McAfee-GW-Edition 20140815
Microsoft 20140815
eScan 20140815
NANO-Antivirus 20140815
Norman 20140815
nProtect 20140814
Panda 20140815
Qihoo-360 20140815
Rising 20140815
Sophos AV 20140815
SUPERAntiSpyware 20140814
Symantec 20140815
Tencent 20140815
TheHacker 20140814
TotalDefense 20140815
TrendMicro 20140815
TrendMicro-HouseCall 20140815
VBA32 20140814
VIPRE 20140815
ViRobot 20140815
Zoner 20140811
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Native subsystem.
Authenticode signature block and FileVersionInfo properties
Publisher Envision Peripherals
Signature verification Signed file, verified signature
Signing date 12:44 AM 11/19/2008
Signers
[+] Envision Peripherals
Status Certificate out of its validity period
Issuer None
Valid from 1:00 AM 6/10/2008
Valid to 12:59 AM 6/15/2009
Valid usage Code Signing
Algorithm SHA1
Thumbprint CAB4FB3913CEDBD2CF0B84C65B923D33D7CE9F48
Serial number 25 3F A0 75 3A DC BA 7D BE 25 37 3B 4F 71 5C 99
[+] VeriSign Class 3 Code Signing 2004 CA
Status Certificate out of its validity period
Issuer None
Valid from 1:00 AM 7/16/2004
Valid to 12:59 AM 7/16/2014
Valid usage Client Auth, Code Signing
Algorithm SHA1
Thumbprint 197A4AEBDB25F0170079BB8C73CB2D655E0018A4
Serial number 41 91 A1 5A 39 78 DF CF 49 65 66 38 1D 4C 75 C2
[+] VeriSign Class 3 Public Primary CA
Status Valid
Issuer None
Valid from 1:00 AM 1/29/1996
Valid to 12:59 AM 8/2/2028
Valid usage Email Protection, Client Auth, Code Signing, Server Auth
Algorithm MD2
Thumbprint 742C3192E607E424EB4549542BE1BBC53E6174E2
Serial number 70 BA E4 1D 10 D9 29 34 B6 38 CA 7B 03 CC BA BF
Counter signers
[+] VeriSign Time Stamping Services Signer - G2
Status Certificate out of its validity period
Issuer None
Valid from 1:00 AM 6/15/2007
Valid to 12:59 AM 6/15/2012
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE
Serial number 38 25 D7 FA F8 61 AF 9E F4 90 E7 26 B5 D6 5A D5
[+] VeriSign Time Stamping Services CA
Status Certificate out of its validity period
Issuer None
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer None
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm MD5
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-12-12 06:03:35
Entry Point 0x00000722
Number of sections 4
PE sections
PE imports
READ_PORT_USHORT
WRITE_PORT_UCHAR
HalTranslateBusAddress
READ_PORT_UCHAR
WRITE_PORT_USHORT
WRITE_PORT_ULONG
READ_PORT_ULONG
DbgPrint
IofCompleteRequest
IoCreateDevice
ZwMapViewOfSection
IoCreateSymbolicLink
ZwOpenSection
RtlInitUnicodeString
IoDeleteDevice
ObReferenceObjectByHandle
IoDeleteSymbolicLink
ZwClose
ZwUnmapViewOfSection
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Native

MachineType
Intel 386 or later, and compatibles

TimeStamp
2007:12:12 07:03:35+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
2048

LinkerVersion
7.0

FileAccessDate
2014:04:15 15:03:08+01:00

EntryPoint
0x0722

InitializedDataSize
384

SubsystemVersion
5.1

ImageVersion
5.1

OSVersion
5.1

FileCreateDate
2014:04:15 15:03:08+01:00

UninitializedDataSize
0

File identification
MD5 27d842c777cc68e915ac39d08d4264e9
SHA1 9eecdf7b5f24d70218452eabcd5884753087bfee
SHA256 856560ef8a27001137fa02ffca3af0402ea188aa2b39bfefaa92e2e6a9acc8c2
ssdeep
192:BDOavfyowJL/aMjGwP7raMur+ebMat0ZgjlJMuKN:MEfYJLWOC9bdW6jhKN

imphash d08089bfdb1e13a5adc3bfacfbb691e2
File size 9.5 KB ( 9736 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (native) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe signed native

VirusTotal metadata
First submission 2009-08-07 18:12:10 UTC ( 9 years, 8 months ago )
Last submission 2014-04-15 14:02:14 UTC ( 5 years ago )
File names vt-upload-29Wgfv
hugoio.sys
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!