× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8b9d9430b39b587b39dce3d385aab9738879f5d55bf46b2ae6e7b8a9e0146fbe
File name: winzip-10-jetelecharge.exe
Detection ratio: 0 / 66
Analysis date: 2018-09-25 19:22:40 UTC ( 6 months ago )
Antivirus Result Update
Ad-Aware 20180925
AegisLab 20180925
AhnLab-V3 20180925
Alibaba 20180921
ALYac 20180925
Antiy-AVL 20180925
Arcabit 20180925
Avast 20180925
Avast-Mobile 20180925
AVG 20180925
Avira (no cloud) 20180925
AVware 20180925
Babable 20180918
Baidu 20180925
BitDefender 20180925
Bkav 20180925
CAT-QuickHeal 20180923
ClamAV 20180924
CMC 20180925
Comodo 20180925
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180925
Cyren 20180925
DrWeb 20180925
eGambit 20180925
Emsisoft 20180925
Endgame 20180730
ESET-NOD32 20180925
F-Prot 20180925
F-Secure 20180925
Fortinet 20180925
GData 20180925
Ikarus 20180925
Sophos ML 20180717
Jiangmin 20180925
K7AntiVirus 20180925
K7GW 20180925
Kaspersky 20180925
Kingsoft 20180925
Malwarebytes 20180925
MAX 20180925
McAfee 20180925
McAfee-GW-Edition 20180925
Microsoft 20180925
eScan 20180925
NANO-Antivirus 20180925
Palo Alto Networks (Known Signatures) 20180925
Panda 20180925
Qihoo-360 20180925
Rising 20180925
SentinelOne (Static ML) 20180925
Sophos AV 20180925
SUPERAntiSpyware 20180907
Symantec 20180925
Symantec Mobile Insight 20180924
TACHYON 20180925
Tencent 20180925
TheHacker 20180924
TotalDefense 20180925
TrendMicro 20180925
TrendMicro-HouseCall 20180925
Trustlook 20180925
VBA32 20180925
VIPRE 20180925
ViRobot 20180925
Webroot 20180925
Yandex 20180924
Zillya 20180925
ZoneAlarm by Check Point 20180925
Zoner 20180924
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Signature verification Signed file, verified signature
Signing date 9:42 PM 11/16/2017
Signers
[+] Corel Corporation
Status Valid
Issuer Symantec Class 3 SHA256 Code Signing CA
Valid from 1:00 AM 4/19/2016
Valid to 12:59 AM 5/23/2019
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 55DAAE5131F2066E44C3947AABA2C4E6A512AE15
Serial number 24 A1 BD 17 60 51 FF 86 4D 01 88 12 F9 F2 30 4C
[+] Symantec Class 3 SHA256 Code Signing CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 12/10/2013
Valid to 12:59 AM 12/10/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint 007790F6561DAD89B0BCD85585762495E358F8A5
Serial number 3D 78 D7 F9 76 49 60 B2 61 7D F4 F0 1E CA 86 2A
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT ZIP
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-11-02 20:24:29
Entry Point 0x0001479F
Number of sections 5
PE sections
Overlays
MD5 c52d718a4b8cba67807d653c445be734
File type data
Offset 108494848
Size 6088
Entropy 7.34
PE imports
GetDeviceCaps
ExtTextOutW
DeleteDC
CreateFontIndirectW
GetBkColor
SetBkColor
SelectObject
DeleteObject
CreateDCW
SetTextAlign
GetTextExtentPoint32W
SetTextColor
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
FileTimeToSystemTime
WaitForSingleObject
HeapDestroy
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
UnhandledExceptionFilter
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
WideCharToMultiByte
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
LocalFree
FormatMessageW
InitializeCriticalSection
GlobalHandle
FindClose
TlsGetValue
SetFileAttributesW
GetEnvironmentVariableW
SetLastError
GetSystemTime
RemoveDirectoryW
IsDebuggerPresent
ExitProcess
GetVersionExA
GetModuleFileNameA
GetVolumeInformationW
InterlockedDecrement
MultiByteToWideChar
SetFilePointer
GetFullPathNameW
MoveFileExW
SetUnhandledExceptionFilter
TerminateProcess
WriteConsoleA
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetVersion
InterlockedIncrement
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetWindowsDirectoryW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GlobalLock
GetProcessHeap
GetModuleFileNameW
FindNextFileW
FindFirstFileW
GlobalMemoryStatus
GetProcAddress
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
DosDateTimeToFileTime
LCMapStringW
GlobalFree
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
CreateProcessW
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentProcessId
SetFileTime
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
RaiseException
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetCurrentThreadId
IsValidCodePage
HeapCreate
VirtualFree
Sleep
VirtualAlloc
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
GetParent
UpdateWindow
EndDialog
BeginPaint
DefWindowProcW
KillTimer
GetMessageW
PostQuitMessage
ShowWindow
SetWindowPos
SetWindowWord
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
GetWindowRect
EndPaint
DialogBoxParamW
TranslateMessage
GetDlgItemTextW
PostMessageW
GetSysColor
SetDlgItemTextW
DispatchMessageW
SendMessageW
RegisterClassW
GetWindowLongW
SetActiveWindow
SendDlgItemMessageW
GetClientRect
GetDlgItem
SetRect
InvalidateRect
SetTimer
OemToCharA
LoadStringW
GetTopWindow
SetWindowTextW
GetWindowWord
LoadCursorW
LoadIconW
EnableWindow
SetForegroundWindow
GetLastActivePopup
SetCursor
Number of PE resources by type
RT_ICON 9
RT_STRING 9
RT_DIALOG 2
RT_MANIFEST 1
WZ_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 23
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2009:11:02 21:24:29+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
147456

LinkerVersion
8.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x1479f

InitializedDataSize
81920

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 411b9c368c76a356d29f8ca15923ef51
SHA1 71017bf063f7e0a2e04200d4e6628b9b2d297ffa
SHA256 8b9d9430b39b587b39dce3d385aab9738879f5d55bf46b2ae6e7b8a9e0146fbe
ssdeep
1572864:TOtjW+uoJulDfadluJ4wbMdync5OrxC6zrRHycu3VC84YRD/MCFVZSm382cddHQ+:x+uoQyTGb9niWrRSUbYlkCjZFJwdHQQ/

authentihash ffa09021ba12f7cab913a498c97b2d0cd4c4f014017e4d6ccd976a02f5852098
imphash c37a0cf32fb77a9ca8948933d9037856
File size 103.5 MB ( 108500936 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (45.1%)
Winzip Win32 self-extracting archive (generic) (37.6%)
Win32 Executable (generic) (7.3%)
OS/2 Executable (generic) (3.3%)
Generic Win/DOS Executable (3.2%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2017-12-17 03:00:13 UTC ( 1 year, 3 months ago )
Last submission 2018-09-25 19:22:40 UTC ( 6 months ago )
File names winzip-10-jetelecharge.exe
winzip-10-jetelecharge.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!