× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8f3a7349084065d4d099a4f55d42862e08433c9998d47fbc38c7f8b2ee5296b4
File name: DivXWebPlayerInstaller.exe
Detection ratio: 0 / 69
Analysis date: 2019-03-24 18:10:32 UTC ( 2 months ago )
Antivirus Result Update
Acronis 20190322
Ad-Aware 20190324
AegisLab 20190324
AhnLab-V3 20190324
Alibaba 20190306
ALYac 20190324
Antiy-AVL 20190324
Arcabit 20190324
Avast 20190324
Avast-Mobile 20190324
AVG 20190324
Avira (no cloud) 20190324
Babable 20180918
Baidu 20190318
BitDefender 20190324
CAT-QuickHeal 20190324
ClamAV 20190324
CMC 20190321
Comodo 20190324
CrowdStrike Falcon (ML) 20190212
Cybereason 20190324
Cylance 20190324
Cyren 20190324
DrWeb 20190324
eGambit 20190324
Emsisoft 20190324
Endgame 20190322
ESET-NOD32 20190324
F-Prot 20190324
F-Secure 20190324
Fortinet 20190324
GData 20190324
Ikarus 20190324
Sophos ML 20190313
Jiangmin 20190324
K7AntiVirus 20190324
K7GW 20190324
Kaspersky 20190324
Kingsoft 20190324
Malwarebytes 20190324
MAX 20190324
McAfee 20190324
McAfee-GW-Edition 20190324
Microsoft 20190324
eScan 20190324
NANO-Antivirus 20190324
Palo Alto Networks (Known Signatures) 20190324
Panda 20190324
Qihoo-360 20190324
Rising 20190324
SentinelOne (Static ML) 20190317
Sophos AV 20190322
SUPERAntiSpyware 20190321
Symantec 20190324
Symantec Mobile Insight 20190220
TACHYON 20190324
Tencent 20190324
TheHacker 20190324
TotalDefense 20190324
Trapmine 20190301
TrendMicro 20190324
TrendMicro-HouseCall 20190324
Trustlook 20190324
VBA32 20190322
ViRobot 20190324
Webroot 20190324
Yandex 20190324
Zillya 20190324
ZoneAlarm by Check Point 20190324
Zoner 20190324
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
2017 DivX, LLC.

Product DivX Setup
Original name DivXSetup.exe
Internal name WRX
File version 3.0.0.224
Description DivX Setup
Signature verification Signed file, verified signature
Signing date 2:04 PM 2/13/2017
Signers
[+] DivX, LLC
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Symantec Class 3 SHA256 Code Signing CA
Valid from 12:00 AM 02/06/2017
Valid to 11:59 PM 04/07/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 70747DDDB697467220B713D82FE5B012322F06D5
Serial number 31 05 1D 4B B5 7D 31 14 9E 13 C9 1E F9 20 90 A2
[+] Symantec Class 3 SHA256 Code Signing CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 12:00 AM 12/10/2013
Valid to 11:59 PM 12/09/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint 007790F6561DAD89B0BCD85585762495E358F8A5
Serial number 3D 78 D7 F9 76 49 60 B2 61 7D F4 F0 1E CA 86 2A
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 12:00 AM 11/08/2006
Valid to 11:59 PM 07/16/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 12:00 AM 10/18/2012
Valid to 11:59 PM 12/29/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 12/21/2012
Valid to 11:59 PM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 01/01/1997
Valid to 11:59 PM 12/31/2020
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-02-10 02:52:58
Entry Point 0x000D276F
Number of sections 5
PE sections
Overlays
MD5 4c3651f2c0319c4dfc140b49a543315b
File type data
Offset 2427904
Size 6088
Entropy 7.34
PE imports
RegCreateKeyExW
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
RegDeleteKeyW
CryptHashData
RegQueryValueExW
CryptCreateHash
RegisterEventSourceW
OpenProcessToken
DeregisterEventSource
RegOpenKeyExW
CryptReleaseContext
GetUserNameW
RegQueryInfoKeyW
RegDeleteValueW
RegEnumKeyExW
CryptAcquireContextW
CryptDestroyHash
RegEnumValueW
RegSetValueExW
FreeSid
CryptGetHashParam
ReportEventW
AllocateAndInitializeSid
CheckTokenMembership
CertFreeCertificateContext
CertCloseStore
CryptQueryObject
CertFindCertificateInStore
CryptMsgGetParam
CertGetNameStringW
CryptMsgClose
TextOutW
CreateFontIndirectW
CreatePen
GetDeviceCaps
CreateCompatibleDC
DeleteDC
SetBkMode
DeleteObject
GetObjectW
BitBlt
CreateDIBSection
SetTextColor
CreatePatternBrush
ExtTextOutW
GetStockObject
RoundRect
StretchBlt
SelectObject
SetDIBColorTable
CreateSolidBrush
SetBkColor
GetTextExtentPoint32W
CreateCompatibleBitmap
SetThreadLocale
GetStdHandle
GetDriveTypeW
ReleaseMutex
FileTimeToSystemTime
WaitForSingleObject
SetEndOfFile
HeapDestroy
SignalObjectAndWait
CreateTimerQueue
GetFileAttributesW
DuplicateHandle
VerifyVersionInfoW
CreatePipe
GetCurrentProcess
GetConsoleMode
UnhandledExceptionFilter
FreeEnvironmentStringsW
InitializeSListHead
InterlockedPopEntrySList
GetLocaleInfoW
SetStdHandle
GetCPInfo
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GetThreadTimes
Thread32First
HeapReAlloc
GetStringTypeW
GetOEMCP
LocalFree
FormatMessageW
IsWow64Process
GetThreadPriority
GetExitCodeProcess
FreeLibraryAndExitThread
InitializeCriticalSection
OutputDebugStringW
GlobalHandle
FindFirstFileW
AllocConsole
TlsGetValue
FormatMessageA
GetFullPathNameW
EncodePointer
OutputDebugStringA
InterlockedPushEntrySList
SetLastError
PeekNamedPipe
DeviceIoControl
ReadConsoleInputA
CopyFileW
ReadFile
LoadResource
RemoveDirectoryW
IsDebuggerPresent
HeapAlloc
LoadLibraryA
VerSetConditionMask
GetPriorityClass
GetCurrentDirectoryW
SetConsoleCtrlHandler
GetUserDefaultLCID
FindClose
EnumSystemLocalesW
LoadLibraryExW
MultiByteToWideChar
SystemTimeToTzSpecificLocalTime
SetFilePointerEx
DeleteTimerQueueTimer
FlushInstructionCache
RegisterWaitForSingleObject
CreateThread
MoveFileExW
InterlockedFlushSList
DeleteCriticalSection
GetExitCodeThread
CreateSemaphoreW
CreateMutexW
MulDiv
IsProcessorFeaturePresent
ExitThread
DecodePointer
SetEnvironmentVariableA
GlobalMemoryStatus
SetUnhandledExceptionFilter
InterlockedDecrement
GetModuleHandleExW
GlobalAlloc
GetDiskFreeSpaceExW
CreateEventW
ReadConsoleW
GetVersion
LeaveCriticalSection
SleepEx
WriteConsoleW
CreateToolhelp32Snapshot
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
TerminateThread
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
lstrcmpiW
RtlUnwind
GetWindowsDirectoryW
ChangeTimerQueueTimer
OpenProcess
GetModuleHandleW
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
GetTempFileNameW
QueryDepthSList
CompareStringW
GetModuleFileNameW
GetFileInformationByHandle
FindNextFileW
GetCurrentThreadId
CreateTimerQueueTimer
Thread32Next
IsValidLocale
lstrcmpW
FindFirstFileExW
ExpandEnvironmentStringsA
SetEvent
GetProcessAffinityMask
GetTimeZoneInformation
CreateFileW
GetEnvironmentVariableW
GetFileType
TlsSetValue
ExitProcess
InterlockedIncrement
GetLastError
FlushConsoleInputBuffer
LCMapStringW
GetSystemInfo
GlobalFree
GetConsoleCP
FindResourceW
UnregisterWaitEx
GetTimeFormatW
GetEnvironmentStringsW
GlobalUnlock
QueryPerformanceFrequency
GetUserGeoID
lstrlenW
Process32NextW
VirtualFree
WaitForSingleObjectEx
Module32FirstW
FileTimeToLocalFileTime
SizeofResource
UnregisterWait
GetCurrentProcessId
LockResource
GetCommandLineW
WideCharToMultiByte
HeapSize
SetThreadAffinityMask
Process32FirstW
GetCurrentThread
SetConsoleTitleW
RaiseException
ReleaseSemaphore
TlsFree
GetModuleHandleA
Module32NextW
CloseHandle
OpenMutexW
GetACP
GlobalLock
GetGeoInfoW
FreeResource
SwitchToThread
GetFileAttributesExW
SetThreadUILanguage
GetLogicalProcessorInformation
GetNumaHighestNodeNumber
IsValidCodePage
SetConsoleMode
FindResourceExW
VirtualQuery
CreateProcessW
WaitForMultipleObjects
Sleep
TerminateProcess
SetThreadPriority
VirtualAlloc
VarUI4FromStr
VarBstrCat
SysStringLen
LoadRegTypeLib
SysAllocStringLen
OleCreateFontIndirect
VariantClear
SysAllocString
DispCallFunc
LoadTypeLib
SysFreeString
VariantInit
SHCreateDirectoryExW
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
SHGetSpecialFolderPathW
CommandLineToArgvW
PathIsNetworkPathW
PathIsRootW
SHDeleteKeyW
PathGetDriveNumberW
PathIsFileSpecW
PathFindFileNameW
PathFileExistsW
PathIsUNCW
PathAppendW
PathBuildRootW
StrFormatByteSizeW
PathSkipRootW
UrlCreateFromPathW
PathStripToRootW
PathRemoveBlanksW
PathCombineW
PathRemoveBackslashW
MapWindowPoints
RedrawWindow
DestroyWindow
SetWindowPos
IsWindow
EndPaint
GetDC
GetCursorPos
MapDialogRect
GetDlgCtrlID
SendMessageW
UnregisterClassW
GetClientRect
CreateAcceleratorTableW
GetActiveWindow
GetWindowTextW
GetWindowTextLengthW
InvalidateRgn
PtInRect
DrawEdge
GetUserObjectInformationW
GetClassInfoExW
UpdateWindow
ShowWindow
EnableWindow
GetSystemMenu
IsWindowEnabled
GetWindow
EnableMenuItem
DrawFocusRect
SetTimer
IsDialogMessageW
FillRect
SetWindowContextHelpId
CreateWindowExW
GetWindowLongW
CharNextW
IsChild
SetFocus
RegisterWindowMessageW
GetMonitorInfoW
BeginPaint
DefWindowProcW
KillTimer
TrackMouseEvent
GetParent
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
SendDlgItemMessageW
GetProcessWindowStation
CheckDlgButton
CreateDialogParamW
SetWindowTextW
GetDlgItem
ClientToScreen
PostMessageW
DialogBoxIndirectParamW
IsDlgButtonChecked
DestroyAcceleratorTable
GetDesktopWindow
LoadCursorW
LoadIconW
SetForegroundWindow
ExitWindowsEx
ReleaseDC
EndDialog
CopyRect
GetCapture
ScreenToClient
MessageBoxW
GetMenu
RegisterClassExW
MoveWindow
DialogBoxParamW
AdjustWindowRectEx
GetSysColor
SetDlgItemTextW
GetKeyState
IsWindowVisible
SystemParametersInfoW
MonitorFromWindow
SetRect
InvalidateRect
CallWindowProcW
GetClassNameW
GetFocus
wsprintfW
SetCursor
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
InternetCheckConnectionW
InternetCanonicalizeUrlW
InternetGetConnectedState
DeleteUrlCacheEntryW
WinVerifyTrust
accept
ioctlsocket
WSAStartup
connect
getsockname
htons
WSASetLastError
WSAGetLastError
gethostname
getsockopt
closesocket
send
ntohs
select
listen
__WSAFDIsSet
WSACleanup
gethostbyname
getpeername
recv
WSAIoctl
setsockopt
socket
bind
recvfrom
sendto
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePaletteSize
GdipAlloc
GdipFree
GdipCloneImage
GdiplusStartup
GdipGetImagePixelFormat
GdipDrawImageI
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromStream
CreateStreamOnHGlobal
OleLockRunning
CLSIDFromProgID
CoInitialize
CoTaskMemAlloc
CoGetClassObject
CoTaskMemRealloc
CoCreateInstance
OleUninitialize
CoUninitialize
CoTaskMemFree
CLSIDFromString
StringFromGUID2
OleInitialize
CoInternetSetFeatureEnabled
Number of PE resources by type
RT_STRING 133
RT_DIALOG 27
RT_ICON 4
Struct(240) 3
RT_HTML 2
XML 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 45
GERMAN 16
FRENCH 13
PORTUGUESE BRAZILIAN 13
RUSSIAN 13
CHINESE TRADITIONAL 12
CHINESE SIMPLIFIED 12
JAPANESE DEFAULT 12
SPANISH MODERN 12
KOREAN 12
ITALIAN 12
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.0.0.224

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
DivX Setup

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
652800

EntryPoint
0xd276f

OriginalFileName
DivXSetup.exe

MIMEType
application/octet-stream

LegalCopyright
2017 DivX, LLC.

FileVersion
3.0.0.224

TimeStamp
2017:02:10 03:52:58+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
WRX

ProductVersion
3.0.0.224

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
DivX, LLC

CodeSize
1774080

ProductName
DivX Setup

ProductVersionNumber
3.0.0.224

FileTypeExtension
exe

ObjectFileType
Unknown

File identification
MD5 87ac42b2f6d0983fc9997e05fd9a3cb3
SHA1 196a6f01b78e781934520958166ecd166f39fae9
SHA256 8f3a7349084065d4d099a4f55d42862e08433c9998d47fbc38c7f8b2ee5296b4
ssdeep
49152:TRBWuLEeV0rzi6ue+Xv/VtB3UIVlfk6nmchBnTu4jShfZP:G2EeV0rmhe+X3VtBEIV9HYP

authentihash bd53c8677be00e024efea88a0423b0eaebaac424051b4712607f63c65acc8459
imphash b463605bda7ffd5c8371d9ad2a20de5b
File size 2.3 MB ( 2433992 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (72.3%)
Win32 Executable (generic) (11.8%)
OS/2 Executable (generic) (5.3%)
Generic Win/DOS Executable (5.2%)
DOS Executable Generic (5.2%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2017-03-22 14:48:54 UTC ( 2 years, 2 months ago )
Last submission 2019-03-13 17:19:38 UTC ( 2 months, 1 week ago )
File names DivXSetup.exe
DivXSetup.exe
DivXWebPlayerInstaller.exe
DivXSetup.exe
DivXWebPlayerInstaller.exe
DivXWebPlayerInstaller.exe
DivXWebPlayerInstaller.exe
dxaD330.tmp
WRX
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created mutexes
Opened mutexes
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications