× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 91e4c9f3754370aa7258e690df43d3bb882f33816078f131a10bd228dc387d73
File name: LSI-PS-SRDx-1.1.3.exe
Detection ratio: 0 / 68
Analysis date: 2018-07-11 13:21:40 UTC ( 1 week, 3 days ago ) View latest
Antivirus Result Update
Ad-Aware 20180711
AegisLab 20180711
AhnLab-V3 20180711
ALYac 20180711
Antiy-AVL 20180711
Arcabit 20180711
Avast 20180711
Avast-Mobile 20180711
AVG 20180711
Avira (no cloud) 20180710
AVware 20180711
Babable 20180406
Baidu 20180711
BitDefender 20180711
Bkav 20180711
CAT-QuickHeal 20180711
ClamAV 20180711
CMC 20180711
Comodo 20180711
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180711
Cyren 20180711
DrWeb 20180711
eGambit 20180711
Emsisoft 20180711
Endgame 20180711
ESET-NOD32 20180711
F-Prot 20180711
F-Secure 20180711
Fortinet 20180711
GData 20180711
Ikarus 20180711
Sophos ML 20180601
Jiangmin 20180711
K7AntiVirus 20180711
K7GW 20180711
Kaspersky 20180711
Kingsoft 20180711
Malwarebytes 20180711
MAX 20180711
McAfee 20180711
McAfee-GW-Edition 20180711
Microsoft 20180711
eScan 20180711
NANO-Antivirus 20180711
Palo Alto Networks (Known Signatures) 20180711
Panda 20180711
Qihoo-360 20180711
Rising 20180711
SentinelOne (Static ML) 20180701
Sophos AV 20180711
SUPERAntiSpyware 20180711
Symantec 20180711
TACHYON 20180711
Tencent 20180711
TheHacker 20180710
TotalDefense 20180711
TrendMicro 20180711
TrendMicro-HouseCall 20180711
Trustlook 20180711
VBA32 20180711
VIPRE 20180711
ViRobot 20180711
Webroot 20180711
Yandex 20180711
Zillya 20180710
ZoneAlarm by Check Point 20180711
Zoner 20180711
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
(c) 2018 LaserSoft Imaging AG. All rights reserved

Product LSI PS SRDx Installer
File version $VERSION
Description LSI PS SRDx Installer
Signature verification Signed file, verified signature
Signing date 7:54 AM 6/7/2018
Signers
[+] LaserSoft Imaging AG
Status Valid
Issuer Symantec Class 3 SHA256 Code Signing CA
Valid from 1:00 AM 6/22/2016
Valid to 12:59 AM 7/23/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 260CEB0AB8BC742E051816A05D6E25788260A0E8
Serial number 1F 5B 92 CA 08 92 7A D6 C7 01 06 5F C0 3F 25 36
[+] Symantec Class 3 SHA256 Code Signing CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 12/10/2013
Valid to 12:59 AM 12/10/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint 007790F6561DAD89B0BCD85585762495E358F8A5
Serial number 3D 78 D7 F9 76 49 60 B2 61 7D F4 F0 1E CA 86 2A
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT NSIS
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-12-11 21:50:55
Entry Point 0x00003334
Number of sections 5
PE sections
Overlays
MD5 aeefbed681cb8dc421e99031893ffb2b
File type data
Offset 155136
Size 3424576
Entropy 7.97
PE imports
RegCreateKeyExW
RegEnumValueW
RegCloseKey
OpenProcessToken
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
SetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
ImageList_Create
Ord(17)
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
CreateFontIndirectW
SelectObject
CreateBrushIndirect
SetBkMode
SetBkColor
DeleteObject
SetTextColor
SetFilePointer
GetLastError
CopyFileW
GetShortPathNameW
lstrlenA
GetModuleFileNameW
GlobalFree
WaitForSingleObject
GetExitCodeProcess
ExitProcess
GlobalUnlock
GetFileAttributesW
lstrlenW
GetCurrentProcess
CompareFileTime
GetWindowsDirectoryW
GetFileSize
SetFileTime
GetCommandLineW
WideCharToMultiByte
SetErrorMode
MultiByteToWideChar
CreateDirectoryW
DeleteFileW
GlobalLock
ReadFile
lstrcpyA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetTempFileNameW
lstrcpynW
RemoveDirectoryW
ExpandEnvironmentStringsW
lstrcpyW
GetFullPathNameW
lstrcmpiA
CreateThread
SetEnvironmentVariableW
MoveFileExW
GetModuleHandleA
GetSystemDirectoryW
GetDiskFreeSpaceW
FindNextFileW
GetTempPathW
CloseHandle
FindFirstFileW
lstrcmpW
GetModuleHandleW
lstrcatW
FreeLibrary
SearchPathW
lstrcmpiW
SetCurrentDirectoryW
WriteFile
CreateFileW
GlobalAlloc
CreateProcessW
FindClose
Sleep
MoveFileW
SetFileAttributesW
GetTickCount
GetVersion
GetProcAddress
LoadLibraryExW
MulDiv
SHBrowseForFolderW
SHFileOperationW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
EmptyClipboard
GetMessagePos
EndPaint
EndDialog
LoadBitmapW
SetClassLongW
DefWindowProcW
CharPrevW
PostQuitMessage
ShowWindow
SetWindowPos
SendMessageTimeoutW
GetSystemMetrics
SetWindowLongW
IsWindow
PeekMessageW
GetWindowRect
EnableWindow
SetWindowTextW
DialogBoxParamW
AppendMenuW
IsWindowEnabled
GetDlgItemTextW
MessageBoxIndirectW
GetSysColor
CheckDlgButton
DispatchMessageW
CreateWindowExW
CreateDialogParamW
ReleaseDC
BeginPaint
CreatePopupMenu
SendMessageW
SetClipboardData
GetWindowLongW
FindWindowExW
IsWindowVisible
DestroyWindow
GetClientRect
SetTimer
GetDlgItem
SetForegroundWindow
SystemParametersInfoW
LoadImageW
EnableMenuItem
ScreenToClient
InvalidateRect
wsprintfA
CharNextW
CallWindowProcW
TrackPopupMenu
RegisterClassW
FillRect
CharNextA
SetDlgItemTextW
LoadCursorW
GetSystemMenu
GetClassInfoW
GetDC
wsprintfW
CloseClipboard
DrawTextW
SetCursor
ExitWindowsEx
OpenClipboard
OleUninitialize
CoTaskMemFree
OleInitialize
CoCreateInstance
Number of PE resources by type
RT_ICON 9
RT_DIALOG 6
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 18
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
1.1.3.0

UninitializedDataSize
2048

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
186368

EntryPoint
0x3334

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
$VERSION

TimeStamp
2016:12:11 22:50:55+01:00

FileType
Win32 EXE

PEType
PE32

FileDescription
LSI PS SRDx Installer

OSVersion
4.0

FileOS
Win32

LegalCopyright
(c) 2018 LaserSoft Imaging AG. All rights reserved

MachineType
Intel 386 or later, and compatibles

CompanyName
LaserSoft Imaging AG

CodeSize
26112

ProductName
LSI PS SRDx Installer

ProductVersionNumber
1.1.3.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 3682486b6f9bad4fad9ace486fd7fb2d
SHA1 6a706338abd99b77b3e9a7761268c84305f575a6
SHA256 91e4c9f3754370aa7258e690df43d3bb882f33816078f131a10bd228dc387d73
ssdeep
98304:PNtI7qpkLLVYYfol6H2AjNC9d4P6cfZ8iG9zxC:PqGYfol4jNC8PPxtG9FC

authentihash ea4520d0128764da12b4f657af8b864afa21eb7670873c4d260f691c71b09974
imphash e2a592076b17ef8bfb48b7e03965a3fc
File size 3.4 MB ( 3579712 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
nsis peexe signed overlay

VirusTotal metadata
First submission 2018-06-20 17:39:44 UTC ( 1 month ago )
Last submission 2018-06-22 08:12:23 UTC ( 4 weeks, 1 day ago )
File names LSI-PS-SRDx-1.1.3.exe
LSI-PS-SRDx-1.1.3.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created mutexes
Runtime DLLs