× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 932729082df71d44b10936dc545ef2d4812e23669434ebabab3de2be08801787
File name: LiquidStudio2018.exe
Detection ratio: 0 / 66
Analysis date: 2018-05-14 06:00:04 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware 20180514
AegisLab 20180514
AhnLab-V3 20180513
Alibaba 20180514
ALYac 20180514
Antiy-AVL 20180514
Arcabit 20180514
Avast 20180514
Avast-Mobile 20180513
AVG 20180514
Avira (no cloud) 20180513
AVware 20180428
Babable 20180406
Baidu 20180511
BitDefender 20180514
Bkav 20180514
CAT-QuickHeal 20180514
ClamAV 20180514
CMC 20180513
Comodo 20180514
CrowdStrike Falcon (ML) 20180418
Cybereason None
Cylance 20180514
Cyren 20180514
eGambit 20180514
Emsisoft 20180514
Endgame 20180507
ESET-NOD32 20180514
F-Prot 20180514
F-Secure 20180514
Fortinet 20180514
GData 20180514
Ikarus 20180513
Sophos ML 20180503
Jiangmin 20180514
K7AntiVirus 20180513
K7GW 20180514
Kaspersky 20180514
Kingsoft 20180514
Malwarebytes 20180514
MAX 20180514
McAfee 20180514
McAfee-GW-Edition 20180514
Microsoft 20180514
eScan 20180514
NANO-Antivirus 20180514
nProtect 20180514
Palo Alto Networks (Known Signatures) 20180514
Panda 20180513
Qihoo-360 20180514
Rising 20180514
SentinelOne (Static ML) 20180225
Sophos AV 20180514
SUPERAntiSpyware 20180513
Symantec 20180513
Symantec Mobile Insight 20180511
Tencent 20180514
TheHacker 20180509
TotalDefense 20180514
TrendMicro 20180514
TrendMicro-HouseCall 20180514
Trustlook 20180514
VBA32 20180511
VIPRE 20180514
ViRobot 20180514
Webroot 20180514
Yandex 20180513
Zillya 20180511
ZoneAlarm by Check Point 20180514
Zoner 20180513
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
All rights reserved

Product Liquid Studio 2018
File version 16.1.0.8382
Description Liquid Studio 2018 Installation
Comments This installation was built with InstallAware: http://www.installaware.com
Signature verification Signed file, verified signature
Signing date 11:04 AM 5/3/2018
Signers
[+] Liquid Technologies Limited
Status Valid
Issuer thawte SHA256 Code Signing CA
Valid from 1:00 AM 3/10/2017
Valid to 12:59 AM 4/21/2020
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 120E8ACF451895508AAC6520B97A6DF70821041C
Serial number 04 A0 F1 7A E2 9D 9F 53 3F 6D AE D1 CC 31 97 D5
[+] thawte SHA256 Code Signing CA
Status Valid
Issuer thawte Primary Root CA
Valid from 1:00 AM 12/10/2013
Valid to 12:59 AM 12/10/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint D00CFDBF46C98A838BC10DC4E097AE0152C461BC
Serial number 71 A0 B7 36 95 DD B1 AF C2 3B 2B 9A 18 EE 54 CB
[+] thawte
Status Valid
Issuer thawte Primary Root CA
Valid from 1:00 AM 11/17/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 91C6D6EE3E8AC86384E548C299295C756C817B81
Serial number 34 4E D5 57 20 D5 ED EC 49 F4 2F CE 37 DB 2B 6D
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT 7Z
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-09-08 22:01:54
Entry Point 0x00021BD6
Number of sections 4
PE sections
Overlays
MD5 ce63e557b3b46e2141b13906c057afb5
File type data
Offset 414208
Size 3553280
Entropy 8.00
PE imports
RegCreateKeyExW
RegCloseKey
RegSetValueExW
GetObjectW
GetStdHandle
GetConsoleOutputCP
WaitForSingleObject
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
FormatMessageW
InitializeCriticalSection
FindClose
InterlockedDecrement
SetFileAttributesW
SetLastError
RemoveDirectoryW
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetFullPathNameW
CreateThread
SetUnhandledExceptionFilter
ExitThread
TerminateProcess
WriteConsoleA
SetCurrentDirectoryW
SetEndOfFile
GetVersion
LeaveCriticalSection
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
GetVersionExW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetWindowsDirectoryW
GetFileSize
GetModuleHandleW
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
GetTempFileNameW
GetModuleFileNameW
FindNextFileW
ResetEvent
FindFirstFileW
GetProcAddress
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LCMapStringW
GetShortPathNameW
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
lstrlenW
CreateProcessW
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetCurrentThreadId
IsValidCodePage
HeapCreate
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
SysAllocString
SysFreeString
VariantClear
SysAllocStringLen
SHGetFolderPathW
ShellExecuteExW
RegisterWindowMessageW
EndDialog
MoveWindow
KillTimer
ShowWindow
SetWindowLongW
MessageBoxW
PeekMessageW
GetWindowRect
CharUpperW
DialogBoxParamW
PostMessageW
SetDlgItemTextW
CreateDialogParamW
SendMessageW
LoadStringW
SetWindowTextW
GetDlgItem
SystemParametersInfoW
SetTimer
LoadImageW
AdjustWindowRect
IsDlgButtonChecked
GetWindowTextW
GetDesktopWindow
LoadIconW
GetWindowTextLengthW
GetWindowLongW
SetForegroundWindow
DestroyWindow
CoCreateInstance
CoInitialize
Number of PE resources by type
RT_STRING 105
RT_ICON 13
RT_DIALOG 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 19
HEBREW DEFAULT 3
SWEDISH 3
HUNGARIAN DEFAULT 3
VIETNAMESE DEFAULT 3
ESTONIAN DEFAULT 3
LITHUANIAN 3
FRENCH 3
CHINESE SIMPLIFIED 3
SLOVENIAN DEFAULT 3
DUTCH 3
PORTUGUESE 3
ITALIAN 3
CATALAN DEFAULT 3
FINNISH DEFAULT 3
PORTUGUESE BRAZILIAN 3
KOREAN 3
CZECH DEFAULT 3
BASQUE DEFAULT 3
LATVIAN DEFAULT 3
GERMAN 3
POLISH DEFAULT 3
JAPANESE DEFAULT 3
DANISH DEFAULT 3
SLOVAK DEFAULT 3
GREEK DEFAULT 3
TURKISH DEFAULT 3
NORWEGIAN BOKMAL 3
CHINESE TRADITIONAL 3
THAI DEFAULT 3
SERBIAN DEFAULT 3
ARABIC SAUDI ARABIA 3
NEUTRAL 3
SPANISH MODERN 3
ROMANIAN 3
RUSSIAN 3
PE resources
ExifTool file metadata
SubsystemVersion
5.0

Comments
This installation was built with InstallAware: http://www.installaware.com

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
16.1.0.8382

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Liquid Studio 2018 Installation

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
229888

EntryPoint
0x21bd6

MIMEType
application/octet-stream

LegalCopyright
All rights reserved

FileVersion
16.1.0.8382

TimeStamp
2015:09:08 23:01:54+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
16.1.0.838

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Liquid Technologies Limited

CodeSize
183296

ProductName
Liquid Studio 2018

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 a7231b2d992b21cf033265845c704166
SHA1 81ff84aec32f080544753b6c0106a048135867e0
SHA256 932729082df71d44b10936dc545ef2d4812e23669434ebabab3de2be08801787
ssdeep
98304:knZaLrOFNUEsqX7ZXlIQ6YhJskOcHHM+WCcB1SnnyrZFf:ZLrOL1rZXX6KROkM+nZeH

authentihash 2cfc049b26c4cbac74d7e92988573fceb79c94845d8072a54176cdb9e029b971
imphash eaefd1169420dcee9fef7c65aa268740
File size 3.8 MB ( 3967488 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (36.1%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win64 Executable (generic) (23.2%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.7%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2018-05-06 19:07:05 UTC ( 5 months, 2 weeks ago )
Last submission 2018-05-27 19:13:03 UTC ( 4 months, 3 weeks ago )
File names LiquidStudio2018.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Searched windows
Runtime DLLs