× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 93853a6ea725b63fb129352aee5f6f650648fcfcfa4c5b02cc88c4df529343a1
File name: BTWDIns
Detection ratio: 0 / 57
Analysis date: 2016-05-19 09:25:54 UTC ( 2 years, 10 months ago )
Antivirus Result Update
Ad-Aware 20160519
AegisLab 20160519
AhnLab-V3 20160519
Alibaba 20160516
ALYac 20160519
Antiy-AVL 20160519
Arcabit 20160519
Avast 20160519
AVG 20160519
Avira (no cloud) 20160519
AVware 20160519
Baidu 20160519
Baidu-International 20160519
BitDefender 20160519
Bkav 20160518
CAT-QuickHeal 20160518
ClamAV 20160519
CMC 20160516
Comodo 20160519
Cyren 20160519
DrWeb 20160519
Emsisoft 20160519
ESET-NOD32 20160519
F-Prot 20160519
F-Secure 20160519
Fortinet 20160519
GData 20160519
Ikarus 20160519
Jiangmin 20160519
K7AntiVirus 20160519
K7GW 20160519
Kaspersky 20160519
Kingsoft 20160519
Malwarebytes 20160519
McAfee 20160519
McAfee-GW-Edition 20160519
Microsoft 20160518
eScan 20160519
NANO-Antivirus 20160519
nProtect 20160518
Panda 20160518
Qihoo-360 20160519
Rising 20160519
Sophos AV 20160519
SUPERAntiSpyware 20160519
Symantec 20160519
Tencent 20160519
TheHacker 20160519
TotalDefense 20160519
TrendMicro 20160519
TrendMicro-HouseCall 20160519
VBA32 20160518
VIPRE 20160519
ViRobot 20160519
Yandex 20160518
Zillya 20160518
Zoner 20160519
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 2000-2010, Broadcom Corporation.

Product Bluetooth Software
Original name BTWDIns.EXE
Internal name BTWDIns
File version 6.3.0.7300
Description Bluetooth Support Server
Signature verification A certificate was explicitly revoked by its issuer.
Signing date 10:39 AM 5/19/2016
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-12-10 22:28:20
Entry Point 0x00034E1E
Number of sections 4
PE sections
Overlays
MD5 d0eb08e4f3b7c88ccd84d2c3c197f778
File type data
Offset 651264
Size 5408
Entropy 7.21
PE imports
RegCreateKeyExW
RegDeleteKeyA
RegOpenCurrentUser
RegCloseKey
RegDeleteKeyW
DuplicateTokenEx
CopySid
RegQueryValueExA
RegEnumValueW
ReportEventW
OpenServiceW
AdjustTokenPrivileges
ControlService
CryptEncrypt
ControlTraceW
RegEnumKeyW
RegCreateKeyExA
DeleteService
InitiateSystemShutdownExW
CryptGetUserKey
CryptImportKey
StartTraceW
ChangeServiceConfig2W
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegisterEventSourceW
OpenProcessToken
DeregisterEventSource
QueryServiceStatus
CryptDestroyKey
SetServiceStatus
RegOpenKeyExW
RegQueryValueExW
CryptExportKey
RegOpenKeyExA
RegDeleteValueA
CryptGenKey
CreateServiceW
EnableTrace
GetTokenInformation
CryptSetProvParam
CryptReleaseContext
GetUserNameW
IsValidSid
RegQueryInfoKeyW
RegEnumKeyExW
CryptAcquireContextW
CloseServiceHandle
GetLengthSid
CryptDecrypt
CreateProcessAsUserW
OpenThreadToken
RegDeleteValueW
RevertToSelf
StartServiceW
RegDeleteKeyExA
RegSetValueExW
OpenSCManagerW
ImpersonateLoggedOnUser
InitializeSecurityDescriptor
RegisterServiceCtrlHandlerExW
RegSetValueExA
StartServiceCtrlDispatcherW
RegEnumValueA
LookupPrivilegeValueW
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
RegNotifyChangeKeyValue
GetStdHandle
GetConsoleOutputCP
GetOverlappedResult
SetEvent
HeapDestroy
GetLocalTime
FreeEnvironmentStringsA
DisconnectNamedPipe
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
WaitForSingleObject
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetExitCodeProcess
LocalFree
ConnectNamedPipe
CreateEventW
LoadResource
FindClose
TlsGetValue
CancelIo
OutputDebugStringA
GetEnvironmentVariableW
SetLastError
GetSystemTime
DeviceIoControl
InterlockedDecrement
CopyFileW
OutputDebugStringW
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
lstrcmpiW
EnumSystemLocalesA
SetConsoleCtrlHandler
GetUserDefaultLCID
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
FatalAppExitA
SetFilePointer
CreateThread
GetSystemDirectoryW
DeleteCriticalSection
SetUnhandledExceptionFilter
MulDiv
ExitThread
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
CreateToolhelp32Snapshot
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
CallNamedPipeA
GetVersionExA
LoadLibraryA
RtlUnwind
TlsAlloc
GetStartupInfoA
GetDateFormatA
GetWindowsDirectoryW
OpenProcess
GetStartupInfoW
WaitForMultipleObjects
GetProcessHeap
CompareStringW
lstrcpyW
ExpandEnvironmentStringsW
FindNextFileW
WTSGetActiveConsoleSessionId
GetTimeFormatA
ResetEvent
FindFirstFileW
IsValidLocale
lstrcmpW
GetProcAddress
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
InitializeCriticalSection
SystemTimeToFileTime
LCMapStringW
CreateNamedPipeW
lstrlenA
GetConsoleCP
FindResourceW
LCMapStringA
GetThreadLocale
GetEnvironmentStringsW
lstrlenW
Process32NextW
VirtualFree
SizeofResource
CompareFileTime
GetCurrentProcessId
LockResource
ProcessIdToSessionId
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
Process32FirstW
GetCurrentThread
RaiseException
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetModuleHandleW
FindResourceExW
GetEnvironmentStrings
IsValidCodePage
HeapCreate
OpenEventW
CreateProcessW
Sleep
SetThreadPriority
VirtualAlloc
GetOEMCP
CompareStringA
VarUI4FromStr
SysStringLen
UnRegisterTypeLib
RegisterTypeLib
SysAllocString
LoadTypeLib
SysFreeString
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
CM_Get_DevNode_Registry_PropertyW
CM_Get_Sibling
CM_Get_Device_IDA
CM_Get_Parent
SetupDiGetDeviceInstanceIdA
SetupDiSetClassInstallParamsW
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsW
CM_Get_Device_IDW
SetupDiOpenDevRegKey
CM_Get_Child
SetupDiDestroyDeviceInfoList
CM_Locate_DevNodeW
SetupDiEnumDeviceInfo
SetupDiSetClassInstallParamsA
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status
SetupDiGetDeviceInstanceIdW
SetupDiCallClassInstaller
SHGetSpecialFolderPathW
ShellExecuteExW
SetFocus
GetForegroundWindow
GetParent
wsprintfW
PostQuitMessage
SetClassLongW
EnumWindows
DefWindowProcW
FindWindowW
CheckRadioButton
KillTimer
GetMessageW
ShowWindow
IsWindowEnabled
SetWindowPos
wvsprintfW
CloseDesktop
GetSystemMetrics
MessageBoxW
PeekMessageW
GetWindowRect
EnableWindow
UpdateWindow
OpenWindowStationW
EnumChildWindows
RegisterDeviceNotificationW
SetProcessWindowStation
mouse_event
SetThreadDesktop
PostMessageW
SetDlgItemTextW
DispatchMessageW
CreateDialogParamW
GetWindowThreadProcessId
CheckDlgButton
SendMessageW
UnregisterClassA
OpenDesktopW
IsWindowVisible
LoadStringW
GetDlgItem
BringWindowToTop
IsWindow
GetThreadDesktop
GetProcessWindowStation
CloseWindowStation
SetTimer
CallWindowProcW
GetClassNameW
PostThreadMessageW
GetWindowTextW
SetActiveWindow
GetDesktopWindow
UnregisterDeviceNotification
FindWindowExW
CreateWindowExW
GetWindowLongW
CharNextW
DestroyWindow
ExpandEnvironmentStringsForUserW
socket
WSALookupServiceBeginW
bind
WSALookupServiceEnd
ntohl
WSAAddressToStringW
WSAStartup
WSACleanup
getsockname
sendto
WSASetServiceW
closesocket
WSALookupServiceNextW
WSAGetLastError
WTSQuerySessionInformationW
WTSQueryUserToken
WTSSendMessageW
BluetoothFindFirstRadio
BluetoothFindRadioClose
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoRevokeClassObject
CoTaskMemRealloc
CoCreateInstance
CoInitializeSecurity
CoRegisterClassObject
CoTaskMemFree
StringFromGUID2
Number of PE resources by type
RT_ICON 9
RT_DIALOG 5
TYPELIB 1
RT_MANIFEST 1
RT_STRING 1
REGISTRY 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 14
NEUTRAL SYS DEFAULT 2
CHINESE TRADITIONAL 1
CHINESE SIMPLIFIED 1
JAPANESE DEFAULT 1
KOREAN 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
237568

ImageVersion
0.0

ProductName
Bluetooth Software

FileVersionNumber
6.3.0.7300

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Bluetooth Support Server

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
BTWDIns.EXE

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6.3.0.7300

TimeStamp
2010:12:10 23:28:20+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
BTWDIns

ProductVersion
6.3.0.7300

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2000-2010, Broadcom Corporation.

MachineType
Intel 386 or later, and compatibles

CompanyName
Broadcom Corporation.

CodeSize
409600

FileSubtype
0

ProductVersionNumber
6.3.0.7300

EntryPoint
0x34e1e

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 498005d55c0174970c8ef7c2b7d4a301
SHA1 70e287a34c9b00bb689091510ec8dfbcc48a7895
SHA256 93853a6ea725b63fb129352aee5f6f650648fcfcfa4c5b02cc88c4df529343a1
ssdeep
6144:Zvlyn+hoguo6OMuar7yUnSQq7fGGbkFubxRdFVP7zPGbo7QVg7g6GvfmRe:ZvlynooguxX3y5OGbjVF57C0QfmRe

authentihash 912b2b4a0be1e513ac5ec2e1c422be01526fa2c9694ed9281963887933fe0b83
imphash fd4d65d86c4ca04c1ad1636e8f44de2b
File size 641.3 KB ( 656672 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe overlay

VirusTotal metadata
First submission 2011-04-01 08:32:21 UTC ( 7 years, 11 months ago )
Last submission 2011-05-15 17:36:20 UTC ( 7 years, 10 months ago )
File names btwdins.exe
btwdins.exe
btwdins.exe
9BB5F9DF2041E89C05100AE2BDCF5200AF1C6466.exe
file-2244233_exe
BTWDIns.EXE
btwdins.exe
BTWDIns
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!