× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 96aa6535562e8a03b08f95544d3d66b0b994c4a38098b35d56d91d8aa937612a
File name: MarkdownMonster.exe
Detection ratio: 0 / 64
Analysis date: 2017-07-12 16:46:07 UTC ( 4 months, 1 week ago )
Antivirus Result Update
Ad-Aware 20170712
AegisLab 20170712
AhnLab-V3 20170712
Alibaba 20170712
ALYac 20170712
Antiy-AVL 20170712
Arcabit 20170712
Avast 20170712
AVG 20170712
Avira (no cloud) 20170712
AVware 20170712
Baidu 20170712
BitDefender 20170712
Bkav 20170712
CAT-QuickHeal 20170712
ClamAV 20170712
CMC 20170712
Comodo 20170712
CrowdStrike Falcon (ML) 20170420
Cylance 20170712
Cyren 20170712
DrWeb 20170712
Emsisoft 20170712
Endgame 20170706
ESET-NOD32 20170712
F-Prot 20170712
F-Secure 20170712
Fortinet 20170629
GData 20170712
Ikarus 20170712
Sophos ML 20170607
Jiangmin 20170712
K7AntiVirus 20170712
K7GW 20170712
Kaspersky 20170712
Kingsoft 20170712
Malwarebytes 20170712
MAX 20170712
McAfee 20170712
McAfee-GW-Edition 20170712
Microsoft 20170712
eScan 20170712
NANO-Antivirus 20170712
nProtect 20170712
Palo Alto Networks (Known Signatures) 20170712
Panda 20170712
Qihoo-360 20170712
Rising 20170712
SentinelOne (Static ML) 20170516
Sophos AV 20170712
SUPERAntiSpyware 20170712
Symantec 20170712
Symantec Mobile Insight 20170712
Tencent 20170712
TheHacker 20170712
TotalDefense 20170712
TrendMicro 20170712
TrendMicro-HouseCall 20170712
Trustlook 20170712
VBA32 20170712
VIPRE 20170712
ViRobot 20170712
Webroot 20170712
WhiteArmor 20170706
Yandex 20170712
Zillya 20170712
ZoneAlarm by Check Point 20170712
Zoner 20170712
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © West Wind Technologies, 2016-2017

Product West West Wind Markdown Monster
Original name MarkdownMonster.exe
Internal name MarkdownMonster.exe
File version 1.4.0.0
Description Markdown Monster
Comments A monstrous Markdown Editor for Windows
Signature verification Signed file, verified signature
Signing date 8:06 PM 6/12/2017
Signers
[+] West Wind Technologies
Status Valid
Issuer COMODO RSA Code Signing CA
Valid from 1:00 AM 10/21/2016
Valid to 12:59 AM 10/4/2017
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 1122B78410355E9CA19753D0CA5E0E98D628A58E
Serial number 44 E0 84 C4 E8 C3 66 76 D9 90 D4 BE BC 37 BA 74
[+] COMODO RSA Code Signing CA
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 5/9/2013
Valid to 12:59 AM 5/9/2028
Valid usage Code Signing
Algorithm sha384RSA
Thumbprint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
[+] COMODO SECURE?
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 1/19/2010
Valid to 12:59 AM 1/19/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha384RSA
Thumbprint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
Counter signers
[+] DigiCert SHA2 Timestamp Responder
Status Valid
Issuer DigiCert SHA2 Assured ID Timestamping CA
Valid from 1:00 AM 1/4/2017
Valid to 1:00 AM 1/18/2028
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 400191475C98891DEBA104AF47091B5EB6D4CBCB
Serial number 09 C0 FC 46 C8 04 42 13 B5 59 8B AF 28 4F 4E 41
[+] DigiCert SHA2 Assured ID Timestamping CA
Status Valid
Issuer DigiCert Assured ID Root CA
Valid from 1:00 PM 1/7/2016
Valid to 1:00 PM 1/7/2031
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 3BA63A6E4841355772DEBEF9CDCF4D5AF353A297
Serial number 0A A1 25 D6 D6 32 1B 7E 41 E4 05 DA 36 97 C2 15
[+] DigiCert
Status Valid
Issuer DigiCert Assured ID Root CA
Valid from 1:00 AM 11/10/2006
Valid to 1:00 AM 11/10/2031
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha1RSA
Thumbrint 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Serial number 0C E7 E0 E5 17 D8 46 FE 8F E5 60 FC 1B F0 30 39
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-06-12 19:05:42
Entry Point 0x000E7E1E
Number of sections 3
.NET details
Module Version ID 10c25bad-4e75-469c-8c14-030fd0a91436
TypeLib ID bd3f23c0-d43e-11cf-893b-00aa00bdce1a
PE sections
Overlays
MD5 845f73c49a6d3d27240b555781643f97
File type data
Offset 1291264
Size 7384
Entropy 7.32
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.0

Comments
A monstrous Markdown Editor for Windows

LinkerVersion
48.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.4.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Markdown Monster

CharacterSet
Unicode

InitializedDataSize
348672

EntryPoint
0xe7e1e

OriginalFileName
MarkdownMonster.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright West Wind Technologies, 2016-2017

FileVersion
1.4.0.0

TimeStamp
2017:06:12 20:05:42+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MarkdownMonster.exe

ProductVersion
1.4.0.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
West Wind Technologies

CodeSize
942080

ProductName
West West Wind Markdown Monster

ProductVersionNumber
1.4.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.4.0.0

Compressed bundles
File identification
MD5 6090b6ceb706872e6138edc4d7d7ab81
SHA1 7ba758939261b0b599667b8457812868f5d9afde
SHA256 96aa6535562e8a03b08f95544d3d66b0b994c4a38098b35d56d91d8aa937612a
ssdeep
12288:0rWcKTSehPEYpBWzkolFkwpFfwfrMAf+frMyoacp+Q:0JJetEYXQfwfrMAf+frMmQ

authentihash 1d48a210790225523663f928d6187c518d90168e0290e6e690bf86d1a5fa7a80
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 1.2 MB ( 1298648 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 Mono/.Net assembly

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.4%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe assembly signed overlay

VirusTotal metadata
First submission 2017-06-12 20:09:26 UTC ( 5 months, 1 week ago )
Last submission 2017-07-12 16:46:07 UTC ( 4 months, 1 week ago )
File names MarkdownMonster.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!