× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 99b78fa76d098204fe83b2a5fde0535b67b2aa5f84e60a487b9e149a46bb45d1
File name: 439984
Detection ratio: 0 / 55
Analysis date: 2016-02-06 12:16:03 UTC ( 2 years, 4 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160206
AegisLab 20160206
Yandex 20160205
AhnLab-V3 20160206
Alibaba 20160204
ALYac 20160206
Antiy-AVL 20160206
Arcabit 20160206
Avast 20160206
AVG 20160206
Avira (no cloud) 20160206
Baidu-International 20160206
BitDefender 20160206
Bkav 20160204
ByteHero 20160206
CAT-QuickHeal 20160206
ClamAV 20160204
CMC 20160205
Comodo 20160206
Cyren 20160206
DrWeb 20160206
Emsisoft 20160206
ESET-NOD32 20160206
F-Prot 20160129
F-Secure 20160206
Fortinet 20160206
GData 20160206
Ikarus 20160206
Jiangmin 20160206
K7AntiVirus 20160206
K7GW 20160206
Kaspersky 20160206
Malwarebytes 20160206
McAfee 20160206
McAfee-GW-Edition 20160206
Microsoft 20160206
eScan 20160206
NANO-Antivirus 20160206
nProtect 20160205
Panda 20160206
Qihoo-360 20160206
Rising 20160206
Sophos AV 20160206
SUPERAntiSpyware 20160206
Symantec 20160205
Tencent 20160206
TheHacker 20160206
TotalDefense 20160206
TrendMicro 20160206
TrendMicro-HouseCall 20160206
VBA32 20160204
VIPRE 20160206
ViRobot 20160206
Zillya 20160206
Zoner 20160206
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Signature verification Certificate out of its validity period
Signers
[+] Perception
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer StartCom Class 2 Primary Intermediate Object CA
Valid from 5:21 AM 1/14/2011
Valid to 7:04 PM 1/14/2013
Valid usage Code Signing, 1.3.6.1.4.1.311.2.1.21, 1.3.6.1.4.1.311.2.1.22, Lifetime Signing
Algorithm sha1RSA
Thumbprint 8C935B779F87A7C707F60C9FA91927873E37FC4F
Serial number 02 6E
[+] StartCom Class 2 Primary Intermediate Object CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer StartCom Certification Authority
Valid from 11:01 PM 10/24/2007
Valid to 11:01 PM 10/24/2017
Valid usage All
Algorithm sha1RSA
Thumbprint D893C4F678F891F2823CD078AA5E1C48FD1DA225
Serial number 24
[+] StartCom Certification Authority
Status Valid
Issuer StartCom Certification Authority
Valid from 8:46 PM 9/17/2006
Valid to 8:46 PM 9/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbprint 3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F
Serial number 01
Counter signers
[+] COMODO Time Stamping Signer
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer UTN-USERFirst-Object
Valid from 1:00 AM 5/10/2010
Valid to 12:59 AM 5/11/2015
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 3DBB6DB5085C6DD5A1CA7F9CF84ECB1A3910CAC8
Serial number 47 8A 8E FB 59 E1 D8 3F 0C E1 42 D2 A2 87 07 BE
[+] UTN-USERFirst-Object
Status Valid
Issuer AddTrust External CA Root
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm sha1RSA
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] The USERTrust Network™
Status Valid
Issuer AddTrust External CA Root
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Packers identified
PEiD BobSoft Mini Delphi -> BoB / BobSoft
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x000F0404
Number of sections 8
PE sections
Overlays
MD5 7af2d9993fef32f92fbe5d041171f55b
File type data
Offset 1206272
Size 1079688
Entropy 7.87
PE imports
GetRandomRgn
RegDeleteKeyA
LookupAccountNameA
RegFlushKey
RegCloseKey
OpenServiceA
CloseServiceHandle
QueryServiceStatus
RegQueryValueExA
OpenSCManagerW
RegSetValueExA
ControlService
StartServiceA
RegEnumValueA
RegCreateKeyExA
DeleteService
RegOpenKeyExA
RegDeleteValueA
OpenSCManagerA
RegEnumKeyExA
RegQueryInfoKeyA
CreateServiceW
ImageList_BeginDrag
ImageList_SetBkColor
InitCommonControls
ImageList_SetDragCursorImage
ImageList_Read
ImageList_GetDragImage
ImageList_Create
ImageList_DragMove
ImageList_DrawEx
ImageList_SetIconSize
ImageList_Write
ImageList_GetImageCount
ImageList_Destroy
ImageList_Draw
ImageList_GetIconSize
ImageList_DragLeave
ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_Add
ImageList_DragShowNolock
ImageList_Remove
ImageList_EndDrag
SetMapMode
GetWindowOrgEx
SetTextAlign
GetPaletteEntries
CombineRgn
GetTextExtentPointA
SetPixel
IntersectClipRect
CopyEnhMetaFileA
CreatePalette
CreateDIBitmap
GetDIBits
GetEnhMetaFileBits
GetDCOrgEx
StretchBlt
StretchDIBits
GetTextMetricsA
SetBkColor
SetWinMetaFileBits
GetBkColor
GetDIBColorTable
DeleteEnhMetaFile
GetSystemPaletteEntries
OffsetRgn
GetCurrentPositionEx
CreateFontIndirectA
CreateRectRgnIndirect
LPtoDP
GetPixel
GetBrushOrgEx
ExcludeClipRect
SetBkMode
BitBlt
GetDeviceCaps
CreateBrushIndirect
SelectPalette
SetROP2
SetDIBColorTable
GetTextColor
DeleteObject
CreatePenIndirect
PatBlt
CreatePen
SetStretchBltMode
Rectangle
GetObjectA
LineTo
DeleteDC
GetMapMode
RealizePalette
CreatePatternBrush
SetEnhMetaFileBits
CreateBitmap
RectVisible
GetStockObject
PlayEnhMetaFile
UnrealizeObject
GdiFlush
SelectClipRgn
RoundRect
GetTextAlign
GetTextExtentPoint32A
GetWinMetaFileBits
GetEnhMetaFileHeader
SetWindowOrgEx
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
CreateHalftonePalette
SaveDC
MaskBlt
GetEnhMetaFilePaletteEntries
RestoreDC
GetBitmapBits
CreateDIBSection
SetTextColor
GetClipBox
GetCurrentObject
MoveToEx
SetViewportOrgEx
ExtTextOutW
CreateCompatibleDC
SetBrushOrgEx
CreateRectRgn
SelectObject
CreateSolidBrush
Polyline
CreateCompatibleBitmap
SetThreadLocale
GetStdHandle
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetLocaleInfoA
LocalAlloc
SetErrorMode
GetLogicalDrives
WideCharToMultiByte
GetDiskFreeSpaceW
WriteFile
GetDiskFreeSpaceA
SetFileAttributesA
SetEvent
LocalFree
ResumeThread
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
SetFileAttributesW
GetStringTypeExA
DeviceIoControl
GetModuleFileNameW
Beep
GlobalFindAtomA
ExitProcess
GetModuleFileNameA
EnumCalendarInfoA
LoadLibraryExA
SetThreadPriority
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
FindNextChangeNotification
GetModuleHandleA
CreateThread
GetExitCodeThread
GlobalAddAtomA
MulDiv
ExitThread
FindCloseChangeNotification
GlobalAlloc
SetEndOfFile
GetVersion
InterlockedIncrement
EnterCriticalSection
lstrcmpiA
FreeLibrary
GetTickCount
GetVersionExA
LoadLibraryA
RtlUnwind
GlobalSize
GetStartupInfoA
GetDateFormatA
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
CreateDirectoryW
DeleteFileW
GetProcAddress
CompareStringW
GlobalReAlloc
RemoveDirectoryW
FindFirstFileA
lstrcpyA
ResetEvent
FindFirstFileW
WaitForMultipleObjects
GlobalLock
RemoveDirectoryA
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
LeaveCriticalSection
GetLastError
GlobalDeleteAtom
FindFirstChangeNotificationA
GetSystemInfo
lstrlenA
GlobalFree
GetThreadLocale
GlobalUnlock
VirtualQuery
lstrlenW
CreateProcessW
FileTimeToLocalFileTime
SizeofResource
CompareFileTime
GetCurrentProcessId
LockResource
GetCommandLineW
GetCPInfo
GetCommandLineA
SuspendThread
RaiseException
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetACP
GetCurrentThreadId
FreeResource
VirtualFree
Sleep
FindResourceA
VirtualAlloc
CompareStringA
CreateStreamOnHGlobal
OleUninitialize
CoUninitialize
CreateDataAdviseHolder
OleInitialize
ReleaseStgMedium
RegisterDragDrop
CoCreateInstance
DoDragDrop
RevokeDragDrop
OleGetClipboard
CoInitialize
OleSetClipboard
CoTaskMemAlloc
CreateErrorInfo
VariantCopy
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayPtrOfIndex
SysAllocStringLen
VariantCopyInd
VariantClear
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
SetErrorInfo
SafeArrayRedim
GetErrorInfo
SysFreeString
SafeArrayPutElement
VariantInit
VariantChangeTypeEx
SHGetFileInfoA
ShellExecuteExA
SHChangeNotify
SHFileOperationW
ShellExecuteW
CommandLineToArgvW
SHGetSpecialFolderLocation
SHGetDataFromIDListA
SHGetDesktopFolder
SHGetSpecialFolderPathW
SHGetMalloc
ShellExecuteA
SHFileOperationA
RedrawWindow
GetMessagePos
SetWindowRgn
CharLowerBuffA
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
SetMenuItemInfoA
CharUpperBuffA
WindowFromPoint
DrawIcon
CharUpperBuffW
CopyImage
SetActiveWindow
GetMenuItemID
GetCursorPos
ReleaseDC
GetClassInfoA
SendMessageW
UnregisterClassA
SendMessageA
UnregisterClassW
GetClientRect
ToAscii
DrawTextW
SetScrollPos
CallNextHookEx
IsClipboardFormatAvailable
GetKeyboardState
ClientToScreen
GetTopWindow
ShowCursor
GetWindowTextW
EnumClipboardFormats
LockWindowUpdate
GetWindowTextLengthW
MsgWaitForMultipleObjects
ScrollWindow
GetWindowTextA
GetKeyState
PtInRect
GetMessageA
GetParent
UpdateWindow
SetPropA
EqualRect
EnumWindows
DefMDIChildProcA
ShowWindow
SetClassLongA
GetPropA
GetMenuState
GetClipboardFormatNameA
DestroyIcon
TranslateMDISysAccel
EnableWindow
SetWindowPlacement
PeekMessageA
ScrollDC
GetClipboardData
TranslateMessage
IsWindowEnabled
GetWindow
ActivateKeyboardLayout
RegisterClassW
InsertMenuItemA
CreatePopupMenu
GetIconInfo
LoadStringA
SetClipboardData
CharLowerA
IsZoomed
GetWindowPlacement
GetKeyboardLayoutList
DrawMenuBar
IsIconic
RegisterClassA
TrackPopupMenuEx
GetWindowLongA
SetTimer
OemToCharA
GetActiveWindow
ShowOwnedPopups
FillRect
EnumThreadWindows
CharNextA
GetSysColorBrush
IsWindowUnicode
CreateWindowExW
GetWindowLongW
GetUpdateRect
DestroyWindow
IsChild
IsDialogMessageA
SetFocus
CreateWindowExA
MapVirtualKeyA
DrawEdge
SetCapture
BeginPaint
OffsetRect
DefWindowProcW
GetScrollPos
KillTimer
RegisterWindowMessageA
DefWindowProcA
DrawFocusRect
MapWindowPoints
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
PostMessageA
ReleaseCapture
GetScrollRange
SetWindowLongA
PostMessageW
GetMenuItemCount
RemovePropA
SetWindowTextA
ShowCaret
GetSubMenu
GetLastActivePopup
DrawIconEx
SetWindowTextW
GetDCEx
BringWindowToTop
ScreenToClient
InsertMenuA
LoadCursorA
LoadIconA
TrackPopupMenu
SetWindowsHookExA
GetMenuStringA
BeginDeferWindowPos
ValidateRect
GetKeyboardLayout
GetSystemMenu
GetDC
CheckMenuItem
SetForegroundWindow
PostThreadMessageA
OpenClipboard
EmptyClipboard
DrawTextA
IntersectRect
GetScrollInfo
HideCaret
CreateIcon
GetCapture
WaitMessage
FindWindowA
MessageBeep
RemoveMenu
GetWindowThreadProcessId
DeferWindowPos
ShowScrollBar
MessageBoxW
GetMenu
DrawFrameControl
UnhookWindowsHookEx
RegisterClipboardFormatA
MoveWindow
CallWindowProcA
MessageBoxA
GetClassNameA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
LoadKeyboardLayoutA
GetSysColor
SetScrollInfo
GetMenuItemInfoA
EndDeferWindowPos
SystemParametersInfoA
EnableMenuItem
GetKeyNameTextA
IsWindowVisible
GetDesktopWindow
SubtractRect
WinHelpA
UnionRect
FrameRect
SetRect
DeleteMenu
InvalidateRect
DefFrameProcA
CallWindowProcW
GetClassNameW
GetClassInfoW
IsRectEmpty
GetCursor
GetFocus
CreateMenu
CloseClipboard
GetKeyboardType
SetMenu
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
timeEndPeriod
timeGetTime
timeBeginPeriod
Number of PE resources by type
RT_BITMAP 40
RT_GROUP_CURSOR 19
RT_CURSOR 19
RT_STRING 16
RT_RCDATA 5
RT_ICON 4
RT_DIALOG 1
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 82
GERMAN 12
ENGLISH US 12
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
980480

LinkerVersion
2.25

FileTypeExtension
exe

InitializedDataSize
224768

SubsystemVersion
4.0

EntryPoint
0xf0404

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 469e78bc5d58c4a51bc67592d71737c1
SHA1 e0fe5e864110ea340a2c2719b1020f3aad25d40c
SHA256 99b78fa76d098204fe83b2a5fde0535b67b2aa5f84e60a487b9e149a46bb45d1
ssdeep
49152:xa+XEjEQqp2uMt63OHcTlMyfc0SxsGzMlj:xa8EnA2uMty9TUByB

authentihash 58c882e21a09d2d0e3de9e862615eb7517531f2fcfd42843661c28d39bbb9212
imphash f0dfbfd4809e0381910a6c9d0b710c25
File size 2.2 MB ( 2285960 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (51.9%)
Win32 Executable Delphi generic (17.0%)
Windows screen saver (15.7%)
Win32 Executable (generic) (5.4%)
Win16/32 Executable Delphi generic (2.4%)
Tags
bobsoft peexe signed overlay

VirusTotal metadata
First submission 2012-04-03 05:47:25 UTC ( 6 years, 2 months ago )
Last submission 2018-01-16 17:18:33 UTC ( 5 months ago )
File names rapidui.exe
pff1_0.exe
99B78FA76D098204FE83B2A5FDE0535B67B2AA5F84E60A487B9E149A46BB45D1.exe
pff1_0.exe
pff1_0.exe
439984
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!