× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9bb20e89c47eb2cd3b6494082a3ed1d9e881b6a7a6bd338a22072bc3a20acdc7
File name: AgentFile
Detection ratio: 0 / 57
Analysis date: 2016-09-01 07:01:46 UTC ( 2 years ago )
Antivirus Result Update
Ad-Aware 20160901
AegisLab 20160901
AhnLab-V3 20160901
Alibaba 20160901
ALYac 20160901
Antiy-AVL 20160901
Arcabit 20160901
Avast 20160901
AVG 20160901
Avira (no cloud) 20160901
AVware 20160901
Baidu 20160901
BitDefender 20160901
Bkav 20160901
CAT-QuickHeal 20160831
ClamAV 20160901
CMC 20160901
Comodo 20160901
CrowdStrike Falcon (ML) 20160725
Cyren 20160901
DrWeb 20160901
Emsisoft 20160901
ESET-NOD32 20160901
F-Prot 20160901
F-Secure 20160901
Fortinet 20160901
GData 20160901
Ikarus 20160901
Sophos ML 20160830
Jiangmin 20160901
K7AntiVirus 20160901
K7GW 20160901
Kaspersky 20160901
Kingsoft 20160901
Malwarebytes 20160901
McAfee 20160901
McAfee-GW-Edition 20160901
Microsoft 20160901
eScan 20160901
NANO-Antivirus 20160901
nProtect 20160901
Panda 20160901
Qihoo-360 20160901
Rising 20160901
Sophos AV 20160901
SUPERAntiSpyware 20160831
Symantec 20160901
Tencent 20160901
TheHacker 20160829
TotalDefense 20160901
TrendMicro 20160901
TrendMicro-HouseCall 20160901
VBA32 20160831
VIPRE 20160831
ViRobot 20160901
Yandex 20160831
Zillya 20160901
Zoner 20160901
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright 2011 BlueStack Systems, Inc. All Rights Reserved.

Product BlueStacks
Original name HD-Agent.exe
Internal name HD-Agent.exe
File version 0.7.7.813
Description BlueStacks Agent
Signature verification Signed file, verified signature
Signing date 1:04 PM 10/25/2012
Signers
[+] Bluestack Systems
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 2/4/2012
Valid to 12:59 AM 3/22/2013
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 22D9A6E8EE52516D8BF1C029C8B3180E04CC66E5
Serial number 32 0E 40 B7 49 5D 08 40 E3 9F C0 C5 9C 37 A2 61
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] COMODO Time Stamping Signer
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer UTN-USERFirst-Object
Valid from 1:00 AM 5/10/2010
Valid to 12:59 AM 5/11/2015
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 3DBB6DB5085C6DD5A1CA7F9CF84ECB1A3910CAC8
Serial number 47 8A 8E FB 59 E1 D8 3F 0C E1 42 D2 A2 87 07 BE
[+] UTN-USERFirst-Object
Status Valid
Issuer AddTrust External CA Root
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm sha1RSA
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] The USERTrust Network?
Status Valid
Issuer AddTrust External CA Root
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-10-25 12:04:06
Entry Point 0x0003722E
Number of sections 3
.NET details
Module Version ID 804565a2-e5e9-407d-bf37-914f7d9f3d95
PE sections
Overlays
MD5 c38113add01284def1bff8477f829145
File type data
Offset 585728
Size 8056
Entropy 7.37
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 5
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

ProductName
BlueStacks

FileVersionNumber
0.7.7.813

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
BlueStacks Agent

CharacterSet
Unicode

InitializedDataSize
360448

FileTypeExtension
exe

OriginalFileName
HD-Agent.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
0.7.7.813

TimeStamp
2012:10:25 13:04:06+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
HD-Agent.exe

ProductVersion
0.7.7.813

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2011 BlueStack Systems, Inc. All Rights Reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
BlueStack Systems, Inc.

CodeSize
221184

FileSubtype
0

ProductVersionNumber
0.7.7.813

EntryPoint
0x3722e

ObjectFileType
Executable application

AssemblyVersion
0.7.7.813

File identification
MD5 77c1ada6b41dbd85101da3f9080f6315
SHA1 85bc37a90c4edb39efc83cdc4f2dda6d248edbfb
SHA256 9bb20e89c47eb2cd3b6494082a3ed1d9e881b6a7a6bd338a22072bc3a20acdc7
ssdeep
12288:7KjL0dz5a1wL+CQ4bWtWrnngnnnKnanxNYm:7Ks5a1XCQgWtWrnngnnnKnanxN3

authentihash c261b0ab14185052e381668f6d9ba41ec886619fbdef72c121d956596a121c2d
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 579.9 KB ( 593784 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
Win16/32 Executable Delphi generic (2.7%)
Tags
peexe assembly signed overlay

VirusTotal metadata
First submission 2012-11-05 07:03:49 UTC ( 5 years, 10 months ago )
Last submission 2016-06-04 08:55:39 UTC ( 2 years, 3 months ago )
File names 77C1ADA6B41DBD85101DA3F9080F6315
AgentFile
aa
hd-agent.exe
HD-Agent.exe
HD-Agent.exe
file-4894879_exe
hd-agent.exe
hd-agent.exe
HD-Agent.exe
HD-Agent.exe
HD-Agent.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!