× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a43c20bb941a2809c01f7752804bdd6c1abaffd28b76099986088abefd65fec8
File name: Transwiz.msi
Detection ratio: 0 / 57
Analysis date: 2018-10-31 08:11:50 UTC ( 2 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware 20181031
AegisLab 20181031
AhnLab-V3 20181031
Alibaba 20180921
ALYac 20181031
Antiy-AVL 20181031
Arcabit 20181031
Avast 20181031
Avast-Mobile 20181031
AVG 20181031
Avira (no cloud) 20181031
Babable 20180918
Baidu 20181031
BitDefender 20181031
Bkav 20181030
CAT-QuickHeal 20181028
ClamAV 20181031
CMC 20181031
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20181031
Cyren 20181031
DrWeb 20181031
eGambit 20181031
Emsisoft 20181031
Endgame 20180730
ESET-NOD32 20181031
F-Prot 20181031
F-Secure 20181031
Fortinet 20181031
GData 20181031
Ikarus 20181030
Sophos ML 20180717
Jiangmin 20181031
K7AntiVirus 20181031
K7GW 20181031
Kaspersky 20181031
Kingsoft 20181031
Malwarebytes 20181031
MAX 20181031
McAfee 20181031
McAfee-GW-Edition 20181031
Microsoft 20181031
eScan 20181031
NANO-Antivirus 20181031
Palo Alto Networks (Known Signatures) 20181031
Panda 20181030
Qihoo-360 20181031
Rising 20181031
SentinelOne (Static ML) 20181011
Sophos AV 20181031
SUPERAntiSpyware 20181031
Symantec 20181031
Symantec Mobile Insight 20181030
TACHYON 20181031
Tencent 20181031
TheHacker 20181025
TrendMicro 20181031
TrendMicro-HouseCall 20181031
Trustlook 20181031
VBA32 20181030
ViRobot 20181031
Webroot 20181031
Yandex 20181030
Zillya 20181030
ZoneAlarm by Check Point 20181031
Zoner 20181031
The file being studied is a Windows Installer file! These types of files are software components used for the installation, maintenance, and removal of software on modern Microsoft Windows systems.
Authenticode signature block
Signature verification Signed file, verified signature
Signing date 11:59 AM 7/9/2017
Signers
[+] ForensiT Limited
Status This certificate or one of the certificates in the certificate chain is not time valid.
Valid from 12:00 AM 03/18/2015
Valid to 11:59 PM 06/16/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbrint 6F84D32EFFE450C6C9C7A2CDD91B732D828FB6FD
Serial number 05 CF C3 C1 C5 A7 A1 AD B9 69 11 CD 30 38 76 7D
[+] Symantec Class 3 SHA256 Code Signing CA
Status Valid
Valid from 12:00 AM 12/10/2013
Valid to 11:59 PM 12/09/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbrint 007790F6561DAD89B0BCD85585762495E358F8A5
Serial number 3D 78 D7 F9 76 49 60 B2 61 7D F4 F0 1E CA 86 2A
[+] VeriSign
Status Valid
Valid from 12:00 AM 11/08/2006
Valid to 11:59 PM 07/16/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbrint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec SHA256 TimeStamping Signer - G2
Status Valid
Valid from 12:00 AM 01/02/2017
Valid to 11:59 PM 04/01/2028
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 625AEC3AE4EDA1D169C4EE909E85B3BBC61076D3
Serial number 54 58 F2 AA D7 41 D6 44 BC 84 A9 7B A0 96 52 E6
[+] Symantec SHA256 TimeStamping CA
Status Valid
Valid from 12:00 AM 01/12/2016
Valid to 11:59 PM 01/11/2031
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 6FC9EDB5E00AB64151C1CDFCAC74AD2C7B7E3BE4
Serial number 7B 05 B1 D4 49 68 51 44 F7 C9 89 D2 9C 19 9D 12
[+] VeriSign Universal Root Certification Authority
Status Valid
Valid from 12:00 AM 04/02/2008
Valid to 11:59 PM 12/01/2037
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha256RSA
Thumbrint 3679CA35668772304D30A5FB873B0FA77BB70D54
Serial number 40 1A C4 64 21 B3 13 21 03 0E BB E4 12 1A C5 1D
OLE structured storage summary
creation_datetime
2009-12-11 12:47:44
author
ForensiT
title
Installation Database
page_count
200
word_count
10
keywords
Installer, MSI, Database
last_saved
2009-12-11 12:47:44
revision_number
{9C42BF90-8F8C-4F17-8621-3BA0593B3BF6}
last_printed
2009-12-11 12:47:44
application_name
Advanced Installer 14.1.1 build 79451
subject
Transwiz
template
;1033
code_page
Latin I
comments
This installer database contains the logic and data required to install Transwiz.
OLE Streams
name
Root Entry
clsid
000c1084-0000-0000-c000-000000000046
type_literal
root
clsid_literal
on
sid
0
size
42880
type_literal
stream
sid
54
name
\x05DigitalSignature
size
7068
type_literal
stream
sid
53
name
\x05MsiDigitalSignatureEx
size
32
type_literal
stream
sid
3
name
\x05SummaryInformation
size
576
type_literal
stream
sid
26
name
\u430b\u4131\u4735\u3cbe\u45b1\u4137\u43ef\u4568\u417f\u4464\u4231\u47b5\u44ed\u482a
size
2806
type_literal
stream
sid
37
name
\u430b\u4131\u4735\u3dfe\u46a8
size
318
type_literal
stream
sid
38
name
\u430b\u4131\u4735\u3fbe\u4833
size
318
type_literal
stream
sid
28
name
\u430b\u4131\u4735\u403e\u45e4\u4568\u4130\u43b5\u437e\u42b3
size
16455
type_literal
stream
sid
31
name
\u430b\u4131\u4735\u413e\u41ac\u45b8\u4137\u45e6\u41fe\u43ef
size
212120
type_literal
stream
sid
36
name
\u430b\u4131\u4735\u417e\u4464\u4231\u4835
size
4033
type_literal
stream
sid
29
name
\u430b\u4131\u4735\u41be\u41f0\u432f\u43b1\u4564\u44b5\u483a
size
2862
type_literal
stream
sid
30
name
\u430b\u4131\u4735\u41be\u4432\u43f3\u45e8\u482c
size
2998
type_literal
stream
sid
32
name
\u430b\u4131\u4735\u41be\u45b8\u4337\u44a6\u4831
size
2998
type_literal
stream
sid
39
name
\u430b\u4131\u4735\u41fe\u412c\u44af\u482a
size
26931
type_literal
stream
sid
33
name
\u430b\u4131\u4735\u423e\u41bb\u412f\u4330\u4826
size
766
type_literal
stream
sid
25
name
\u430b\u4131\u4735\u433e\u4271\u4832
size
1078
type_literal
stream
sid
27
name
\u430b\u4131\u4735\u433e\u45b1\u4337\u44a6\u4831
size
2998
type_literal
stream
sid
34
name
\u430b\u4131\u4735\u457e\u4428\u4672\u41ac\u4832
size
2998
type_literal
stream
sid
35
name
\u430b\u4131\u4735\u457e\u44e8\u4324\u4335\u4826
size
2998
type_literal
stream
sid
40
name
\u430b\u4131\u4735\u45fe\u4164\u4125\u43a6
size
854
type_literal
stream
sid
52
name
\u4327\u43b6\u4781\u4126\u4825
size
723392
type_literal
stream
sid
5
name
\u4840\u3b3f\u43f2\u4438\u45b1
size
1344
type_literal
stream
sid
45
name
\u4840\u3c9e\u421d\u45fb
size
444
type_literal
stream
sid
7
name
\u4840\u3f3f\u4577\u446c\u3b6a\u45e4\u4824
size
121408
type_literal
stream
sid
6
name
\u4840\u3f3f\u4577\u446c\u3e6a\u44b2\u482f
size
7408
type_literal
stream
sid
4
name
\u4840\u3f7f\u4164\u422f\u4836
size
72
type_literal
stream
sid
50
name
\u4840\u3fff\u43e4\u41ec\u45e4\u44ac\u4831
size
4032
type_literal
stream
sid
23
name
\u4840\u4115\u4478\u42e6\u448c\u41f1\u45ec\u44ac\u4831
size
16
type_literal
stream
sid
8
name
\u4840\u411b\u4327\u3af2\u45f8\u44b7\u4831
size
72
type_literal
stream
sid
48
name
\u4840\u418a\u4337\u4472\u421d\u45fb
size
420
type_literal
stream
sid
1
name
\u4840\u41ca\u4330\u3bb1\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
48
type_literal
stream
sid
18
name
\u4840\u41ca\u4330\u3fb1\u3f12\u4528\u4238\u41b1\u4828
size
66
type_literal
stream
sid
2
name
\u4840\u41ca\u45f9\u46ce\u41a8\u45f8\u3f28\u4528\u4238\u41b1\u4828
size
72
type_literal
stream
sid
14
name
\u4840\u420f\u45e4\u4578\u3b28\u4432\u44b3\u4231\u45f1\u4836
size
8
type_literal
stream
sid
9
name
\u4840\u420f\u45e4\u4578\u4828
size
16
type_literal
stream
sid
10
name
\u4840\u4216\u4327\u4824
size
14
type_literal
stream
sid
16
name
\u4840\u421b\u432a\u45f6\u4735
size
24
type_literal
stream
sid
43
name
\u4840\u421d\u45fb\u45dc\u43fc\u4828
size
48
type_literal
stream
sid
22
name
\u4840\u42cc\u41a8\u3aee\u46f2
size
12
type_literal
stream
sid
24
name
\u4840\u430b\u4131\u4735
size
64
type_literal
stream
sid
13
name
\u4840\u430d\u4235\u45e6\u4572\u483c
size
12
type_literal
stream
sid
46
name
\u4840\u430d\u43e4\u42b2
size
594
type_literal
stream
sid
15
name
\u4840\u430f\u422f
size
20
type_literal
stream
sid
44
name
\u4840\u4452\u45f6\u43e4\u3baf\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
426
type_literal
stream
sid
20
name
\u4840\u4452\u45f6\u43e4\u3faf\u3f12\u4528\u4238\u41b1\u4828
size
192
type_literal
stream
sid
51
name
\u4840\u448b\u45f2\u45f6\u4135\u44f3\u4568\u3c9e\u421c\u4634\u4468\u4226
size
42
type_literal
stream
sid
11
name
\u4840\u448c\u44f0\u4472\u4468\u4837
size
24
type_literal
stream
sid
49
name
\u4840\u448c\u45f1\u44b5\u3b2f\u4472\u4327\u4337\u4472
size
88
type_literal
stream
sid
21
name
\u4840\u448c\u45f1\u44b5\u3baf\u4239\u45f1
size
1500
type_literal
stream
sid
41
name
\u4840\u448c\u45f1\u44b5\u482f
size
7072
type_literal
stream
sid
17
name
\u4840\u44de\u456a\u41e4\u4828
size
32
type_literal
stream
sid
47
name
\u4840\u454e\u44b5\u4835
size
2556
type_literal
stream
sid
12
name
\u4840\u4559\u44f2\u4568\u4737
size
356
type_literal
stream
sid
42
name
\u4840\u460c\u45f6\u4432\u418a\u4337\u4472
size
264
type_literal
stream
sid
19
name
\u4840\u464e\u4468\u3db7\u44e4\u4333\u42b1
size
128
ExifTool file metadata
MIMEType
image/vnd.fpx

ModifyDate
2009:12:11 11:47:44

Template
;1033

Title
Installation Database

FileType
FPX

Author
ForensiT

Comments
This installer database contains the logic and data required to install Transwiz.

CodePage
Windows Latin 1 (Western European)

FileTypeExtension
fpx

Words
10

LastPrinted
2009:12:11 11:47:44

Keywords
Installer, MSI, Database

CreateDate
2009:12:11 11:47:44

Security
None

Software
Advanced Installer 14.1.1 build 79451

Pages
200

RevisionNumber
{9C42BF90-8F8C-4F17-8621-3BA0593B3BF6}

Subject
Transwiz

File identification
MD5 7d41ce6791c9f0d9fc6da7a340253935
SHA1 74edf33771cced38952e7202897dcc348f41a8ca
SHA256 a43c20bb941a2809c01f7752804bdd6c1abaffd28b76099986088abefd65fec8
ssdeep
24576:YC+Y0ZrG0APT6HkuEmuvOFrHYlgDzgboj6xo:YC+YYAPTjuERw78gEwM

File size 1.1 MB ( 1187328 bytes )
File type Windows Installer
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 10.0, Last Printed: Thu Dec 10 11:47:44 2009, Create Time/Date: Thu Dec 10 11:47:44 2009, Last Saved Time/Date: Thu Dec 10 11:47:44 2009, Security: 0, Code page: 1252, Revision Number: {9C42BF90-8F8C-4F17-8621-3BA0593B3BF6}, Number of Words: 10, Subject: Transwiz, Author: ForensiT, Name of Creating Application: Advanced Installer 14.1.1 build 79451, Template:

TrID Microsoft Windows Installer (79.8%)
Windows SDK Setup Transform Script (11.0%)
Windows Installer Patch (7.7%)
Generic OLE2 / Multistream Compound File (1.3%)
Tags
msi signed

VirusTotal metadata
First submission 2017-07-09 20:46:34 UTC ( 1 year, 6 months ago )
Last submission 2019-01-20 16:20:48 UTC ( 1 day, 17 hours ago )
File names Transwiz.msi
Transwiz.msi
Transwiz.msi
Transwiz.msi
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!