× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a83fe4b3395225f97b1bffacda1212cc1a0249e95b0f97e12333a5436c3e020f
File name: ITPx86_1033_8.0.225.0.exe
Detection ratio: 0 / 67
Analysis date: 2018-01-10 22:54:03 UTC ( 1 week, 3 days ago ) View latest
Antivirus Result Update
Ad-Aware 20180110
AegisLab 20180110
AhnLab-V3 20180110
Alibaba 20180110
ALYac 20180110
Antiy-AVL 20180110
Arcabit 20180110
Avast 20180110
Avast-Mobile 20180110
AVG 20180110
Avira (no cloud) 20180110
AVware 20180103
Baidu 20180110
BitDefender 20180110
Bkav 20180106
CAT-QuickHeal 20180110
ClamAV 20180110
CMC 20180110
Comodo 20180110
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20180110
Cyren 20180110
DrWeb 20180110
eGambit 20180110
Emsisoft 20180110
Endgame 20171130
ESET-NOD32 20180110
F-Prot 20180110
F-Secure 20180110
Fortinet 20180110
GData 20180110
Ikarus 20180110
Sophos ML 20170914
Jiangmin 20180110
K7AntiVirus 20180110
K7GW 20180110
Kaspersky 20180110
Kingsoft 20180110
Malwarebytes 20180110
MAX 20180110
McAfee 20180110
McAfee-GW-Edition 20180110
Microsoft 20180110
eScan 20180110
NANO-Antivirus 20180110
nProtect 20180110
Palo Alto Networks (Known Signatures) 20180110
Panda 20180110
Qihoo-360 20180110
SentinelOne (Static ML) 20171224
Sophos AV 20180110
SUPERAntiSpyware 20180110
Symantec 20180110
Symantec Mobile Insight 20180110
Tencent 20180110
TheHacker 20180108
TotalDefense 20180110
TrendMicro 20180110
TrendMicro-HouseCall 20180110
Trustlook 20180110
VBA32 20180110
VIPRE 20180110
ViRobot 20180110
Webroot 20180110
WhiteArmor 20180110
Yandex 20180109
Zillya 20180110
ZoneAlarm by Check Point 20180110
Zoner 20180110
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name SFXCAB.EXE
Internal name SFXCAB.EXE
File version 6.2.0029.0 (SRV03_QFE.031113-0918)
Description Self-Extracting Cabinet
Signature verification Signed file, verified signature
Signing date 5:33 PM 8/11/2010
Signers
[+] Microsoft Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
Issuer Microsoft Code Signing PCA
Valid from 11:40 PM 12/7/2009
Valid to 11:40 PM 3/7/2011
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 9617094A1CFB59AE7C1F7DFDB6739E4E7C40508F
Serial number 61 01 CF 3E 00 00 00 00 00 0F
[+] Microsoft Code Signing PCA
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
Issuer Microsoft Root Authority
Valid from 11:31 PM 8/22/2007
Valid to 8:00 AM 8/25/2012
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 3036E3B25B88A55B86FC90E6E9EAAD5081445166
Serial number 2E AB 11 DC 50 FF 5C 9D CB C0
[+] Microsoft Root Authority
Status Valid
Issuer Microsoft Root Authority
Valid from 8:00 AM 1/10/1997
Valid to 8:00 AM 12/31/2020
Valid usage All
Algorithm md5RSA
Thumbprint A43489159A520F0D93D032CCAF37E7FE20A8B419
Serial number 00 C1 00 8B 3C 3C 88 11 D1 3E F6 63 EC DF 40
Counter signers
[+] Microsoft Time-Stamp Service
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
Issuer Microsoft Timestamping PCA
Valid from 8:01 PM 7/25/2008
Valid to 8:11 PM 7/25/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 4D6F357F0E6434DA97B1AFC540FB6FDD0E85A89F
Serial number 61 05 A2 30 00 00 00 00 00 08
[+] Microsoft Timestamping PCA
Status The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
Issuer Microsoft Root Authority
Valid from 2:04 AM 9/16/2006
Valid to 8:00 AM 9/15/2019
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 3EA99A60058275E0ED83B892A909449F8C33B245
Serial number 6A 0B 99 4F C0 00 25 AB 11 DB 45 1F 58 7A 67 A2
[+] Microsoft Root Authority
Status Valid
Issuer Microsoft Root Authority
Valid from 8:00 AM 1/10/1997
Valid to 8:00 AM 12/31/2020
Valid usage All
Algorithm md5RSA
Thumbrint A43489159A520F0D93D032CCAF37E7FE20A8B419
Serial number 00 C1 00 8B 3C 3C 88 11 D1 3E F6 63 EC DF 40
Packers identified
F-PROT CAB, appended, UTF-8, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-06-28 16:55:01
Entry Point 0x00005A45
Number of sections 3
PE sections
Overlays
MD5 8ce9d9f6c95c9fc7be9e83df034f4749
File type data
Offset 14919680
Size 6016
Entropy 7.37
PE imports
SetSecurityDescriptorDacl
GetTokenInformation
InitiateSystemShutdownA
CryptReleaseContext
CryptAcquireContextA
OpenProcessToken
CryptGenRandom
AllocateAndInitializeSid
AddAccessAllowedAce
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
GetSystemTime
DeviceIoControl
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
ReadFile
GetFileAttributesA
GetLastError
WaitForSingleObject
SetEvent
QueryPerformanceCounter
CopyFileA
HeapAlloc
CreateDirectoryA
GetVersionExA
FlushFileBuffers
GetModuleFileNameA
LoadLibraryA
GetExitCodeProcess
FreeLibrary
DeleteCriticalSection
GetCurrentProcess
SystemTimeToFileTime
CreateEventA
MoveFileExA
GetFileSize
SetFileTime
DeleteFileA
GetCurrentDirectoryA
SetErrorMode
GetTickCount
GetCommandLineA
WaitForMultipleObjects
GetProcessHeap
SetFilePointer
DosDateTimeToFileTime
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
FindFirstFileA
SetUnhandledExceptionFilter
WriteFile
CloseHandle
GetSystemTimeAsFileTime
FindNextFileA
RemoveDirectoryA
GetSystemDirectoryA
GetDiskFreeSpaceA
CreateThread
ExpandEnvironmentStringsA
SetEnvironmentVariableA
SetFileAttributesA
GetDriveTypeA
QueryDosDeviceA
MoveFileA
TerminateProcess
CreateProcessA
CreateEventW
GetEnvironmentVariableA
LocalFileTimeToFileTime
FindClose
Sleep
FormatMessageA
SetEndOfFile
CreateFileA
ExitProcess
GetCurrentThreadId
OpenEventA
GetCurrentProcessId
SetLastError
LeaveCriticalSection
SHGetPathFromIDListA
SHBrowseForFolderA
SendDlgItemMessageA
LoadStringA
SetParent
EndDialog
SendMessageA
MessageBoxA
DialogBoxParamA
ShowWindow
strchr
_vsnprintf
strstr
_stricmp
_strlwr
sprintf
_snprintf
_strnicmp
strrchr
strncpy
NtClose
NtAdjustPrivilegesToken
NtOpenProcessToken
NtShutdownSystem
Number of PE resources by type
RT_DIALOG 2
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
7.1

ImageVersion
5.2

FileSubtype
0

FileVersionNumber
6.2.29.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
72704

EntryPoint
0x5a45

OriginalFileName
SFXCAB.EXE

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.2.0029.0 (SRV03_QFE.031113-0918)

TimeStamp
2005:06:28 17:55:01+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
SFXCAB.EXE

ProductVersion
6.2.0029.0

FileDescription
Self-Extracting Cabinet

OSVersion
5.2

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
31232

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.2.29.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 e2ad3a9056d57d115ebc04015e27ff58
SHA1 e4c61f8e7bdd66c0bedc8636720e14298deb930b
SHA256 a83fe4b3395225f97b1bffacda1212cc1a0249e95b0f97e12333a5436c3e020f
ssdeep
393216:cTsH4BGbNvg528b0ZTqfBLBgdlnX/nrrRp:MhBGbNI5vbIMB2bXjrT

authentihash e7bbfce572f7ce6ded0a4adc39122278d49e3a0b956c1f2fa1c3cc57691dd1ae
imphash 26862adec39b3e745b2122e30d4c8282
File size 14.2 MB ( 14925696 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Unknown!
Tags
peexe software-collection signed overlay

VirusTotal metadata
First submission 2010-10-30 06:31:20 UTC ( 7 years, 2 months ago )
Last submission 2016-03-11 14:46:46 UTC ( 1 year, 10 months ago )
File names ITPx86_1033_8.0.225.0.exe
ITPx86_1033_8.0.225.0.exe
62373776
e2ad3a9056d57d115ebc04015e27ff58
SFXCAB.EXE
Microsoft_IntelliType_Pro_8.0_for XP.exe
A83FE4B3395225F97B1BFFACDA1212CC1A0249E95B0F97E12333A5436C3E020F
output.62373776.txt
microsoft_941975750a07f.exe
ITPx86_1033_8.0.225.0.exe
Software collections
website http://oldapps.com/intellipoint.php?old_intellipoint=12
oldapps http://oldapps.com/intellipoint.php?old_intellipoint=12?download
product IntelliPoint 8.0
developer Microsoft Corporation
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!