× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a83fe4b3395225f97b1bffacda1212cc1a0249e95b0f97e12333a5436c3e020f
File name: ITPx86_1033_8.0.225.0.exe
Detection ratio: 0 / 68
Analysis date: 2018-06-09 16:39:03 UTC ( 1 week, 6 days ago ) View latest
Antivirus Result Update
Ad-Aware 20180609
AegisLab 20180609
AhnLab-V3 20180609
Alibaba 20180608
ALYac 20180609
Antiy-AVL 20180609
Arcabit 20180609
Avast 20180609
Avast-Mobile 20180609
AVG 20180609
Avira (no cloud) 20180609
AVware 20180609
Babable 20180406
Baidu 20180608
BitDefender 20180609
Bkav 20180609
CAT-QuickHeal 20180609
ClamAV 20180609
CMC 20180609
Comodo 20180609
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180609
Cyren 20180609
DrWeb 20180609
eGambit 20180609
Emsisoft 20180609
Endgame 20180507
ESET-NOD32 20180609
F-Prot 20180609
F-Secure 20180609
Fortinet 20180609
GData 20180609
Ikarus 20180609
Sophos ML 20180601
Jiangmin 20180609
K7AntiVirus 20180609
K7GW 20180609
Kaspersky 20180609
Kingsoft 20180609
Malwarebytes 20180609
MAX 20180609
McAfee 20180609
McAfee-GW-Edition 20180609
Microsoft 20180609
eScan 20180609
NANO-Antivirus 20180609
Palo Alto Networks (Known Signatures) 20180609
Panda 20180609
Qihoo-360 20180609
Rising 20180609
SentinelOne (Static ML) 20180225
Sophos AV 20180609
SUPERAntiSpyware 20180609
Symantec 20180609
Symantec Mobile Insight 20180605
TACHYON 20180608
Tencent 20180609
TheHacker 20180608
TotalDefense 20180609
TrendMicro 20180609
TrendMicro-HouseCall 20180609
Trustlook 20180609
VBA32 20180608
VIPRE 20180609
ViRobot 20180609
Webroot 20180609
Yandex 20180609
Zillya 20180608
ZoneAlarm by Check Point 20180609
Zoner 20180608
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name SFXCAB.EXE
Internal name SFXCAB.EXE
File version 6.2.0029.0 (SRV03_QFE.031113-0918)
Description Self-Extracting Cabinet
Signature verification Signed file, verified signature
Signing date 6:33 PM 8/11/2010
Signers
[+] Microsoft Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
Issuer Microsoft Code Signing PCA
Valid from 12:40 AM 12/8/2009
Valid to 12:40 AM 3/8/2011
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 9617094A1CFB59AE7C1F7DFDB6739E4E7C40508F
Serial number 61 01 CF 3E 00 00 00 00 00 0F
[+] Microsoft Code Signing PCA
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
Issuer Microsoft Root Authority
Valid from 12:31 AM 8/23/2007
Valid to 9:00 AM 8/25/2012
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 3036E3B25B88A55B86FC90E6E9EAAD5081445166
Serial number 2E AB 11 DC 50 FF 5C 9D CB C0
[+] Microsoft Root Authority
Status Valid
Issuer Microsoft Root Authority
Valid from 9:00 AM 1/10/1997
Valid to 9:00 AM 12/31/2020
Valid usage All
Algorithm md5RSA
Thumbprint A43489159A520F0D93D032CCAF37E7FE20A8B419
Serial number 00 C1 00 8B 3C 3C 88 11 D1 3E F6 63 EC DF 40
Counter signers
[+] Microsoft Time-Stamp Service
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
Issuer Microsoft Timestamping PCA
Valid from 9:01 PM 7/25/2008
Valid to 9:11 PM 7/25/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 4D6F357F0E6434DA97B1AFC540FB6FDD0E85A89F
Serial number 61 05 A2 30 00 00 00 00 00 08
[+] Microsoft Timestamping PCA
Status The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
Issuer Microsoft Root Authority
Valid from 3:04 AM 9/16/2006
Valid to 9:00 AM 9/15/2019
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 3EA99A60058275E0ED83B892A909449F8C33B245
Serial number 6A 0B 99 4F C0 00 25 AB 11 DB 45 1F 58 7A 67 A2
[+] Microsoft Root Authority
Status Valid
Issuer Microsoft Root Authority
Valid from 9:00 AM 1/10/1997
Valid to 9:00 AM 12/31/2020
Valid usage All
Algorithm md5RSA
Thumbrint A43489159A520F0D93D032CCAF37E7FE20A8B419
Serial number 00 C1 00 8B 3C 3C 88 11 D1 3E F6 63 EC DF 40
Packers identified
F-PROT CAB, appended, UTF-8, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-06-28 16:55:01
Entry Point 0x00005A45
Number of sections 3
PE sections
Overlays
MD5 8ce9d9f6c95c9fc7be9e83df034f4749
File type data
Offset 14919680
Size 6016
Entropy 7.37
PE imports
SetSecurityDescriptorDacl
GetTokenInformation
InitiateSystemShutdownA
CryptReleaseContext
CryptAcquireContextA
OpenProcessToken
CryptGenRandom
AllocateAndInitializeSid
AddAccessAllowedAce
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
GetSystemTime
DeviceIoControl
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
ReadFile
GetFileAttributesA
GetLastError
WaitForSingleObject
SetEvent
QueryPerformanceCounter
CopyFileA
HeapAlloc
CreateDirectoryA
GetVersionExA
FlushFileBuffers
GetModuleFileNameA
LoadLibraryA
GetExitCodeProcess
FreeLibrary
DeleteCriticalSection
GetCurrentProcess
SystemTimeToFileTime
CreateEventA
MoveFileExA
GetFileSize
SetFileTime
DeleteFileA
GetCurrentDirectoryA
SetErrorMode
GetTickCount
GetCommandLineA
WaitForMultipleObjects
GetProcessHeap
SetFilePointer
DosDateTimeToFileTime
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
FindFirstFileA
SetUnhandledExceptionFilter
WriteFile
CloseHandle
GetSystemTimeAsFileTime
FindNextFileA
RemoveDirectoryA
GetSystemDirectoryA
GetDiskFreeSpaceA
CreateThread
ExpandEnvironmentStringsA
SetEnvironmentVariableA
SetFileAttributesA
GetDriveTypeA
QueryDosDeviceA
MoveFileA
TerminateProcess
CreateProcessA
CreateEventW
GetEnvironmentVariableA
LocalFileTimeToFileTime
FindClose
Sleep
FormatMessageA
SetEndOfFile
CreateFileA
ExitProcess
GetCurrentThreadId
OpenEventA
GetCurrentProcessId
SetLastError
LeaveCriticalSection
SHGetPathFromIDListA
SHBrowseForFolderA
SendDlgItemMessageA
LoadStringA
SetParent
EndDialog
SendMessageA
MessageBoxA
DialogBoxParamA
ShowWindow
strchr
_vsnprintf
strstr
_stricmp
_strlwr
sprintf
_snprintf
_strnicmp
strrchr
strncpy
NtClose
NtAdjustPrivilegesToken
NtOpenProcessToken
NtShutdownSystem
Number of PE resources by type
RT_DIALOG 2
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
7.1

ImageVersion
5.2

FileSubtype
0

FileVersionNumber
6.2.29.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
72704

EntryPoint
0x5a45

OriginalFileName
SFXCAB.EXE

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.2.0029.0 (SRV03_QFE.031113-0918)

TimeStamp
2005:06:28 18:55:01+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
SFXCAB.EXE

ProductVersion
6.2.0029.0

FileDescription
Self-Extracting Cabinet

OSVersion
5.2

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
31232

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.2.29.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 e2ad3a9056d57d115ebc04015e27ff58
SHA1 e4c61f8e7bdd66c0bedc8636720e14298deb930b
SHA256 a83fe4b3395225f97b1bffacda1212cc1a0249e95b0f97e12333a5436c3e020f
ssdeep
393216:cTsH4BGbNvg528b0ZTqfBLBgdlnX/nrrRp:MhBGbNI5vbIMB2bXjrT

authentihash e7bbfce572f7ce6ded0a4adc39122278d49e3a0b956c1f2fa1c3cc57691dd1ae
imphash 26862adec39b3e745b2122e30d4c8282
File size 14.2 MB ( 14925696 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID MS generic-sfx Cabinet File Unpacker (32/64bit MSCFU) (79.7%)
Win32 Executable MS Visual C++ (generic) (7.0%)
Win64 Executable (generic) (6.2%)
Windows screen saver (2.9%)
Win32 Dynamic Link Library (generic) (1.4%)
Tags
peexe overlay signed software-collection

VirusTotal metadata
First submission 2010-10-30 06:31:20 UTC ( 7 years, 7 months ago )
Last submission 2018-05-27 07:28:03 UTC ( 3 weeks, 5 days ago )
File names ITPx86_1033_8.0.225.0.exe
ITPx86_1033_8.0.225.0.exe
62373776
e2ad3a9056d57d115ebc04015e27ff58
SFXCAB.EXE
Microsoft_IntelliType_Pro_8.0_for XP.exe
A83FE4B3395225F97B1BFFACDA1212CC1A0249E95B0F97E12333A5436C3E020F
output.62373776.txt
microsoft_941975750a07f.exe
ITPx86_1033_8.0.225.0.exe
Software collections
website http://oldapps.com/intellipoint.php?old_intellipoint=12
oldapps http://oldapps.com/intellipoint.php?old_intellipoint=12?download
product IntelliPoint 8.0
developer Microsoft Corporation
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!