× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a8c4ac4ce99c33ed3dc13cd014b3efe32e20d8558d148d5c3787a5cf1007195e
File name: paket.exe
Detection ratio: 0 / 67
Analysis date: 2018-07-03 11:43:02 UTC ( 7 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware 20180703
AegisLab 20180703
AhnLab-V3 20180703
Alibaba 20180703
ALYac 20180703
Antiy-AVL 20180703
Arcabit 20180703
Avast 20180703
Avast-Mobile 20180703
AVG 20180703
Avira (no cloud) 20180703
AVware 20180703
Babable 20180406
Baidu 20180703
BitDefender 20180703
Bkav 20180703
CAT-QuickHeal 20180702
ClamAV 20180703
CMC 20180703
Comodo 20180703
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180703
Cyren 20180703
DrWeb 20180703
eGambit 20180703
Emsisoft 20180703
Endgame 20180612
ESET-NOD32 20180703
F-Prot 20180703
F-Secure 20180703
Fortinet 20180703
GData 20180703
Ikarus 20180703
Sophos ML 20180601
Jiangmin 20180703
K7AntiVirus 20180703
K7GW 20180703
Kaspersky 20180703
Kingsoft 20180703
Malwarebytes 20180703
MAX 20180703
McAfee 20180703
McAfee-GW-Edition 20180703
Microsoft 20180703
eScan 20180703
NANO-Antivirus 20180703
Palo Alto Networks (Known Signatures) 20180703
Panda 20180702
Qihoo-360 20180703
Rising 20180703
SentinelOne (Static ML) 20180701
Sophos AV 20180703
SUPERAntiSpyware 20180703
Symantec 20180703
TACHYON 20180703
Tencent 20180703
TheHacker 20180628
TrendMicro 20180703
TrendMicro-HouseCall 20180703
Trustlook 20180703
VBA32 20180629
VIPRE 20180703
ViRobot 20180703
Webroot 20180703
Yandex 20180703
Zillya 20180702
ZoneAlarm by Check Point 20180703
Zoner 20180702
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
Authenticode signature block and FileVersionInfo properties
Product Paket
Original name paket.exe
File version 5.173.4.0
Description Paket
Comments A dependency manager for .NET with support for NuGet packages and git repositories.
Signature verification Signed file, verified signature
Signing date 6:46 PM 6/28/2018
Signers
[+] Groß, Weber & Partner Dipl.-Ing.(BA)/Dipl.-Wirt.-Inf./Dipl.-Inf.
Status Valid
Issuer COMODO RSA Code Signing CA
Valid from 1:00 AM 9/1/2017
Valid to 12:59 AM 9/1/2020
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 0449E2BE0CFA403718DAACB4B4662BC1BBC585BD
Serial number 37 0F 38 00 96 B6 BD D9 DB AA 38 6D 6A 71 55 56
[+] COMODO RSA Code Signing CA
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 5/9/2013
Valid to 12:59 AM 5/9/2028
Valid usage Code Signing
Algorithm sha384RSA
Thumbprint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
[+] COMODO SECURE™
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 1/19/2010
Valid to 12:59 AM 1/19/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha384RSA
Thumbprint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
Counter signers
[+] COMODO SHA-1 Time Stamping Signer
Status Valid
Issuer UTN-USERFirst-Object
Valid from 1:00 AM 12/31/2015
Valid to 7:40 PM 7/9/2019
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 03A5B14663EB12023091B84A6D6A68BC871DE66B
Serial number 16 88 F0 39 25 5E 63 8E 69 14 39 07 E6 33 0B
[+] USERTrust (Code Signing)
Status Valid
Issuer UTN-USERFirst-Object
Valid from 7:31 PM 7/9/1999
Valid to 7:40 PM 7/9/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm sha1RSA
Thumbrint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-28 17:46:20
Entry Point 0x008161DE
Number of sections 3
.NET details
Module Version ID f3a55e6d-5122-4cd9-8c8b-7c16ce70631f
PE sections
Overlays
MD5 94ce42973412eb74cb54abacaea72dfe
File type data
Offset 8583168
Size 5416
Entropy 7.43
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 6
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 7
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

Comments
A dependency manager for .NET with support for NuGet packages and git repositories.

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.173.4.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
111616

EntryPoint
0x8161de

OriginalFileName
paket.exe

MIMEType
application/octet-stream

FileVersion
5.173.4.0

TimeStamp
2018:06:28 18:46:20+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
4.0

ProductVersion
5.173.4.0

FileDescription
Paket

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Paket team

CodeSize
8471040

ProductName
Paket

ProductVersionNumber
5.173.4.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
5.173.4.0

File identification
MD5 fc4657eb6f846835b54ee14d47e7a673
SHA1 0d31ff78eb23583634edda8e858477381e888b9a
SHA256 a8c4ac4ce99c33ed3dc13cd014b3efe32e20d8558d148d5c3787a5cf1007195e
ssdeep
49152:oSsGwa6UO4eyuzHJUHCZPiJUFQbg5UJQHkc6YfXqGFtUQ+MfNA6Y:1sGwazO4eyuHJhiCRUR55

authentihash 6ecb702d8c9725dc2657b0f8fc042ab72b183de0bef7949a38295fc3148a8cf2
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 8.2 MB ( 8588584 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit Mono/.Net assembly

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.7%)
Win32 Executable (generic) (10.0%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
peexe assembly signed overlay

VirusTotal metadata
First submission 2018-06-28 19:33:21 UTC ( 7 months, 3 weeks ago )
Last submission 2018-06-28 19:33:21 UTC ( 7 months, 3 weeks ago )
File names paket_631079D89C13DCE7CAFDB6AAC1080F05901131C53B236EC2C255EE79E2DB1715.exe
paket_2F348BF8656F6F5C5D711ADC524A3747C437D95E5DE2DF2F34F36DCE771C40ED.exe
paket.exe
paket_10BD0D1E9A957ADD07F77721E7D10FD3B89A609856BDB4ED189C23F4A1312BB0.exe
paket_D52AD4411FEC08087B079D1388496E25A0C8315D65C3F57A69D7920ADED0899F.exe
paket_66B7A36BAB15BFB5ADC4C1A36B96318CD48F075F93513A67EA58F65D866F8586.exe
paket_4E0D064BA23C7363DFB3A0E1C3E675885B23A1CBAA93B3B25F896B75C03E4295.exe
paket_9340A55E532BF887ECCE865C4F472B6F3E964854159BD711472BA0C823B6BFC2.exe
paket_1EA22A53E5165DED11D4C3DE37C94033A104EC4E68BDA66BD6F7152E1CFB860C.exe
paket_BD69EE780AF53DE4721A272D8D74CB661CA09F14600254372CA926F7982E37B5.exe
paket_A3ADE5818C2F25242D2C48A6A602D4A634A3B61C471CBF8C15F012CA25C38FE6.exe
paket_E7396B887A20A47AA734A283897DC64CE5E417718656589DC4484D0B947428D6.exe
paket_5531542168D21DD26ED1CDB09B4FF7BA7526071663329E39969AF103BCF2819B.exe
paket_7A650C5ED81CC5FB5585B747DE4A6E4A618190E61231920CCED3094AD4D7829E.exe
paket_E5FE527518789C017F439529AC2FBAE2683D90CB3EA488A6985130D4CD8CB30F.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!