× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: aa256003211ccfbf26c62f0da56dece4a4002f85ed9015ffa07d1a73a70a7438
File name: parental-filter-1380-jetelecharge.exe
Detection ratio: 0 / 66
Analysis date: 2017-12-27 03:13:36 UTC ( 9 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware 20171225
AegisLab 20171227
AhnLab-V3 20171226
Alibaba 20171226
ALYac 20171226
Antiy-AVL 20171227
Arcabit 20171227
Avast 20171227
Avast-Mobile 20171226
AVG 20171227
Avira (no cloud) 20171226
AVware 20171227
Baidu 20171226
BitDefender 20171227
Bkav 20171226
CAT-QuickHeal 20171226
ClamAV 20171226
CMC 20171226
Comodo 20171227
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20171227
Cyren 20171227
DrWeb 20171227
eGambit 20171227
Emsisoft 20171227
Endgame 20171130
ESET-NOD32 20171227
F-Prot 20171226
F-Secure 20171227
Fortinet 20171226
GData 20171227
Ikarus 20171226
Sophos ML 20170914
Jiangmin 20171227
K7AntiVirus 20171226
K7GW 20171226
Kaspersky 20171227
Kingsoft 20171227
Malwarebytes 20171227
MAX 20171227
McAfee 20171227
McAfee-GW-Edition 20171227
Microsoft 20171226
eScan 20171227
NANO-Antivirus 20171227
nProtect 20171227
Palo Alto Networks (Known Signatures) 20171227
Panda 20171226
Qihoo-360 20171227
Rising 20171226
SentinelOne (Static ML) 20171224
Sophos AV 20171227
SUPERAntiSpyware 20171227
Symantec 20171227
Symantec Mobile Insight 20171227
Tencent 20171227
TheHacker 20171226
TotalDefense 20171226
TrendMicro 20171227
TrendMicro-HouseCall 20171227
Trustlook 20171227
VBA32 20171226
VIPRE 20171227
ViRobot 20171226
Webroot 20171227
WhiteArmor 20171226
Yandex 20171225
Zillya 20171226
ZoneAlarm by Check Point 20171227
Zoner 20171227
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Signature verification Signed file, verified signature
Signing date 10:49 AM 10/27/2009
Signers
[+] editions profil
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2004 CA
Valid from 1:00 AM 1/7/2009
Valid to 12:59 AM 1/8/2012
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 8F775C8C1499340D5C1103EB979C224E92F20769
Serial number 2A 1D 50 98 2D C8 29 FD 13 28 C7 7A 7A 98 F3 69
[+] VeriSign Class 3 Code Signing 2004 CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Class 3 Public Primary Certification Authority
Valid from 1:00 AM 7/16/2004
Valid to 12:59 AM 7/16/2014
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 197A4AEBDB25F0170079BB8C73CB2D655E0018A4
Serial number 41 91 A1 5A 39 78 DF CF 49 65 66 38 1D 4C 75 C2
[+] VeriSign Class 3 Public Primary CA
Status Valid
Issuer Class 3 Public Primary Certification Authority
Valid from 1:00 AM 1/29/1996
Valid to 12:59 AM 8/2/2028
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm md2RSA
Thumbprint 742C3192E607E424EB4549542BE1BBC53E6174E2
Serial number 70 BA E4 1D 10 D9 29 34 B6 38 CA 7B 03 CC BA BF
Counter signers
[+] VeriSign Time Stamping Services Signer - G2
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown., Error 65536 (0x10000), The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer VeriSign Time Stamping Services CA
Valid from 1:00 AM 6/15/2007
Valid to 12:59 AM 6/15/2012
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE
Serial number 38 25 D7 FA F8 61 AF 9E F4 90 E7 26 B5 D6 5A D5
[+] VeriSign Time Stamping Services CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-01-20 06:15:34
Entry Point 0x000339B7
Number of sections 4
PE sections
Overlays
MD5 890f2148376387c0cf19588c2debbea0
File type data
Offset 364544
Size 160956712
Entropy 8.00
PE imports
GetTokenInformation
LookupPrivilegeValueA
RegOpenKeyA
RegCloseKey
EqualSid
OpenProcessToken
AdjustTokenPrivileges
RegQueryValueA
FreeSid
RegQueryValueExA
AllocateAndInitializeSid
OpenThreadToken
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
GetObjectA
GetDeviceCaps
TranslateCharsetInfo
BitBlt
DeleteDC
GetSystemPaletteEntries
SetBkMode
GetTextExtentPoint32A
CreateFontA
CreatePalette
GetStockObject
CreateDIBitmap
SelectPalette
CreateFontIndirectA
CreateSolidBrush
SelectObject
CreateCompatibleDC
DeleteObject
RealizePalette
SetTextColor
GetStdHandle
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
lstrcatA
UnhandledExceptionFilter
SetErrorMode
FreeEnvironmentStringsW
GetThreadContext
SetStdHandle
GetFileTime
GetTempPathA
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
GetStringTypeW
SetFileAttributesA
GetExitCodeProcess
LocalFree
ResumeThread
GetEnvironmentVariableA
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
SetLastError
VerLanguageNameA
InitializeCriticalSection
WriteProcessMemory
CopyFileA
ExitProcess
GetVersionExA
RemoveDirectoryA
RaiseException
GetSystemDefaultLCID
InterlockedDecrement
MultiByteToWideChar
FlushInstructionCache
GetModuleHandleA
CreateThread
GetExitCodeThread
SetUnhandledExceptionFilter
MulDiv
ExitThread
SetThreadContext
TerminateProcess
VirtualQuery
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
FreeLibrary
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetSystemDirectoryA
GetStartupInfoA
SystemTimeToFileTime
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetEvent
GetProcAddress
VirtualProtectEx
GetProcessHeap
CompareStringW
lstrcmpA
FindFirstFileA
lstrcpyA
CompareStringA
GetTempFileNameA
CreateFileMappingA
FindNextFileA
DuplicateHandle
SearchPathA
ExpandEnvironmentStringsA
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
DosDateTimeToFileTime
LCMapStringW
UnmapViewOfFile
GetSystemInfo
lstrlenA
GlobalFree
LCMapStringA
HeapReAlloc
GetEnvironmentStringsW
GlobalUnlock
GlobalAlloc
GetModuleFileNameA
GetShortPathNameA
FileTimeToLocalFileTime
SizeofResource
CompareFileTime
LockResource
SetFileTime
lstrlenW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
QueryPerformanceFrequency
MapViewOfFile
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetACP
GlobalLock
GetVersion
GetEnvironmentStrings
CreateProcessA
WideCharToMultiByte
IsValidCodePage
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
VirtualAlloc
GetOEMCP
ResetEvent
VariantChangeType
SysStringLen
SysAllocStringLen
VariantClear
SysAllocString
SysReAllocStringLen
SysFreeString
UuidToStringA
RpcStringFreeA
UuidCreate
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
ClientToScreen
RegisterClassA
GetParent
UpdateWindow
IntersectRect
EndDialog
BeginPaint
MoveWindow
KillTimer
CharUpperA
ShowWindow
DefWindowProcA
FindWindowA
SetWindowPos
GetDesktopWindow
GetSystemMetrics
IsWindow
PostQuitMessage
GetWindowRect
DispatchMessageA
EnableWindow
LoadStringA
PostMessageA
DrawIcon
GetDlgItemTextA
MessageBoxA
PeekMessageA
GetWindowDC
SetWindowLongA
wvsprintfA
TranslateMessage
DialogBoxParamA
GetWindow
GetSysColor
SendDlgItemMessageA
GetDC
ReleaseDC
GetDlgCtrlID
GetClassInfoA
DestroyIcon
wsprintfA
CharPrevA
GetWindowPlacement
SendMessageA
SubtractRect
CreateWindowExA
GetDlgItem
CreateDialogParamA
CharLowerBuffA
LoadCursorA
ScreenToClient
SetRect
GetWindowLongA
GetWindowTextLengthA
SetTimer
GetClientRect
LoadIconA
GetMessageA
SetWindowTextA
FillRect
CharNextA
WaitForInputIdle
GetSysColorBrush
MsgWaitForMultipleObjects
EndPaint
GetWindowTextA
DestroyWindow
ExitWindowsEx
IsDialogMessageA
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
CoUninitialize
CoInitialize
StgIsStorageFile
StgOpenStorage
Number of PE resources by type
RT_DIALOG 6
RT_ICON 4
RT_STRING 3
GIF 1
RT_GROUP_CURSOR 1
RT_MANIFEST 1
RT_CURSOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 18
NEUTRAL 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
12.0.0.58849

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
102400

EntryPoint
0x339b7

OriginalFileName
Setup.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2006 Macrovision Corporation

FileVersion
2.00.0000

TimeStamp
2007:01:20 07:15:34+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Setup

ProductVersion
2.00.0000

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Editions Profil - Profil Technology

CodeSize
258048

ProductName
Parental Filter 2

ProductVersionNumber
12.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 f19a6611456cfa1a85383c5896eb90df
SHA1 b7756919bfa8768b6b967d06d27d293c982a3b4a
SHA256 aa256003211ccfbf26c62f0da56dece4a4002f85ed9015ffa07d1a73a70a7438
ssdeep
3145728:tYV5moPUAcuc29VFsDuYBEHUhIruvt2Vs1Wg0YV28hKJEjPfdsIq20FCvP:+VwoPTc29LWuYJJAs1WgxVX8K7fd10Y

authentihash 3e541aba9004214d8a43f679b9831297d37da54bc87ff03d648486fa231ed1b6
imphash 98a302f6bbeb0a006f303a0b09de7e12
File size 153.8 MB ( 161321256 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (53.0%)
Win64 Executable (generic) (34.0%)
Win32 Executable (generic) (5.5%)
OS/2 Executable (generic) (2.4%)
Generic Win/DOS Executable (2.4%)
Tags
peexe software-collection signed overlay

VirusTotal metadata
First submission 2016-05-02 02:23:14 UTC ( 2 years, 5 months ago )
Last submission 2018-09-27 14:19:15 UTC ( 2 weeks, 4 days ago )
File names parental-filter-1380-jetelecharge.exe
parental-filter-1380-jetelecharge.exe
parental-filter-1380-jetelecharge.exe
1006730
parental-filter-1380-jetelecharge.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!