× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: aa256003211ccfbf26c62f0da56dece4a4002f85ed9015ffa07d1a73a70a7438
File name: parental-filter-1380-jetelecharge.exe
Detection ratio: 0 / 68
Analysis date: 2018-09-27 14:19:15 UTC ( 7 months ago ) View latest
Antivirus Result Update
Ad-Aware 20180927
AegisLab 20180927
AhnLab-V3 20180927
Alibaba 20180921
ALYac 20180927
Antiy-AVL 20180927
Arcabit 20180927
Avast 20180927
Avast-Mobile 20180927
AVG 20180927
Avira (no cloud) 20180927
AVware 20180925
Babable 20180918
Baidu 20180927
BitDefender 20180927
Bkav 20180927
CAT-QuickHeal 20180927
ClamAV 20180927
CMC 20180927
Comodo 20180927
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180927
Cyren 20180927
DrWeb 20180927
eGambit 20180927
Emsisoft 20180927
Endgame 20180730
ESET-NOD32 20180927
F-Prot 20180927
F-Secure 20180927
Fortinet 20180927
GData 20180927
Ikarus 20180927
Sophos ML 20180717
Jiangmin 20180927
K7AntiVirus 20180927
K7GW 20180927
Kaspersky 20180927
Kingsoft 20180927
Malwarebytes 20180927
MAX 20180927
McAfee 20180927
McAfee-GW-Edition 20180927
Microsoft 20181002
eScan 20180927
NANO-Antivirus 20180927
Palo Alto Networks (Known Signatures) 20180927
Panda 20180927
Qihoo-360 20180927
Rising 20180927
SentinelOne (Static ML) 20180926
Sophos AV 20180927
SUPERAntiSpyware 20180907
Symantec 20180927
Symantec Mobile Insight 20180924
TACHYON 20180927
Tencent 20180927
TheHacker 20180927
TotalDefense 20180925
TrendMicro 20180927
TrendMicro-HouseCall 20180927
Trustlook 20180927
VBA32 20180927
VIPRE 20180927
ViRobot 20180927
Webroot 20180927
Yandex 20180926
Zillya 20180926
ZoneAlarm by Check Point 20180925
Zoner 20180927
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Signature verification Signed file, verified signature
Signing date 11:49 AM 10/27/2009
Signers
[+] editions profil
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2004 CA
Valid from 01:00 AM 01/07/2009
Valid to 12:59 AM 01/08/2012
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 8F775C8C1499340D5C1103EB979C224E92F20769
Serial number 2A 1D 50 98 2D C8 29 FD 13 28 C7 7A 7A 98 F3 69
[+] VeriSign Class 3 Code Signing 2004 CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Class 3 Public Primary Certification Authority
Valid from 12:00 AM 07/16/2004
Valid to 11:59 PM 07/15/2014
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 197A4AEBDB25F0170079BB8C73CB2D655E0018A4
Serial number 41 91 A1 5A 39 78 DF CF 49 65 66 38 1D 4C 75 C2
[+] VeriSign Class 3 Public Primary CA
Status Valid
Issuer Class 3 Public Primary Certification Authority
Valid from 01:00 AM 01/29/1996
Valid to 11:59 PM 08/01/2028
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm md2RSA
Thumbprint 742C3192E607E424EB4549542BE1BBC53E6174E2
Serial number 70 BA E4 1D 10 D9 29 34 B6 38 CA 7B 03 CC BA BF
Counter signers
[+] VeriSign Time Stamping Services Signer - G2
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown., Error 65536 (0x10000), The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer VeriSign Time Stamping Services CA
Valid from 12:00 AM 06/15/2007
Valid to 11:59 PM 06/14/2012
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE
Serial number 38 25 D7 FA F8 61 AF 9E F4 90 E7 26 B5 D6 5A D5
[+] VeriSign Time Stamping Services CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Thawte Timestamping CA
Valid from 01:00 AM 12/04/2003
Valid to 12:59 AM 12/04/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 01:00 AM 01/01/1997
Valid to 12:59 AM 01/01/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-01-20 06:15:34
Entry Point 0x000339B7
Number of sections 4
PE sections
Overlays
MD5 890f2148376387c0cf19588c2debbea0
File type data
Offset 364544
Size 160956712
Entropy 8.00
PE imports
GetTokenInformation
LookupPrivilegeValueA
RegOpenKeyA
RegCloseKey
EqualSid
OpenProcessToken
AdjustTokenPrivileges
RegQueryValueA
FreeSid
RegQueryValueExA
AllocateAndInitializeSid
OpenThreadToken
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
GetObjectA
GetDeviceCaps
TranslateCharsetInfo
BitBlt
DeleteDC
GetSystemPaletteEntries
SetBkMode
GetTextExtentPoint32A
CreateFontA
CreatePalette
GetStockObject
CreateDIBitmap
SelectPalette
CreateFontIndirectA
CreateSolidBrush
SelectObject
CreateCompatibleDC
DeleteObject
RealizePalette
SetTextColor
GetStdHandle
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
lstrcatA
UnhandledExceptionFilter
SetErrorMode
FreeEnvironmentStringsW
GetThreadContext
SetStdHandle
GetFileTime
GetTempPathA
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
GetStringTypeW
SetFileAttributesA
GetExitCodeProcess
LocalFree
ResumeThread
GetEnvironmentVariableA
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
SetLastError
VerLanguageNameA
InitializeCriticalSection
WriteProcessMemory
CopyFileA
ExitProcess
GetVersionExA
RemoveDirectoryA
RaiseException
GetSystemDefaultLCID
InterlockedDecrement
MultiByteToWideChar
FlushInstructionCache
GetModuleHandleA
CreateThread
GetExitCodeThread
SetUnhandledExceptionFilter
MulDiv
ExitThread
SetThreadContext
TerminateProcess
VirtualQuery
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
FreeLibrary
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetSystemDirectoryA
GetStartupInfoA
SystemTimeToFileTime
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetEvent
GetProcAddress
VirtualProtectEx
GetProcessHeap
CompareStringW
lstrcmpA
FindFirstFileA
lstrcpyA
CompareStringA
GetTempFileNameA
CreateFileMappingA
FindNextFileA
DuplicateHandle
SearchPathA
ExpandEnvironmentStringsA
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
DosDateTimeToFileTime
LCMapStringW
UnmapViewOfFile
GetSystemInfo
lstrlenA
GlobalFree
LCMapStringA
HeapReAlloc
GetEnvironmentStringsW
GlobalUnlock
GlobalAlloc
GetModuleFileNameA
GetShortPathNameA
FileTimeToLocalFileTime
SizeofResource
CompareFileTime
LockResource
SetFileTime
lstrlenW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
QueryPerformanceFrequency
MapViewOfFile
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetACP
GlobalLock
GetVersion
GetEnvironmentStrings
CreateProcessA
WideCharToMultiByte
IsValidCodePage
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
VirtualAlloc
GetOEMCP
ResetEvent
VariantChangeType
SysStringLen
SysAllocStringLen
VariantClear
SysAllocString
SysReAllocStringLen
SysFreeString
UuidToStringA
RpcStringFreeA
UuidCreate
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
ClientToScreen
RegisterClassA
GetParent
UpdateWindow
IntersectRect
EndDialog
BeginPaint
MoveWindow
KillTimer
CharUpperA
ShowWindow
DefWindowProcA
FindWindowA
SetWindowPos
GetDesktopWindow
GetSystemMetrics
IsWindow
PostQuitMessage
GetWindowRect
DispatchMessageA
EnableWindow
LoadStringA
PostMessageA
DrawIcon
GetDlgItemTextA
MessageBoxA
PeekMessageA
GetWindowDC
SetWindowLongA
wvsprintfA
TranslateMessage
DialogBoxParamA
GetWindow
GetSysColor
SendDlgItemMessageA
GetDC
ReleaseDC
GetDlgCtrlID
GetClassInfoA
DestroyIcon
wsprintfA
CharPrevA
GetWindowPlacement
SendMessageA
SubtractRect
CreateWindowExA
GetDlgItem
CreateDialogParamA
CharLowerBuffA
LoadCursorA
ScreenToClient
SetRect
GetWindowLongA
GetWindowTextLengthA
SetTimer
GetClientRect
LoadIconA
GetMessageA
SetWindowTextA
FillRect
CharNextA
WaitForInputIdle
GetSysColorBrush
MsgWaitForMultipleObjects
EndPaint
GetWindowTextA
DestroyWindow
ExitWindowsEx
IsDialogMessageA
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
CoUninitialize
CoInitialize
StgIsStorageFile
StgOpenStorage
Number of PE resources by type
RT_DIALOG 6
RT_ICON 4
RT_STRING 3
GIF 1
RT_GROUP_CURSOR 1
RT_MANIFEST 1
RT_CURSOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 18
NEUTRAL 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
12.0.0.58849

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
102400

EntryPoint
0x339b7

OriginalFileName
Setup.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2006 Macrovision Corporation

FileVersion
2.00.0000

TimeStamp
2007:01:20 07:15:34+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Setup

ProductVersion
2.00.0000

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Editions Profil - Profil Technology

CodeSize
258048

ProductName
Parental Filter 2

ProductVersionNumber
12.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 f19a6611456cfa1a85383c5896eb90df
SHA1 b7756919bfa8768b6b967d06d27d293c982a3b4a
SHA256 aa256003211ccfbf26c62f0da56dece4a4002f85ed9015ffa07d1a73a70a7438
ssdeep
3145728:tYV5moPUAcuc29VFsDuYBEHUhIruvt2Vs1Wg0YV28hKJEjPfdsIq20FCvP:+VwoPTc29LWuYJJAs1WgxVX8K7fd10Y

authentihash 3e541aba9004214d8a43f679b9831297d37da54bc87ff03d648486fa231ed1b6
imphash 98a302f6bbeb0a006f303a0b09de7e12
File size 153.8 MB ( 161321256 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (44.0%)
Win64 Executable (generic) (28.2%)
Microsoft Visual C++ compiled executable (generic) (16.9%)
Win32 Executable (generic) (4.6%)
OS/2 Executable (generic) (2.0%)
Tags
peexe overlay signed software-collection

VirusTotal metadata
First submission 2016-05-02 02:23:14 UTC ( 2 years, 11 months ago )
Last submission 2018-09-27 14:19:15 UTC ( 7 months ago )
File names parental-filter-1380-jetelecharge.exe
parental-filter-1380-jetelecharge.exe
parental-filter-1380-jetelecharge.exe
1006730
parental-filter-1380-jetelecharge.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!