× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: aa68b43decac8bda949004112ca75af5660da1e46a387399fc3ad48106534078
File name: tenorshare-iany-transfer-trial20170630-18719-14kyhv2.exe
Detection ratio: 0 / 67
Analysis date: 2018-01-20 15:19:04 UTC ( 5 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware 20180120
AegisLab 20180120
AhnLab-V3 20180120
Alibaba 20180119
ALYac 20180120
Antiy-AVL 20180120
Arcabit 20180120
Avast 20180120
Avast-Mobile 20180119
AVG 20180120
Avira (no cloud) 20180120
AVware 20180120
Baidu 20180118
BitDefender 20180120
Bkav 20180120
CAT-QuickHeal 20180120
ClamAV 20180120
CMC 20180116
Comodo 20180120
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20180120
Cyren 20180120
DrWeb 20180120
eGambit 20180120
Emsisoft 20180120
Endgame 20171130
ESET-NOD32 20180120
F-Prot 20180120
F-Secure 20180120
Fortinet 20180120
GData 20180120
Ikarus 20180120
Sophos ML 20170914
Jiangmin 20180120
K7AntiVirus 20180120
K7GW 20180120
Kaspersky 20180120
Kingsoft 20180120
Malwarebytes 20180120
MAX 20180120
McAfee 20180120
McAfee-GW-Edition 20180120
Microsoft 20180120
eScan 20180120
NANO-Antivirus 20180120
nProtect 20180120
Palo Alto Networks (Known Signatures) 20180120
Panda 20180120
Qihoo-360 20180120
Rising 20180120
SentinelOne (Static ML) 20180115
Sophos AV 20180120
SUPERAntiSpyware 20180120
Symantec 20180119
Symantec Mobile Insight 20180119
Tencent 20180120
TheHacker 20180119
TotalDefense 20180118
TrendMicro 20180120
TrendMicro-HouseCall 20180120
Trustlook 20180120
VBA32 20180120
VIPRE 20180120
ViRobot 20180120
Webroot 20180120
Yandex 20180112
Zillya 20180119
ZoneAlarm by Check Point 20180120
Zoner 20180120
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Signature verification Signed file, verified signature
Signing date 11:03 AM 7/8/2015
Signers
[+] Tenorshare Co.,Ltd.
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Symantec Class 3 SHA256 Code Signing CA
Valid from 1:00 AM 5/8/2015
Valid to 12:59 AM 6/7/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 49DE5C951646DF99480A98AE51028E3FBA0D355E
Serial number 10 FC 1E 4B BB CF BB B7 AE 84 4E A4 50 CA F1 F3
[+] Symantec Class 3 SHA256 Code Signing CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 12/10/2013
Valid to 12:59 AM 12/10/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint 007790F6561DAD89B0BCD85585762495E358F8A5
Serial number 3D 78 D7 F9 76 49 60 B2 61 7D F4 F0 1E CA 86 2A
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT NSIS, appended, UTF-8, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-06-06 21:41:59
Entry Point 0x000030FA
Number of sections 5
PE sections
Overlays
MD5 61aa92b2cb75210f95004149b646cb6f
File type data
Offset 474624
Size 24769136
Entropy 8.00
PE imports
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyA
RegDeleteValueA
ImageList_Create
Ord(17)
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
SetBkMode
CreateBrushIndirect
CreateFontIndirectA
SelectObject
SetBkColor
DeleteObject
SetTextColor
GetLastError
lstrlenA
GetFileAttributesA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
CopyFileA
ExitProcess
SetFileTime
GlobalUnlock
LoadLibraryA
GetModuleFileNameA
GetShortPathNameA
GetCurrentProcess
LoadLibraryExA
CompareFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileSize
lstrcatA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GlobalLock
SetFileAttributesA
SetFilePointer
GetTempPathA
CreateThread
lstrcmpiA
GetModuleHandleA
lstrcmpA
ReadFile
WriteFile
FindFirstFileA
CloseHandle
GetTempFileNameA
lstrcpynA
FindNextFileA
RemoveDirectoryA
GetSystemDirectoryA
GetDiskFreeSpaceA
ExpandEnvironmentStringsA
GetFullPathNameA
FreeLibrary
MoveFileA
CreateProcessA
GlobalAlloc
SearchPathA
FindClose
Sleep
CreateFileA
GetTickCount
GetVersion
GetProcAddress
SetCurrentDirectoryA
MulDiv
SHGetFileInfoA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHFileOperationA
EmptyClipboard
GetMessagePos
EndPaint
CharPrevA
EndDialog
BeginPaint
PostQuitMessage
DefWindowProcA
SetWindowTextA
SetClassLongA
LoadBitmapA
SetWindowPos
GetSystemMetrics
IsWindow
AppendMenuA
GetWindowRect
DispatchMessageA
ScreenToClient
SetDlgItemTextA
MessageBoxIndirectA
LoadImageA
GetDlgItemTextA
PeekMessageA
SetWindowLongA
IsWindowEnabled
GetSysColor
CheckDlgButton
GetDC
FindWindowExA
SystemParametersInfoA
CreatePopupMenu
wsprintfA
DialogBoxParamA
SetClipboardData
IsWindowVisible
GetClassInfoA
SetForegroundWindow
GetClientRect
CreateWindowExA
GetDlgItem
CreateDialogParamA
DrawTextA
EnableMenuItem
RegisterClassA
InvalidateRect
GetWindowLongA
SendMessageTimeoutA
SetTimer
LoadCursorA
TrackPopupMenu
SendMessageA
FillRect
ShowWindow
OpenClipboard
CharNextA
CallWindowProcA
GetSystemMenu
EnableWindow
CloseClipboard
DestroyWindow
ExitWindowsEx
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
OleUninitialize
CoTaskMemFree
OleInitialize
CoCreateInstance
Number of PE resources by type
RT_ICON 11
RT_DIALOG 5
RT_GROUP_ICON 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 18
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2009:06:06 22:41:59+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
24064

LinkerVersion
6.0

EntryPoint
0x30fa

InitializedDataSize
164864

SubsystemVersion
4.0

ImageVersion
6.1

OSVersion
4.0

UninitializedDataSize
1024

File identification
MD5 88fee595a48a9a3600682d32701c13f0
SHA1 c02311528ece16fbfc81b872d0d2f3672abe8a1f
SHA256 aa68b43decac8bda949004112ca75af5660da1e46a387399fc3ad48106534078
ssdeep
393216:VYzo16ZBgv6m+mJT0EtCpBL8VzKEZIJJRuSakTrQggI3L9+APhUPokgkvD:VcBgv6KJoUCDQ9xID+gkI3R+APGPo6r

authentihash 54b68f20f43f7c6c48f134879fea22a54ec0737aaadc4fc1493aa98a1ef82aab
imphash 7fa974366048f9c551ef45714595665e
File size 24.1 MB ( 25243760 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID NSIS - Nullsoft Scriptable Install System (98.7%)
Win32 Executable (generic) (0.5%)
OS/2 Executable (generic) (0.2%)
Generic Win/DOS Executable (0.2%)
DOS Executable Generic (0.2%)
Tags
nsis peexe signed overlay

VirusTotal metadata
First submission 2015-12-02 08:50:15 UTC ( 2 years, 7 months ago )
Last submission 2018-07-10 16:34:36 UTC ( 5 days, 20 hours ago )
File names tenorshare-iany-transfer-trial-June2016.exe
910593
tenorshare-iany-transfer-trial.exe
tenorshare-iany-transfer-trial20170630-18719-14kyhv2.exe
tenorshare-iany-transfer-trial.exe
tenorshare-iany-transfer-trial.exe
aa68b43decac8bda949004112ca75af5660da1e46a387399fc3ad48106534078
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!