× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: aaf345a10d603b3776a51f3f3ca7264ebc84b3e26fe8157a57adb16cfbbd5c84
File name: 02617fb9521d83902d3b566e4e321733.virus
Detection ratio: 43 / 68
Analysis date: 2018-03-12 10:45:32 UTC ( 1 year ago )
Antivirus Result Update
AhnLab-V3 Win-PUP/Solimba 20180312
Antiy-AVL GrayWare[AdWare]/MSIL.Solimba.c 20180312
Arcabit Trojan.Adware.Solimba.1 20180312
Avast NSIS:Solimba-A [PUP] 20180312
AVG NSIS:Solimba-A [PUP] 20180312
Avira (no cloud) PUA/Solimba.Gen5 20180312
AVware DownloadMR (fs) 20180312
Baidu Win32.Adware.Solimba.a 20180312
BitDefender Gen:Variant.Adware.Solimba.1 20180312
Bkav W32.HfsAdware.5C92 20180312
CAT-QuickHeal PUA.Solimbaapl.Gen 20180312
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20170201
Cybereason malicious.9521d8 20180225
Cylance Unsafe 20180312
Cyren W32/Solimba.A.gen!Eldorado 20180312
DrWeb Adware.Downware.83 20180312
Emsisoft Application.AdWrap (A) 20180312
Endgame malicious (high confidence) 20180308
ESET-NOD32 MSIL/Solimba potentially unwanted 20180312
F-Prot W32/Solimba.A.gen!Eldorado 20180312
F-Secure Gen:Variant.Adware.Solimba 20180311
GData Gen:Variant.Adware.Solimba.1 20180312
Ikarus PUA.Solimba 20180312
Sophos ML heuristic 20180121
Jiangmin AdWare/MSIL.cfl 20180312
K7AntiVirus Unwanted-Program ( 004ae6681 ) 20180312
K7GW Unwanted-Program ( 004ae6681 ) 20180312
Malwarebytes Adware.Solimba 20180312
MAX malware (ai score=86) 20180312
McAfee Artemis!02617FB9521D 20180312
McAfee-GW-Edition RDN/Trojan-FGVI 20180312
eScan Gen:Variant.Adware.Solimba.1 20180312
NANO-Antivirus Riskware.Win32.Solimba.dwzbbr 20180312
Panda Adware/Solimba 20180311
Qihoo-360 HEUR/QVM42.0.C58F.Malware.Gen 20180312
Rising PUF.Solimba!8.EF (TFE:C:CATit02dU7P) 20180312
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV DownloadMR (PUA) 20180312
Symantec PUA.Solimba 20180312
Tencent Win32.Trojan.Falsesign.Dav 20180312
VBA32 Signed-AdWare.MSIL.SolimbaAplicacionesSL 20180312
VIPRE DownloadMR (fs) 20180312
Zillya Adware.AddLyricsCRT.Win32.558 20180309
Ad-Aware 20180312
AegisLab 20180312
Alibaba 20180312
ALYac 20180312
Avast-Mobile 20180312
ClamAV 20180312
CMC 20180312
Comodo 20180312
eGambit 20180312
Fortinet 20180312
Kaspersky 20180312
Kingsoft 20180312
Microsoft 20180312
nProtect 20180312
Palo Alto Networks (Known Signatures) 20180312
SUPERAntiSpyware 20180312
Symantec Mobile Insight 20180311
TheHacker 20180311
TotalDefense 20180312
TrendMicro 20180312
TrendMicro-HouseCall 20180312
Trustlook 20180312
ViRobot 20180312
Webroot 20180312
WhiteArmor 20180223
Yandex 20180308
ZoneAlarm by Check Point 20180312
Zoner 20180312
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Product Discotheque Sound System DJ
File version 2.1.204.0
Description Discotheque Sound System DJ
Signature verification Signed file, verified signature
Signing date 12:00 PM 12/19/2011
Signers
[+] Solimba Aplicaciones S.L.
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 5/16/2011
Valid to 12:59 AM 5/16/2013
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 7638FAE864BC48C40AE6063CEB2ABAC26E361336
Serial number 45 0E E5 82 E2 60 20 D5 F7 63 2F 2B EC C6 C5 BD
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] VeriSign Time Stamping Services Signer - G2
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown., Error 65536 (0x10000), The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer VeriSign Time Stamping Services CA
Valid from 1:00 AM 6/15/2007
Valid to 12:59 AM 6/15/2012
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE
Serial number 38 25 D7 FA F8 61 AF 9E F4 90 E7 26 B5 D6 5A D5
[+] VeriSign Time Stamping Services CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT NSIS
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-12-05 22:50:46
Entry Point 0x0000323C
Number of sections 5
PE sections
Overlays
MD5 98c73b82d02c5059712f40770528a2b9
File type data
Offset 58368
Size 52384
Entropy 7.98
PE imports
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyA
RegDeleteValueA
ImageList_Create
Ord(17)
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
SetBkMode
CreateBrushIndirect
CreateFontIndirectA
SelectObject
SetBkColor
DeleteObject
SetTextColor
GetLastError
lstrlenA
GetFileAttributesA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
CopyFileA
ExitProcess
SetFileTime
GlobalUnlock
GetModuleFileNameA
LoadLibraryA
GetShortPathNameA
GetCurrentProcess
LoadLibraryExA
CompareFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileSize
lstrcatA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GlobalLock
SetFileAttributesA
SetFilePointer
GetTempPathA
CreateThread
lstrcmpiA
GetModuleHandleA
lstrcmpA
ReadFile
WriteFile
FindFirstFileA
CloseHandle
GetTempFileNameA
lstrcpynA
FindNextFileA
RemoveDirectoryA
GetSystemDirectoryA
GetDiskFreeSpaceA
ExpandEnvironmentStringsA
GetFullPathNameA
FreeLibrary
MoveFileA
CreateProcessA
GlobalAlloc
SearchPathA
FindClose
Sleep
CreateFileA
GetTickCount
GetVersion
GetProcAddress
SetCurrentDirectoryA
MulDiv
SHGetFileInfoA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHFileOperationA
EmptyClipboard
GetMessagePos
EndPaint
CharPrevA
EndDialog
BeginPaint
PostQuitMessage
DefWindowProcA
SetWindowTextA
SetClassLongA
LoadBitmapA
SetWindowPos
GetSystemMetrics
IsWindow
AppendMenuA
GetWindowRect
DispatchMessageA
ScreenToClient
SetDlgItemTextA
MessageBoxIndirectA
LoadImageA
GetDlgItemTextA
PeekMessageA
SetWindowLongA
IsWindowEnabled
GetSysColor
CheckDlgButton
GetDC
FindWindowExA
SystemParametersInfoA
CreatePopupMenu
wsprintfA
DialogBoxParamA
SetClipboardData
IsWindowVisible
GetClassInfoA
SetForegroundWindow
GetClientRect
CreateWindowExA
GetDlgItem
CreateDialogParamA
DrawTextA
EnableMenuItem
RegisterClassA
InvalidateRect
GetWindowLongA
SendMessageTimeoutA
SetTimer
LoadCursorA
TrackPopupMenu
SendMessageA
FillRect
ShowWindow
OpenClipboard
CharNextA
CallWindowProcA
GetSystemMenu
EnableWindow
CloseClipboard
DestroyWindow
ExitWindowsEx
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
OleUninitialize
CoTaskMemFree
OleInitialize
CoCreateInstance
Number of PE resources by type
RT_ICON 9
RT_DIALOG 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 14
NEUTRAL 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
119808

ImageVersion
6.0

ProductName
Discotheque Sound System DJ

FileVersionNumber
2.1.204.0

UninitializedDataSize
1024

LanguageCode
Neutral

FileFlagsMask
0x0000

CharacterSet
Windows, Latin1

LinkerVersion
6.0

FileTypeExtension
exe

MIMEType
application/octet-stream

FileVersion
2.1.204.0

TimeStamp
2009:12:05 23:50:46+01:00

FileType
Win32 EXE

PEType
PE32

FileDescription
Discotheque Sound System DJ

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
23552

FileSubtype
0

ProductVersionNumber
2.1.204.0

EntryPoint
0x323c

ObjectFileType
Executable application

File identification
MD5 02617fb9521d83902d3b566e4e321733
SHA1 21661d3cb3652d63e4d1bc9ff001ffb72b14cfa8
SHA256 aaf345a10d603b3776a51f3f3ca7264ebc84b3e26fe8157a57adb16cfbbd5c84
ssdeep
3072:vQIURTXJZeqgKJ+BCNCqZfDo7aOpzjXKSI2EtwQOPL:vsdgK0qtHEKSI1wZ

authentihash 8abec56937435173152e9bc3b7b36be4b10350de99265f8387822dfcea3f287c
imphash 099c0646ea7282d232219f8807883be0
File size 108.2 KB ( 110752 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID NSIS - Nullsoft Scriptable Install System (94.6%)
Win32 Executable MS Visual C++ (generic) (3.4%)
Win32 Dynamic Link Library (generic) (0.7%)
Win32 Executable (generic) (0.5%)
OS/2 Executable (generic) (0.2%)
Tags
nsis peexe signed overlay

VirusTotal metadata
First submission 2018-03-12 10:45:32 UTC ( 1 year ago )
Last submission 2018-03-12 10:45:32 UTC ( 1 year ago )
File names 02617fb9521d83902d3b566e4e321733.virus
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!