× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ac49c861e7315ea343a54cd1a7b2fdb521b0bb208aa67c82ad50816b703bf246
File name: ViberSetup.exe
Detection ratio: 0 / 55
Analysis date: 2015-12-15 16:36:16 UTC ( 2 years, 11 months ago ) View latest
Antivirus Result Update
Ad-Aware 20151215
AegisLab 20151215
Yandex 20151214
AhnLab-V3 20151215
Alibaba 20151208
ALYac 20151215
Antiy-AVL 20151215
Arcabit 20151215
Avast 20151215
AVG 20151215
Avira (no cloud) 20151215
AVware 20151215
Baidu-International 20151215
BitDefender 20151215
Bkav 20151215
ByteHero 20151215
CAT-QuickHeal 20151215
ClamAV 20151215
CMC 20151215
Comodo 20151215
Cyren 20151215
DrWeb 20151215
Emsisoft 20151215
ESET-NOD32 20151215
F-Prot 20151215
F-Secure 20151215
Fortinet 20151215
GData 20151215
Ikarus 20151215
Jiangmin 20151214
K7AntiVirus 20151215
K7GW 20151215
Kaspersky 20151215
Malwarebytes 20151215
McAfee 20151215
McAfee-GW-Edition 20151215
Microsoft 20151215
eScan 20151215
NANO-Antivirus 20151215
nProtect 20151215
Panda 20151213
Qihoo-360 20151215
Rising 20151215
Sophos AV 20151215
SUPERAntiSpyware 20151215
Symantec 20151215
Tencent 20151215
TheHacker 20151215
TrendMicro 20151215
TrendMicro-HouseCall 20151215
VBA32 20151215
VIPRE 20151215
ViRobot 20151215
Zillya 20151214
Zoner 20151215
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (c) Viber Media Inc.. All rights reserved.

Product Viber
Original name ViberSetup.exe
Internal name setup
File version 5.3.0.1884
Description Viber
Signature verification Signed file, verified signature
Signing date 4:51 PM 9/10/2015
Signers
[+] Viber Media S.a.r.l
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Thawte Code Signing CA - G2
Valid from 1:00 AM 5/14/2014
Valid to 12:59 AM 4/28/2016
Valid usage Code Signing, 1.3.6.1.4.1.311.2.1.22
Algorithm sha1RSA
Thumbprint B8F170B2977F074D425C8375AC842E0DBA894361
Serial number 5B 2B 01 10 1C 29 00 E3 4E CB 16 F7 8E 6B 73 BF
[+] Thawte Code Signing CA - G2
Status Valid
Issuer thawte Primary Root CA
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 808D62642B7D1C4A9A83FD667F7A2A9D243FB1C7
Serial number 47 97 4D 78 73 A5 BC AB 0D 2F B3 70 19 2F CE 5E
[+] thawte
Status Valid
Issuer thawte Primary Root CA
Valid from 1:00 AM 11/17/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 91C6D6EE3E8AC86384E548C299295C756C817B81
Serial number 34 4E D5 57 20 D5 ED EC 49 F4 2F CE 37 DB 2B 6D
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT CAB, UTF-8
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-12-08 22:44:59
Entry Point 0x0002945F
Number of sections 7
PE sections
Overlays
MD5 6b2d21075e5ce655aa53234c55d10b07
File type data
Offset 574464
Size 105951016
Entropy 8.00
PE imports
SetSecurityDescriptorOwner
RegCreateKeyExW
RegCloseKey
OpenServiceW
AdjustTokenPrivileges
ControlService
InitializeAcl
LookupPrivilegeValueW
RegDeleteKeyW
CryptHashData
CheckTokenMembership
DecryptFileW
RegQueryValueExW
CryptCreateHash
SetSecurityDescriptorDacl
CloseServiceHandle
ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateWellKnownSid
OpenProcessToken
QueryServiceStatus
RegOpenKeyExW
GetTokenInformation
CryptReleaseContext
GetUserNameW
RegQueryInfoKeyW
SetEntriesInAclW
RegEnumKeyExW
CryptAcquireContextW
CryptDestroyHash
InitializeSecurityDescriptor
RegDeleteValueW
QueryServiceConfigW
CryptGetHashParam
RegSetValueExW
OpenSCManagerW
RegEnumValueW
AllocateAndInitializeSid
InitiateSystemShutdownExW
SetEntriesInAclA
ChangeServiceConfigW
SetSecurityDescriptorGroup
SetNamedSecurityInfoW
CertGetCertificateContextProperty
CryptHashPublicKeyInfo
Ord(23)
Ord(20)
Ord(22)
DeleteDC
SelectObject
GetObjectW
CreateCompatibleDC
DeleteObject
StretchBlt
GetVolumePathNameW
GetStdHandle
ReleaseMutex
WaitForSingleObject
EncodePointer
ProcessIdToSessionId
GetFileAttributesW
VerifyVersionInfoW
GetProcessId
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
LoadLibraryExW
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
InterlockedExchange
GetTempPathW
GetTimeZoneInformation
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
FormatMessageW
ConnectNamedPipe
GetExitCodeProcess
InitializeCriticalSection
OutputDebugStringW
FindClose
TlsGetValue
SetFileAttributesW
SetLastError
GetSystemTime
CopyFileW
GetUserDefaultLangID
RemoveDirectoryW
IsDebuggerPresent
HeapAlloc
VerSetConditionMask
HeapSetInformation
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetLocalTime
SetFilePointerEx
SetFilePointer
GetFullPathNameW
CreateThread
MoveFileExW
GetSystemDirectoryW
GetExitCodeThread
SetNamedPipeHandleState
SetUnhandledExceptionFilter
CreateMutexW
IsProcessorFeaturePresent
DecodePointer
TerminateProcess
GetModuleHandleExW
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
GetSystemWow64DirectoryW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
TlsAlloc
FlushFileBuffers
RtlUnwind
SystemTimeToFileTime
GetWindowsDirectoryW
LCMapStringW
OpenProcess
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
GetTempFileNameW
GetComputerNameW
CompareStringW
GetFileSizeEx
GetModuleFileNameW
ExpandEnvironmentStringsW
FindNextFileW
CompareStringA
FindFirstFileW
DuplicateHandle
WaitForMultipleObjects
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetNativeSystemInfo
GetLastError
DosDateTimeToFileTime
CreateFileMappingW
CreateNamedPipeW
lstrlenA
GlobalFree
GetConsoleCP
GetThreadLocale
GetEnvironmentStringsW
lstrlenW
CreateProcessW
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
WideCharToMultiByte
HeapSize
CopyFileExW
InterlockedCompareExchange
GetSystemDefaultLangID
RaiseException
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetModuleHandleW
SetThreadExecutionState
IsValidCodePage
UnmapViewOfFile
WriteFile
VirtualFree
Sleep
SystemTimeToTzSpecificLocalTime
VirtualAlloc
GetOEMCP
ResetEvent
SysFreeString
VariantClear
VariantInit
SysAllocString
UuidCreate
SHGetFolderPathW
ShellExecuteExW
CommandLineToArgvW
PathCanonicalizeW
GetMonitorInfoW
PostQuitMessage
DefWindowProcW
GetMessageW
SetWindowLongW
IsWindow
PeekMessageW
TranslateMessage
PostMessageW
DispatchMessageW
GetCursorPos
LoadBitmapW
RegisterClassW
UnregisterClassW
MessageBoxW
PostThreadMessageW
MonitorFromPoint
WaitForInputIdle
IsDialogMessageW
LoadCursorW
CreateWindowExW
MsgWaitForMultipleObjects
GetWindowLongW
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
HttpQueryInfoW
InternetConnectW
InternetReadFile
InternetCloseHandle
InternetCrackUrlW
InternetSetOptionW
HttpSendRequestW
InternetErrorDlg
InternetOpenW
HttpOpenRequestW
HttpAddRequestHeadersW
CryptCATAdminCalcHashFromFileHandle
WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain
WinVerifyTrust
Ord(190)
Ord(88)
Ord(205)
Ord(171)
Ord(45)
Ord(125)
Ord(173)
Ord(90)
Ord(111)
Ord(70)
Ord(169)
Ord(17)
Ord(115)
Ord(141)
Ord(116)
Ord(118)
Ord(238)
Ord(8)
Ord(137)
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
CLSIDFromProgID
CoInitializeSecurity
CoTaskMemFree
StringFromGUID2
Number of PE resources by type
RT_ICON 17
RT_VERSION 1
RT_MANIFEST 1
RT_MESSAGETABLE 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 21
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

InitializedDataSize
296448

ImageVersion
0.0

ProductName
Viber

FileVersionNumber
5.3.0.1884

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
12.0

FileTypeExtension
exe

OriginalFileName
ViberSetup.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
5.3.0.1884

TimeStamp
2014:12:08 23:44:59+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
setup

ProductVersion
5.3.0.1884

FileDescription
Viber

OSVersion
5.1

FileOS
Win32

LegalCopyright
Copyright (c) Viber Media Inc.. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Viber Media Inc.

CodeSize
276992

FileSubtype
0

ProductVersionNumber
5.3.0.1884

EntryPoint
0x2945f

ObjectFileType
Executable application

File identification
MD5 10175e4daf638bba115f74f1f17391d6
SHA1 6e2099b5341a5ba7eca693233444acdae47a735b
SHA256 ac49c861e7315ea343a54cd1a7b2fdb521b0bb208aa67c82ad50816b703bf246
ssdeep
1572864:cHgcKL8JDQ7UXwhww98hn+9rSkhMRmcJwdRxdzUTt8/gHXHxGXI+fCUkVc5ond:2gH8JDQ7X98c+3cGUx1UZ84Chfe+yd

authentihash 1afc268ebfa73ebd2bf0938f1d68d2c3caf19e77896da4411ff5050af77e072f
imphash 963226e6bbe29f87aa49b92b4ae9a4f1
File size 101.6 MB ( 106525480 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (53.0%)
Win64 Executable (generic) (34.0%)
Win32 Executable (generic) (5.5%)
OS/2 Executable (generic) (2.4%)
Generic Win/DOS Executable (2.4%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2015-09-16 13:16:45 UTC ( 3 years, 2 months ago )
Last submission 2018-10-31 05:50:35 UTC ( 2 weeks, 6 days ago )
File names ViberSetup.exe
Viber 5.6.0.exe
ViberSetup.exe
viber-5-3-0-multi-win.exe
Viber_Rus_Setup.exe
ViberSetup.exe
ViberSetup.exe
vibersetup.exe
ViberSetup (1).exe
ViberSetup150921.exe
ViberSetup.exe
ViberSetup.exe
ViberSetup.exe
732840
Viber5.3.0.1884.exe
ViberSetup(1).exe
Viber_for_Windows_v5.3.0.exe
ViberSetup.exe
ViberSetup.exe
ViberSetup.exe
Viber 5.3.0.exe
setup
ViberSetup.exe
Viber 5.5.2.28.exe
Viber53Setup.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!