× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: afacd08cce54f8029197919bd89fdfe1fd1b7f9bd72b455760ebb422f0fe0704
File name: LiquidStudio2018.exe
Detection ratio: 0 / 64
Analysis date: 2019-03-13 05:26:06 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Acronis 20190222
Ad-Aware 20190313
AegisLab 20190313
AhnLab-V3 20190313
Alibaba 20190306
ALYac 20190313
Antiy-AVL 20190313
Arcabit 20190313
Avast 20190313
Avast-Mobile 20190312
AVG 20190313
Avira (no cloud) 20190313
Babable 20180918
Baidu 20190306
BitDefender 20190313
Bkav 20190312
CAT-QuickHeal 20190312
ClamAV 20190312
CMC 20190312
Comodo 20190313
CrowdStrike Falcon (ML) 20190212
Cybereason 20190109
Cyren 20190313
DrWeb 20190313
eGambit 20190313
Emsisoft 20190313
Endgame 20190215
ESET-NOD32 20190313
F-Secure 20190313
Fortinet 20190313
GData 20190313
Ikarus 20190312
Sophos ML 20181128
Jiangmin 20190313
K7AntiVirus 20190312
K7GW 20190313
Kaspersky 20190313
Kingsoft 20190313
Malwarebytes 20190313
MAX 20190313
McAfee 20190313
McAfee-GW-Edition 20190312
Microsoft 20190312
eScan 20190313
NANO-Antivirus 20190313
Palo Alto Networks (Known Signatures) 20190313
Panda 20190312
Qihoo-360 20190313
Rising 20190313
SentinelOne (Static ML) 20190311
Sophos AV 20190313
SUPERAntiSpyware 20190307
Symantec Mobile Insight 20190220
TACHYON 20190313
Tencent 20190313
TheHacker 20190308
TotalDefense 20190312
Trapmine 20190301
TrendMicro-HouseCall 20190313
Trustlook 20190313
VBA32 20190312
ViRobot 20190313
Yandex 20190312
ZoneAlarm by Check Point 20190313
Zoner 20190312
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
All rights reserved

Product Liquid Studio 2018
File version 16.1.19.8878
Description Liquid Studio 2018 Installation
Comments This installation was built with InstallAware: http://www.installaware.com
Signature verification Signed file, verified signature
Signing date 1:52 PM 12/16/2018
Signers
[+] Liquid Technologies Limited
Status Valid
Issuer thawte SHA256 Code Signing CA
Valid from 01:00 AM 03/10/2017
Valid to 11:59 PM 04/20/2020
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 120E8ACF451895508AAC6520B97A6DF70821041C
Serial number 04 A0 F1 7A E2 9D 9F 53 3F 6D AE D1 CC 31 97 D5
[+] thawte SHA256 Code Signing CA
Status Valid
Issuer thawte Primary Root CA
Valid from 01:00 AM 12/10/2013
Valid to 12:59 AM 12/10/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint D00CFDBF46C98A838BC10DC4E097AE0152C461BC
Serial number 71 A0 B7 36 95 DD B1 AF C2 3B 2B 9A 18 EE 54 CB
[+] thawte
Status Valid
Issuer thawte Primary Root CA
Valid from 01:00 AM 11/17/2006
Valid to 11:59 PM 07/16/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 91C6D6EE3E8AC86384E548C299295C756C817B81
Serial number 34 4E D5 57 20 D5 ED EC 49 F4 2F CE 37 DB 2B 6D
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 12:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 01:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 01:00 AM 01/01/1997
Valid to 12:59 AM 01/01/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT 7Z
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-09-08 22:01:54
Entry Point 0x00021BD6
Number of sections 4
PE sections
Overlays
MD5 8cb56586cf080092cb4793543f8285cb
File type data
Offset 414208
Size 3553280
Entropy 8.00
PE imports
RegCreateKeyExW
RegCloseKey
RegSetValueExW
GetObjectW
GetStdHandle
GetConsoleOutputCP
WaitForSingleObject
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
FormatMessageW
InitializeCriticalSection
FindClose
InterlockedDecrement
SetFileAttributesW
SetLastError
RemoveDirectoryW
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetFullPathNameW
CreateThread
SetUnhandledExceptionFilter
ExitThread
TerminateProcess
WriteConsoleA
SetCurrentDirectoryW
SetEndOfFile
GetVersion
LeaveCriticalSection
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
GetVersionExW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetWindowsDirectoryW
GetFileSize
GetModuleHandleW
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
GetTempFileNameW
GetModuleFileNameW
FindNextFileW
ResetEvent
FindFirstFileW
GetProcAddress
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LCMapStringW
GetShortPathNameW
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
lstrlenW
CreateProcessW
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetCurrentThreadId
IsValidCodePage
HeapCreate
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
SysAllocString
SysFreeString
VariantClear
SysAllocStringLen
SHGetFolderPathW
ShellExecuteExW
RegisterWindowMessageW
EndDialog
MoveWindow
KillTimer
ShowWindow
SetWindowLongW
MessageBoxW
PeekMessageW
GetWindowRect
CharUpperW
DialogBoxParamW
PostMessageW
SetDlgItemTextW
CreateDialogParamW
SendMessageW
LoadStringW
SetWindowTextW
GetDlgItem
SystemParametersInfoW
SetTimer
LoadImageW
AdjustWindowRect
IsDlgButtonChecked
GetWindowTextW
GetDesktopWindow
LoadIconW
GetWindowTextLengthW
GetWindowLongW
SetForegroundWindow
DestroyWindow
CoCreateInstance
CoInitialize
Number of PE resources by type
RT_STRING 105
RT_ICON 13
RT_DIALOG 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 19
HEBREW DEFAULT 3
SWEDISH 3
LATVIAN DEFAULT 3
VIETNAMESE DEFAULT 3
ESTONIAN DEFAULT 3
LITHUANIAN 3
FRENCH 3
CHINESE SIMPLIFIED 3
SLOVENIAN DEFAULT 3
DUTCH 3
PORTUGUESE 3
ITALIAN 3
CATALAN DEFAULT 3
PORTUGUESE BRAZILIAN 3
FINNISH DEFAULT 3
KOREAN 3
CZECH DEFAULT 3
BASQUE DEFAULT 3
HUNGARIAN DEFAULT 3
GERMAN 3
POLISH DEFAULT 3
JAPANESE DEFAULT 3
DANISH DEFAULT 3
SLOVAK DEFAULT 3
GREEK DEFAULT 3
TURKISH DEFAULT 3
NORWEGIAN BOKMAL 3
CHINESE TRADITIONAL 3
THAI DEFAULT 3
SERBIAN DEFAULT 3
ARABIC SAUDI ARABIA 3
NEUTRAL 3
SPANISH MODERN 3
ROMANIAN 3
RUSSIAN 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with InstallAware: http://www.installaware.com

InitializedDataSize
229888

ImageVersion
0.0

FileVersionNumber
16.1.19.8878

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
9.0

FileTypeExtension
exe

MIMEType
application/octet-stream

TimeStamp
2015:09:09 00:01:54+02:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
16.1.19.88

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
183296

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0x21bd6

ObjectFileType
Executable application

File identification
MD5 f6ef2cbb3bb20b3292abac5e6e83f3be
SHA1 86191b723b8f4a17fc65e0fb2058b7dbbf1d3b93
SHA256 afacd08cce54f8029197919bd89fdfe1fd1b7f9bd72b455760ebb422f0fe0704
ssdeep
98304:QnZaLXUTYxKxx8gxIWLXa5wpGyyVgFoZ5yXhDgrTl+nx:NL/4P+WLNygFo7+gnl0x

authentihash 0699aa52b1b98036881e4365337938a1f6027b4a85d01694d40d5ce2b0b7b7bc
imphash eaefd1169420dcee9fef7c65aa268740
File size 3.8 MB ( 3967488 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (36.1%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win64 Executable (generic) (23.2%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.7%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2018-12-18 12:19:14 UTC ( 4 months ago )
Last submission 2019-04-13 06:33:14 UTC ( 6 days, 9 hours ago )
File names output.123593499.txt
LiquidStudio2018.exe
XmlStudio.exe
LiquidStudio2018.exe
XmlDataBinder.exe
LiquidStudio2018.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Searched windows
Runtime DLLs