× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b4d3da2a375bf1e64eae7865b20334ae7a4ff552658664e9b9e5e387f4ba24a2
File name: Opera
Detection ratio: 0 / 67
Analysis date: 2019-04-20 22:10:43 UTC ( 1 month ago )
Antivirus Result Update
Acronis 20190419
Ad-Aware 20190420
AegisLab 20190420
AhnLab-V3 20190420
Alibaba 20190402
ALYac 20190420
Antiy-AVL 20190419
Arcabit 20190420
Avast 20190420
Avast-Mobile 20190415
AVG 20190420
Avira (no cloud) 20190420
Babable 20180918
Baidu 20190318
BitDefender 20190420
Bkav 20190420
CAT-QuickHeal 20190420
ClamAV 20190420
CMC 20190321
Comodo 20190420
CrowdStrike Falcon (ML) 20190212
Cybereason 20190417
Cyren 20190420
DrWeb 20190420
eGambit 20190421
Emsisoft 20190420
Endgame 20190403
ESET-NOD32 20190420
F-Secure 20190420
FireEye 20190420
Fortinet 20190420
GData 20190420
Ikarus 20190420
Sophos ML 20190313
Jiangmin 20190420
K7AntiVirus 20190420
K7GW 20190420
Kaspersky 20190420
Kingsoft 20190421
Malwarebytes 20190420
MAX 20190421
MaxSecure 20190420
McAfee 20190420
McAfee-GW-Edition 20190420
Microsoft 20190420
eScan 20190420
NANO-Antivirus 20190420
Palo Alto Networks (Known Signatures) 20190421
Panda 20190420
Qihoo-360 20190421
Rising 20190420
SentinelOne (Static ML) 20190420
Sophos AV 20190420
SUPERAntiSpyware 20190418
Symantec Mobile Insight 20190418
TACHYON 20190420
Tencent 20190421
TheHacker 20190419
TotalDefense 20190416
Trapmine 20190325
TrendMicro-HouseCall 20190420
Trustlook 20190421
VBA32 20190419
ViRobot 20190420
Yandex 20190419
Zillya 20190419
ZoneAlarm by Check Point 20190420
Zoner 20190420
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright Opera Software 2019

Product Opera Installer
Internal name Opera
File version 58.0.3135.118
Description Opera Installer
Signature verification Signed file, verified signature
Signing date 1:11 PM 3/22/2019
Signers
[+] Opera Software AS
Status Valid
Issuer DigiCert EV Code Signing CA (SHA2)
Valid from 12:00 AM 06/23/2016
Valid to 12:00 PM 06/27/2019
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 49B00D844B474FC69BC372951A681C9FC2BBBC66
Serial number 0F DE 84 F0 D5 5D 8D 33 68 32 5D C0 CD C4 A9 79
[+] DigiCert EV Code Signing CA (SHA2)
Status Valid
Issuer DigiCert High Assurance EV Root CA
Valid from 12:00 PM 04/18/2012
Valid to 12:00 PM 04/18/2027
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 60EE3FC53D4BDFD1697AE5BEAE1CAB1C0F3AD4E3
Serial number 03 F1 B4 E1 5F 3A 82 F1 14 96 78 B3 D7 D8 47 5C
[+] DigiCert
Status Valid
Issuer DigiCert High Assurance EV Root CA
Valid from 01:00 AM 11/10/2006
Valid to 01:00 AM 11/10/2031
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha1RSA
Thumbprint 5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25
Serial number 02 AC 5C 26 6A 0B 40 9B 8F 0B 79 F2 AE 46 25 77
Counter signers
[+] DigiCert SHA2 Timestamp Responder
Status Valid
Issuer DigiCert SHA2 Assured ID Timestamping CA
Valid from 01:00 AM 01/04/2017
Valid to 01:00 AM 01/18/2028
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 400191475C98891DEBA104AF47091B5EB6D4CBCB
Serial number 09 C0 FC 46 C8 04 42 13 B5 59 8B AF 28 4F 4E 41
[+] DigiCert SHA2 Assured ID Timestamping CA
Status Valid
Issuer DigiCert Assured ID Root CA
Valid from 01:00 PM 01/07/2016
Valid to 01:00 PM 01/07/2031
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 3BA63A6E4841355772DEBEF9CDCF4D5AF353A297
Serial number 0A A1 25 D6 D6 32 1B 7E 41 E4 05 DA 36 97 C2 15
[+] DigiCert
Status Valid
Issuer DigiCert Assured ID Root CA
Valid from 01:00 AM 11/10/2006
Valid to 01:00 AM 11/10/2031
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha1RSA
Thumbrint 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Serial number 0C E7 E0 E5 17 D8 46 FE 8F E5 60 FC 1B F0 30 39
Packers identified
F-PROT UPX
PEiD UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-03-22 05:00:00
Entry Point 0x003BD240
Number of sections 3
PE sections
Overlays
MD5 27f62fa7176e0cb5a5a5e220d8484395
File type data
Offset 2156544
Size 8776
Entropy 7.21
PE imports
InitCommonControlsEx
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
MessageBoxW
Number of PE resources by type
PNG 46
RT_STRING 37
RT_DIALOG 12
RT_ICON 12
TXT 3
RT_MANIFEST 1
RT_RCDATA 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 78
SWEDISH 1
TELUGU DEFAULT 1
VIETNAMESE DEFAULT 1
TAMIL DEFAULT 1
FRENCH 1
BELARUSIAN DEFAULT 1
INDONESIAN DEFAULT 1
DUTCH 1
MALAY MALAYSIA 1
CATALAN DEFAULT 1
PORTUGUESE BRAZILIAN 1
HUNGARIAN DEFAULT 1
FINNISH DEFAULT 1
HINDI DEFAULT 1
TURKISH DEFAULT 1
KOREAN 1
ITALIAN 1
CZECH DEFAULT 1
LATVIAN DEFAULT 1
LITHUANIAN 1
GERMAN 1
BULGARIAN DEFAULT 1
POLISH DEFAULT 1
JAPANESE DEFAULT 1
DANISH DEFAULT 1
SWAHILI DEFAULT 1
SLOVAK DEFAULT 1
BENGALI DEFAULT 1
GREEK DEFAULT 1
UKRAINIAN DEFAULT 1
NORWEGIAN BOKMAL 1
CHINESE TRADITIONAL 1
THAI DEFAULT 1
SERBIAN DEFAULT 1
ROMANIAN 1
RUSSIAN 1
PE resources
ExifTool file metadata
UninitializedDataSize
1806336

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
58.0.3135.118

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Opera Installer

ImageFileCharacteristics
Executable, Large address aware, 32-bit

CharacterSet
Unicode

InitializedDataSize
45056

EntryPoint
0x3bd240

MIMEType
application/octet-stream

LegalCopyright
Copyright Opera Software 2019

FileVersion
58.0.3135.118

TimeStamp
2019:03:22 06:00:00+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Opera

ProductVersion
58.0.3135.118

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Opera Software

CodeSize
2113536

ProductName
Opera Installer

ProductVersionNumber
58.0.3135.118

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 403eca8899c65ff0e74e7793a9011ed4
SHA1 63300f05e0fdeb0cc2fe1c7c6240941aa92525dd
SHA256 b4d3da2a375bf1e64eae7865b20334ae7a4ff552658664e9b9e5e387f4ba24a2
ssdeep
49152://rla0dS8mSJ1gYbtZ2amfJ8CyMmgmKiWqoftnaOFnavoVh41Mmji:bla0dS8mU1VL2a7waO1z4q1

authentihash d8cde5ef2b6fdbd88399688bbe0e472cf75eca1a6e531677258a8a0908a2b60e
imphash 5d719385c2c58d1c7ccab5757f251823
File size 2.1 MB ( 2165320 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe signed upx overlay

VirusTotal metadata
First submission 2019-03-23 22:05:37 UTC ( 2 months ago )
Last submission 2019-03-23 22:05:37 UTC ( 2 months ago )
File names Opera
OperaSetup.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs