× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b5d76ba911d543380ff637cef14d8854f4a42201a841f6329599ddbedfba98db
File name: DownloadGMSCamCtrlGE.exe
Detection ratio: 0 / 68
Analysis date: 2018-07-11 13:01:28 UTC ( 1 week, 3 days ago ) View latest
Antivirus Result Update
Ad-Aware 20180711
AegisLab 20180711
AhnLab-V3 20180711
ALYac 20180711
Antiy-AVL 20180711
Arcabit 20180711
Avast 20180711
Avast-Mobile 20180711
AVG 20180711
Avira (no cloud) 20180710
AVware 20180711
Babable 20180406
Baidu 20180711
BitDefender 20180711
Bkav 20180711
CAT-QuickHeal 20180711
ClamAV 20180711
CMC 20180711
Comodo 20180711
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180711
Cyren 20180711
DrWeb 20180711
eGambit 20180711
Emsisoft 20180711
Endgame 20180711
ESET-NOD32 20180711
F-Prot 20180711
F-Secure 20180706
Fortinet 20180711
GData 20180711
Ikarus 20180711
Sophos ML 20180601
Jiangmin 20180711
K7AntiVirus 20180711
K7GW 20180711
Kaspersky 20180711
Kingsoft 20180711
Malwarebytes 20180711
MAX 20180711
McAfee 20180711
McAfee-GW-Edition 20180711
Microsoft 20180711
eScan 20180711
NANO-Antivirus 20180711
Palo Alto Networks (Known Signatures) 20180711
Panda 20180711
Qihoo-360 20180711
Rising 20180711
SentinelOne (Static ML) 20180701
Sophos AV 20180711
SUPERAntiSpyware 20180711
Symantec 20180711
TACHYON 20180711
Tencent 20180711
TheHacker 20180710
TotalDefense 20180711
TrendMicro 20180711
TrendMicro-HouseCall 20180711
Trustlook 20180711
VBA32 20180711
VIPRE 20180711
ViRobot 20180711
Webroot 20180711
Yandex 20180711
Zillya 20180710
ZoneAlarm by Check Point 20180711
Zoner 20180711
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
© Digital River, Inc.

Product Digital River Download Manager
Original name DldManager.exe
Internal name Digital River Download Manager
File version 1.0.0
Description Digital River Download Manager
Signature verification Signed file, verified signature
Signing date 5:03 AM 8/9/2015
Signers
[+] Digital River, Inc.
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 11/5/2012
Valid to 12:59 AM 12/6/2015
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 6FF0124C758A6E40E8C81FCAF23ED368C7CF438D
Serial number 58 D8 D0 31 0D 95 71 EA 8F 11 D0 E3 E4 FE 0C 87
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT UPX_LZMA
PEiD UPX 2.93 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2008-03-07 05:10:52
Entry Point 0x000FF410
Number of sections 3
PE sections
Overlays
MD5 33c755155f415393828bf5119a517b26
File type data
Offset 351232
Size 11376
Entropy 5.90
PE imports
RegEnumKeyA
InitCommonControlsEx
Escape
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
VariantCopy
SHGetMalloc
PathIsUNCA
OpenPrinterA
GetFileTitleA
CoTaskMemFree
Number of PE resources by type
RT_STRING 65
RT_DIALOG 35
RT_CURSOR 17
RT_GROUP_CURSOR 16
RT_ICON 8
RT_BITMAP 6
RT_HTML 1
RT_MANIFEST 1
RT_ACCELERATOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 152
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.7.1

UninitializedDataSize
716800

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
24576

EntryPoint
0xff410

OriginalFileName
DldManager.exe

MIMEType
application/octet-stream

LegalCopyright
Digital River, Inc.

FileVersion
1.0.0

TimeStamp
2008:03:07 06:10:52+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Digital River Download Manager

ProductVersion
1.0.0

FileDescription
Digital River Download Manager

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Digital River, Inc.

CodeSize
327680

ProductName
Digital River Download Manager

ProductVersionNumber
1.0.7.1

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 e988ae7aa72a6e095cfb840670672645
SHA1 80eb92ff4c529691225f320a45032c924f5c7dad
SHA256 b5d76ba911d543380ff637cef14d8854f4a42201a841f6329599ddbedfba98db
ssdeep
6144:H8DIuVDyrqwzKu1U8MIvPew7Ey5mj5zhl8+rZGyx/3+QRb9aaoAeoSh:ccAYheuEw9g8UZGyhpF9KDoSh

authentihash 6c981022263c735990045337b171ccd0657cef66606b52d3f59b1435d05f2afc
imphash 4f82ce53a95d4aaf5021d0d307fafe74
File size 354.1 KB ( 362608 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe signed upx overlay

VirusTotal metadata
First submission 2015-09-07 06:38:10 UTC ( 2 years, 10 months ago )
Last submission 2018-05-26 15:05:05 UTC ( 1 month, 3 weeks ago )
File names DldManager.exe
DownloadGMSCamCtrlGE.exe
DownloadGMSCamCtrlGE.exe
DownloadGMSCamCtrlGE.exe
Digital River Download Manager
725707
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Copied files
Moved files
Deleted files
Created mutexes
Hooking activity
Runtime DLLs
Additional details
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.