× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c37ed256dde2feaad895a8441e352b5342928fa8795634af94e164e7f45b767a
File name: Dynamsoft%20SourceAnywhere%20Standalone%203.0.1%20Client.exe
Detection ratio: 0 / 64
Analysis date: 2018-07-01 00:40:13 UTC ( 3 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware 20180630
AegisLab 20180630
AhnLab-V3 20180630
ALYac 20180630
Antiy-AVL 20180701
Arcabit 20180630
Avast 20180630
Avast-Mobile 20180630
AVG 20180630
Avira (no cloud) 20180630
AVware 20180630
Babable 20180406
Baidu 20180628
BitDefender 20180630
Bkav 20180630
CAT-QuickHeal 20180630
ClamAV 20180630
CMC 20180630
Comodo 20180630
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cyren 20180630
DrWeb 20180630
eGambit 20180701
Emsisoft 20180630
Endgame 20180612
ESET-NOD32 20180630
F-Prot 20180630
F-Secure 20180630
Fortinet 20180630
GData 20180702
Sophos ML 20180601
Jiangmin 20180701
K7AntiVirus 20180630
K7GW 20180630
Kaspersky 20180701
Kingsoft 20180701
Malwarebytes 20180630
MAX 20180701
McAfee 20180630
McAfee-GW-Edition 20180630
Microsoft 20180630
eScan 20180630
NANO-Antivirus 20180630
Palo Alto Networks (Known Signatures) 20180701
Panda 20180630
Qihoo-360 20180701
Rising 20180702
SentinelOne (Static ML) 20180618
Sophos AV 20180630
SUPERAntiSpyware 20180630
Symantec 20180630
TACHYON 20180630
Tencent 20180701
TheHacker 20180628
TotalDefense 20180630
Trustlook 20180701
VBA32 20180629
VIPRE 20180630
ViRobot 20180630
Webroot 20180701
Yandex 20180629
Zillya 20180629
ZoneAlarm by Check Point 20180630
Zoner 20180701
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.

Product Dynamsoft SourceAnywhere Standalone 3.0.1 Client
Original name Setup.exe
Internal name Setup
File version 3.0.1
Description Setup Launcher
Signature verification Signed file, verified signature
Signing date 10:02 AM 7/12/2011
Signers
[+] DynamSoft Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 10/14/2010
Valid to 12:59 AM 11/7/2012
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint CA6E28798632C268DF7AE6E4FD554CBD4476150D
Serial number 07 30 6A C5 D6 2D 36 C3 17 AF 0C 3E 95 17 CB 71
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] VeriSign Time Stamping Services Signer - G2
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown., Error 65536 (0x10000), The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer VeriSign Time Stamping Services CA
Valid from 1:00 AM 6/15/2007
Valid to 12:59 AM 6/15/2012
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE
Serial number 38 25 D7 FA F8 61 AF 9E F4 90 E7 26 B5 D6 5A D5
[+] VeriSign Time Stamping Services CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2008-08-05 10:39:28
Entry Point 0x00036AC7
Number of sections 4
PE sections
Overlays
MD5 a8af2b560bc6ed65379ee9d2aff1c44b
File type data
Offset 630784
Size 19007528
Entropy 8.00
PE imports
RegDeleteKeyA
SetSecurityDescriptorOwner
LookupPrivilegeValueA
RegCloseKey
RegQueryValueExA
AdjustTokenPrivileges
RegCreateKeyExA
RegCreateKeyA
SetSecurityDescriptorDacl
RegOpenKeyA
EqualSid
OpenProcessToken
RegEnumKeyA
RegEnumValueA
GetTokenInformation
OpenThreadToken
RegOpenKeyExA
RegEnumKeyExA
FreeSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegSetValueExA
RegDeleteValueA
SetSecurityDescriptorGroup
GetObjectA
GetDeviceCaps
TranslateCharsetInfo
DeleteDC
GetSystemPaletteEntries
SetBkMode
GetTextExtentPoint32A
CreateFontA
CreatePalette
BitBlt
CreateDIBitmap
GetStockObject
SelectPalette
CreateFontIndirectA
CreateSolidBrush
SelectObject
CreateCompatibleDC
DeleteObject
RealizePalette
SetTextColor
GetStdHandle
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
HeapReAlloc
GetLocaleInfoA
LocalAlloc
lstrcatA
UnhandledExceptionFilter
ExpandEnvironmentStringsA
SetErrorMode
FreeEnvironmentStringsW
GetThreadContext
GetLocaleInfoW
SetStdHandle
FindResourceExA
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
GetStringTypeW
SetFileAttributesA
GetOEMCP
LocalFree
MoveFileA
ResumeThread
GetExitCodeProcess
GetEnvironmentVariableA
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
FormatMessageA
SetLastError
VerLanguageNameA
InitializeCriticalSection
WriteProcessMemory
CopyFileA
ExitProcess
GetVersionExA
RemoveDirectoryA
RaiseException
EnumSystemLocalesA
LoadLibraryExA
SetConsoleCtrlHandler
GetSystemDefaultLCID
TlsGetValue
MultiByteToWideChar
FatalAppExitA
FlushInstructionCache
SetFilePointer
CreateThread
GetExitCodeThread
SetUnhandledExceptionFilter
GetCurrentProcess
MulDiv
SetEnvironmentVariableA
SetThreadContext
TerminateProcess
VirtualQuery
SearchPathA
SetEndOfFile
GetVersion
LeaveCriticalSection
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
FreeLibrary
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetDateFormatA
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetEvent
GetUserDefaultLCID
VirtualProtectEx
GetProcessHeap
CompareStringW
lstrcmpA
FindFirstFileA
lstrcpyA
GetTimeFormatA
GetTempFileNameA
CreateFileMappingA
FindNextFileA
IsValidLocale
DuplicateHandle
GetProcAddress
GetTimeZoneInformation
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
SystemTimeToFileTime
LCMapStringW
UnmapViewOfFile
GetSystemInfo
lstrlenA
GlobalFree
LCMapStringA
GetProcessTimes
GlobalUnlock
GetEnvironmentStringsW
GetTempPathA
IsDBCSLeadByte
GlobalAlloc
GetModuleFileNameA
SizeofResource
CompareFileTime
GetCurrentProcessId
LockResource
lstrlenW
WideCharToMultiByte
HeapSize
GetCommandLineA
GetCurrentThread
QueryPerformanceFrequency
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
lstrcpynA
GetACP
GlobalLock
GetCurrentThreadId
GetEnvironmentStrings
CreateProcessA
ResetEvent
IsValidCodePage
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
VirtualAlloc
CompareStringA
CreateErrorInfo
VariantChangeType
SysStringLen
SysAllocStringLen
RegisterTypeLib
VariantClear
SysAllocString
SysReAllocStringLen
GetErrorInfo
SysFreeString
LoadTypeLib
SetErrorInfo
UuidToStringA
RpcStringFreeA
UuidCreate
UuidFromStringA
ShellExecuteExA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHFileOperationA
SetFocus
CharPrevA
RegisterClassA
GetParent
UpdateWindow
IntersectRect
EndDialog
BeginPaint
DrawIcon
CreateDialogIndirectParamA
KillTimer
CharUpperA
FindWindowA
DefWindowProcA
SetWindowTextA
SetWindowPos
SendDlgItemMessageA
GetSystemMetrics
IsWindow
PostQuitMessage
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
PostMessageA
MoveWindow
GetDlgItemTextA
MessageBoxA
PeekMessageA
GetWindowDC
SetWindowLongA
wvsprintfA
TranslateMessage
DialogBoxParamA
GetWindow
GetSysColor
GetDC
ReleaseDC
GetDlgCtrlID
GetClassInfoA
DestroyIcon
LoadStringA
ShowWindow
GetWindowPlacement
SendMessageA
SubtractRect
CreateWindowExA
GetDlgItem
CreateDialogParamA
LoadCursorA
ClientToScreen
SetRect
GetWindowLongA
GetWindowTextLengthA
SetTimer
GetClientRect
LoadIconA
GetMessageA
FillRect
GetSysColorBrush
CharNextA
WaitForInputIdle
GetDesktopWindow
wsprintfA
DialogBoxIndirectParamA
MsgWaitForMultipleObjects
EndPaint
GetWindowTextA
DestroyWindow
ExitWindowsEx
IsDialogMessageA
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
ProgIDFromCLSID
CLSIDFromProgID
CoInitialize
CreateItemMoniker
GetRunningObjectTable
CoCreateInstance
CoInitializeSecurity
StringFromCLSID
CoUninitialize
CoCreateGuid
CoTaskMemFree
StringFromGUID2
Number of PE resources by type
RT_ICON 9
RT_DIALOG 6
RT_STRING 3
GIF 2
RT_GROUP_CURSOR 1
RT_MANIFEST 1
RT_CURSOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 23
NEUTRAL 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
15.0.0.573

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Setup Launcher

CharacterSet
Unicode

InitializedDataSize
200704

InternalBuildNumber
81067

OriginalFileName
Setup.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.

FileVersion
3.0.1

TimeStamp
2008:08:05 11:39:28+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Setup

ProductVersion
3.0.1

SubsystemVersion
4.0

OSVersion
4.0

EntryPoint
0x36ac7

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Dynamsoft

CodeSize
425984

ProductName
Dynamsoft SourceAnywhere Standalone 3.0.1 Client

ProductVersionNumber
15.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 89704e9ba5ad3d11ac7ebbffc6ed40ba
SHA1 e24a3dd218bc6c4c87ac806545674edf0e2b6b91
SHA256 c37ed256dde2feaad895a8441e352b5342928fa8795634af94e164e7f45b767a
ssdeep
393216:q4zK0CVcsGL7gO0Dte9GkggzF1USxbME9cEK1Em:tK0CNGUI9fR5KSKUFm

authentihash d13c012f821e5f8861f362ca0b88d8d5e6caa6c2ec7d427ad0800134fe2500e5
imphash 113dcced37d32bdf958d3d5b787838a2
File size 18.7 MB ( 19638312 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (72.3%)
Win32 Executable (generic) (11.8%)
OS/2 Executable (generic) (5.3%)
Generic Win/DOS Executable (5.2%)
DOS Executable Generic (5.2%)
Tags
peexe armadillo signed overlay

VirusTotal metadata
First submission 2012-01-03 14:12:06 UTC ( 6 years, 9 months ago )
Last submission 2016-03-12 05:25:24 UTC ( 2 years, 7 months ago )
File names 1414793879-Dynamsoft_SourceAnywhere_Standalone_3.0.1_Client.exe
file
Setup
274938
dynamsoft_sourceanywhere_standalone_3.0.1_client.exe
89704e9ba5ad3d11ac7ebbffc6ed40ba.e24a3dd218bc6c4c87ac806545674edf0e2b6b91
Dynamsoft SourceAnywhere Standalone 3.0.1 Client.exe
Setup.exe
Dynamsoft%20SourceAnywhere%20Standalone%203.0.1%20Client.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!