× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c7aa9ca198615ac2d6dccd973983a90b23d12a5e190ffd547a9d8ceaa3f10185
File name: grepWin-1.8.1.msi
Detection ratio: 0 / 57
Analysis date: 2018-09-04 21:44:57 UTC ( 7 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware 20180904
AegisLab 20180904
AhnLab-V3 20180904
Alibaba 20180713
ALYac 20180904
Antiy-AVL 20180904
Arcabit 20180904
Avast 20180904
Avast-Mobile 20180904
AVG 20180904
Avira (no cloud) 20180904
AVware 20180823
Babable 20180902
Baidu 20180904
BitDefender 20180904
Bkav 20180831
CAT-QuickHeal 20180904
ClamAV 20180904
CMC 20180904
Comodo 20180904
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20180904
Cyren 20180904
DrWeb 20180904
eGambit 20180904
Emsisoft 20180904
Endgame 20180730
ESET-NOD32 20180904
F-Prot 20180904
F-Secure 20180904
Fortinet 20180904
GData 20180904
Ikarus 20180904
Sophos ML 20180717
Jiangmin 20180904
K7AntiVirus 20180904
K7GW 20180904
Kaspersky 20180904
Kingsoft 20180904
Malwarebytes 20180904
MAX 20180904
McAfee 20180904
McAfee-GW-Edition 20180904
Microsoft 20180904
eScan 20180904
NANO-Antivirus 20180904
Palo Alto Networks (Known Signatures) 20180904
Panda 20180904
Qihoo-360 20180904
Rising 20180904
SentinelOne (Static ML) 20180830
Sophos AV 20180904
SUPERAntiSpyware 20180903
Symantec 20180904
Symantec Mobile Insight 20180831
TACHYON 20180904
Tencent 20180904
TheHacker 20180904
Trustlook 20180904
VBA32 20180904
VIPRE 20180904
ViRobot 20180904
Webroot 20180904
Yandex 20180904
Zillya 20180904
ZoneAlarm by Check Point 20180904
Zoner 20180903
The file being studied is a Windows Installer file! These types of files are software components used for the installation, maintenance, and removal of software on modern Microsoft Windows systems.
Authenticode signature block
Signature verification Signed file, verified signature
Signing date 2:49 PM 6/17/2018
Signers
[+] Open Source Developer, Stefan KUENG
Status Valid
Valid from 1:00 AM 4/14/2018
Valid to 1:00 AM 4/14/2019
Valid usage Code Signing
Algorithm sha256RSA
Thumbrint BB0A721D5ACE675DCFDC9A1AB5C3DD11B29CEED3
Serial number 1C FB 3E 7A 68 A6 28 A6 3E 3A 46 D4 89 B2 34 FC
[+] Certum Code Signing CA SHA2
Status Valid
Valid from 12:30 PM 10/29/2015
Valid to 12:30 PM 6/9/2027
Valid usage Code Signing
Algorithm sha256RSA
Thumbrint 905DE119F6A0118CFFBF8B69463EFE5BD0C1D322
Serial number 6B 32 6A 0F 03 28 D3 7A 1D 53 0B FD 23 BD 48 E2
[+] Certum Trusted Network CA
Status Valid
Valid from 1:07 PM 10/22/2008
Valid to 1:07 PM 12/31/2029
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbrint 07E032E020B72C3F192F0628A2593A19A70F069E
Serial number 04 44 C0
Counter signers
[+] Certum EV TSA SHA2
Status Valid
Valid from 2:10 PM 3/8/2016
Valid to 2:10 PM 5/30/2027
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 4F8D4C480649426AEF8B86D4D5FC7932E7142D85
Serial number 00 FE 67 E4 F1 5A 24 E3 C6 0D 54 7C A0 20 C2 76 70
[+] Certum Trusted Network CA
Status Valid
Valid from 1:07 PM 10/22/2008
Valid to 1:07 PM 12/31/2029
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbrint 07E032E020B72C3F192F0628A2593A19A70F069E
Serial number 04 44 C0
OLE structured storage summary
creation_datetime
2018-06-17 14:49:16
author
Stefans Tools
title
Installation Database
page_count
200
word_count
2
keywords
Installer
last_saved
2018-06-17 14:49:16
revision_number
{D0430437-760D-49FB-8E1E-A7C9A8EE5901}
application_name
Windows Installer XML Toolset (3.11.1.2318)
security
2
subject
Stefans grepWin
template
Intel;1033
code_page
Latin I
comments
http://tools.stefankueng.com
OLE Streams
name
Root Entry
clsid
000c1084-0000-0000-c000-000000000046
type_literal
root
clsid_literal
on
sid
0
size
14144
type_literal
stream
sid
49
name
\x05DigitalSignature
size
5386
type_literal
stream
sid
48
name
\x05MsiDigitalSignatureEx
size
20
type_literal
stream
sid
2
name
\x05SummaryInformation
size
484
type_literal
stream
sid
29
name
\u4192\u4472\u42be\u4235\u4033\u446c\u4192\u4472
size
94334
type_literal
stream
sid
10
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3aff\u4464\u4231\u4835
size
769
type_literal
stream
sid
11
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3b7f\u412c\u44af\u482a
size
26756
type_literal
stream
sid
14
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3dff\u46a8
size
318
type_literal
stream
sid
15
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3aff\u44f0\u3fbf\u4833
size
318
type_literal
stream
sid
12
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3cbf\u44a6\u3bbf\u41bb\u412f\u4830
size
766
type_literal
stream
sid
13
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u3cbf\u44a6\u3cbf\u4271\u4832
size
1078
type_literal
stream
sid
9
name
\u430b\u4131\u4735\u403e\u46ec\u3c9e\u4320\u41bb\u4824
size
107008
type_literal
stream
sid
1
name
\u456a\u44e8\u4320\u47b1\u4126\u4825
size
410527
type_literal
stream
sid
45
name
\u4840\u3b3f\u43f2\u4438\u45b1
size
1480
type_literal
stream
sid
42
name
\u4840\u3c9e\u421d\u45fb
size
204
type_literal
stream
sid
47
name
\u4840\u3f3f\u4577\u446c\u3b6a\u45e4\u4824
size
30950
type_literal
stream
sid
46
name
\u4840\u3f3f\u4577\u446c\u3e6a\u44b2\u482f
size
3332
type_literal
stream
sid
44
name
\u4840\u3f7f\u4164\u422f\u4836
size
70
type_literal
stream
sid
3
name
\u4840\u3fff\u43e4\u41ec\u45e4\u44ac\u4831
size
4488
type_literal
stream
sid
32
name
\u4840\u4115\u4478\u42e6\u448c\u41f1\u45ec\u44ac\u4831
size
4
type_literal
stream
sid
36
name
\u4840\u411b\u4327\u3af2\u45f8\u44b7\u4831
size
36
type_literal
stream
sid
28
name
\u4840\u4192\u4472
size
4
type_literal
stream
sid
4
name
\u4840\u41ca\u4330\u3bb1\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
48
type_literal
stream
sid
5
name
\u4840\u41ca\u4330\u3fb1\u3f12\u4528\u4238\u41b1\u4828
size
42
type_literal
stream
sid
6
name
\u4840\u41ca\u45f9\u46ce\u41a8\u45f8\u3f28\u4528\u4238\u41b1\u4828
size
48
type_literal
stream
sid
26
name
\u4840\u420f\u45e4\u4578\u3b28\u4432\u44b3\u4231\u45f1\u4836
size
8
type_literal
stream
sid
25
name
\u4840\u420f\u45e4\u4578\u4828
size
32
type_literal
stream
sid
33
name
\u4840\u4216\u4327\u4824
size
14
type_literal
stream
sid
38
name
\u4840\u421b\u3d6a\u41b2\u45e4\u4572
size
10
type_literal
stream
sid
37
name
\u4840\u421b\u432a\u45f6\u4735
size
216
type_literal
stream
sid
39
name
\u4840\u421b\u44b0\u4239\u430f\u422f
size
10
type_literal
stream
sid
41
name
\u4840\u421d\u45fb\u45dc\u43fc\u4828
size
36
type_literal
stream
sid
16
name
\u4840\u42cc\u41a8\u3aee\u46f2
size
8
type_literal
stream
sid
40
name
\u4840\u42dc\u4572\u41b7\u45f8
size
32
type_literal
stream
sid
8
name
\u4840\u430b\u4131\u4735
size
28
type_literal
stream
sid
23
name
\u4840\u430d\u4235\u45e6\u4572\u483c
size
30
type_literal
stream
sid
22
name
\u4840\u430d\u43e4\u42b2
size
484
type_literal
stream
sid
27
name
\u4840\u430f\u422f
size
160
type_literal
stream
sid
30
name
\u4840\u4452\u45f6\u43e4\u3baf\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
138
type_literal
stream
sid
31
name
\u4840\u4452\u45f6\u43e4\u3faf\u3f12\u4528\u4238\u41b1\u4828
size
96
type_literal
stream
sid
17
name
\u4840\u448c\u44f0\u4472\u4468\u4837
size
24
type_literal
stream
sid
19
name
\u4840\u448c\u45f1\u44b5\u3b2f\u4472\u4327\u4337\u4472
size
504
type_literal
stream
sid
20
name
\u4840\u448c\u45f1\u44b5\u3baf\u4239\u45f1
size
1536
type_literal
stream
sid
18
name
\u4840\u448c\u45f1\u44b5\u482f
size
5590
type_literal
stream
sid
7
name
\u4840\u44ca\u3f33\u4128\u41b5\u482b
size
4
type_literal
stream
sid
43
name
\u4840\u44de\u456a\u41e4\u4828
size
16
type_literal
stream
sid
35
name
\u4840\u4559\u44f2\u4568\u4737
size
56
type_literal
stream
sid
34
name
\u4840\u4596\u3bec\u43ec\u3c68\u45a4\u482b
size
140
type_literal
stream
sid
21
name
\u4840\u460c\u45f6\u4432\u418a\u4337\u4472
size
24
type_literal
stream
sid
24
name
\u4840\u464e\u4468\u3db7\u44e4\u4333\u42b1
size
40
ExifTool file metadata
MIMEType
image/vnd.fpx

ModifyDate
2018:06:17 13:49:16

Template
Intel;1033

Title
Installation Database

FileType
FPX

Author
Stefans Tools

Comments
http://tools.stefankueng.com

CodePage
Windows Latin 1 (Western European)

FileTypeExtension
fpx

Words
2

Keywords
Installer

CreateDate
2018:06:17 13:49:16

Security
Read-only recommended

Software
Windows Installer XML Toolset (3.11.1.2318)

Pages
200

RevisionNumber
{D0430437-760D-49FB-8E1E-A7C9A8EE5901}

Subject
Stefans grepWin

File identification
MD5 275b38d67a46f2a26c996bf2df90515c
SHA1 cef167fdaca92e8f15b48da281068f079cd56786
SHA256 c7aa9ca198615ac2d6dccd973983a90b23d12a5e190ffd547a9d8ceaa3f10185
ssdeep
12288:z1dPaBGyTsPJ1Qh1tYwVYzIey5GRGZg0HS8JW:LPaBGN1Qh1qwqO5lZNVJ

File size 728.0 KB ( 745472 bytes )
File type Windows Installer
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1252, Title: Installation Database, Subject: Stefans grepWin, Author: Stefans Tools, Keywords: Installer, Comments: http://tools.stefankueng.com, Template: Intel

TrID Microsoft Windows Installer (89.6%)
Windows Installer Patch (8.7%)
Generic OLE2 / Multistream Compound File (1.5%)
Tags
msi signed

VirusTotal metadata
First submission 2018-06-17 14:36:52 UTC ( 10 months, 1 week ago )
Last submission 2018-09-04 21:44:57 UTC ( 7 months, 2 weeks ago )
File names 5709ee.msi
grepWin-1.8.1.msi
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!