× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d1636a2c74434fa6b187c07c4f411f108165f2ea3e88c69200472812ea560d29
File name: claws-mail-3.17.1-1-32bit.exe
Detection ratio: 4 / 67
Analysis date: 2018-09-17 15:32:23 UTC ( 4 months, 1 week ago ) View latest
Antivirus Result Update
Antiy-AVL GrayWare/Win32.Presenoker 20180917
Cylance Unsafe 20180917
Rising Worm.Win32.FTP/BitCoinMiner-Botnet!1.ACDC (CLOUD) 20180917
TrendMicro-HouseCall Suspicious_GEN.F47V0915 20180917
Ad-Aware 20180913
AegisLab 20180917
AhnLab-V3 20180917
Alibaba 20180713
ALYac 20180917
Arcabit 20180917
Avast 20180917
Avast-Mobile 20180917
AVG 20180917
Avira (no cloud) 20180917
AVware 20180917
Babable 20180907
Baidu 20180914
BitDefender 20180917
Bkav 20180917
CAT-QuickHeal 20180917
ClamAV 20180917
CMC 20180917
Comodo 20180917
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cyren 20180917
DrWeb 20180917
eGambit 20180917
Emsisoft 20180917
Endgame 20180730
ESET-NOD32 20180917
F-Prot 20180917
F-Secure 20180917
Fortinet 20180917
GData 20180917
Sophos ML 20180717
Jiangmin 20180917
K7AntiVirus 20180917
K7GW 20180917
Kaspersky 20180917
Kingsoft 20180917
Malwarebytes 20180917
MAX 20180917
McAfee 20180917
McAfee-GW-Edition 20180917
Microsoft 20180917
eScan 20180917
NANO-Antivirus 20180917
Palo Alto Networks (Known Signatures) 20180917
Panda 20180917
Qihoo-360 20180917
SentinelOne (Static ML) 20180830
Sophos AV 20180917
SUPERAntiSpyware 20180907
Symantec 20180917
Symantec Mobile Insight 20180911
TACHYON 20180917
Tencent 20180917
TheHacker 20180914
TotalDefense 20180915
TrendMicro 20180917
Trustlook 20180917
VBA32 20180917
VIPRE 20180917
ViRobot 20180917
Webroot 20180917
Yandex 20180915
Zillya 20180914
ZoneAlarm by Check Point 20180917
Zoner 20180916
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 1999-2017 Hiroyuki Yamamoto and the Claws Mail team

Product claws-mail (3.17.1-1)
File version 3.17.1.1
Description Claws Mail for Windows Installation Package
Comments ClawsMail is Free Software; you can redistribute it and/or modify it under the terms of the GNU General Public License. You should have received a copy of the GNU General Public License along with this software; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
Packers identified
F-PROT NSIS, appended
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-04-01 10:22:05
Entry Point 0x00004344
Number of sections 7
PE sections
Overlays
MD5 cd54c39db0d6ea46364b42e6adc20e93
File type data
Offset 92160
Size 26345371
Entropy 8.00
PE imports
RegDeleteKeyA
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegSetValueExA
RegQueryValueExA
AdjustTokenPrivileges
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyA
RegEnumValueA
SetFileSecurityA
ImageList_Create
InitCommonControls
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
SelectObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetBkColor
DeleteObject
SetTextColor
GetLastError
ReadFile
lstrlenA
GetFileAttributesA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
CopyFileA
ExitProcess
SetFileTime
GlobalUnlock
GetModuleFileNameA
RemoveDirectoryA
GetShortPathNameA
GetCurrentProcess
LoadLibraryExA
CompareFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileSize
lstrcatA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GetProcAddress
SetFileAttributesA
SetFilePointer
GetTempPathA
CreateThread
lstrcmpiA
GetModuleHandleA
lstrcmpA
FindFirstFileA
WriteFile
CloseHandle
GetTempFileNameA
lstrcpynA
FindNextFileA
GetSystemDirectoryA
GetDiskFreeSpaceA
MoveFileExA
ExpandEnvironmentStringsA
SetEnvironmentVariableA
GetFullPathNameA
FreeLibrary
MoveFileA
CreateProcessA
lstrcpyA
GlobalAlloc
GlobalLock
SearchPathA
FindClose
Sleep
CreateFileA
GetTickCount
GetVersion
SetCurrentDirectoryA
MulDiv
SHGetFileInfoA
ShellExecuteExA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHFileOperationA
CharPrevA
GetMessagePos
EmptyClipboard
EndDialog
BeginPaint
PostQuitMessage
DefWindowProcA
GetClassInfoA
SetClassLongA
LoadBitmapA
SetWindowPos
GetSystemMetrics
IsWindow
AppendMenuA
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
MessageBoxIndirectA
LoadImageA
GetDlgItemTextA
ScreenToClient
PeekMessageA
SetWindowLongA
DialogBoxParamA
GetSysColor
CheckDlgButton
GetDC
DrawTextA
SystemParametersInfoA
CreatePopupMenu
wsprintfA
ShowWindow
SetClipboardData
IsWindowVisible
SendMessageA
IsWindowEnabled
GetClientRect
SetTimer
GetDlgItem
SetForegroundWindow
CreateDialogParamA
SetCursor
EnableMenuItem
RegisterClassA
InvalidateRect
GetWindowLongA
FindWindowExA
CreateWindowExA
LoadCursorA
TrackPopupMenu
SetWindowTextA
FillRect
SendMessageTimeoutA
CharNextA
CallWindowProcA
GetSystemMenu
ReleaseDC
EndPaint
CloseClipboard
OpenClipboard
ExitWindowsEx
DestroyWindow
CoTaskMemFree
OleUninitialize
CoCreateInstance
OleInitialize
Number of PE resources by type
RT_DIALOG 6
RT_ICON 3
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 12
PE resources
ExifTool file metadata
UninitializedDataSize
108032

LinkerVersion
2.29

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
3.17.1.1

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Claws Mail for Windows Installation Package

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit, No debug

CharacterSet
Windows, Latin1

InitializedDataSize
38400

EntryPoint
0x4344

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 1999-2017 Hiroyuki Yamamoto and the Claws Mail team

FileVersion
3.17.1.1

TimeStamp
2018:04:01 11:22:05+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
claws-mail.org

CodeSize
36864

ProductName
claws-mail (3.17.1-1)

ProductVersionNumber
3.17.1.1

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 a8ff3dba02ebb4c35d6d1b11368c3370
SHA1 b2621822586e2bc9323f18d6ccd06c626df8f7c4
SHA256 d1636a2c74434fa6b187c07c4f411f108165f2ea3e88c69200472812ea560d29
ssdeep
786432:ATSVAYPBOuZHWEjQHEhKJkGITO8G9k7Q80BJ:lFPBOuZ25EhCkGIX0J

authentihash 86f10cd95499633f903004d72b17ba3d6bd360501e5a7d74279ab418fc7b7933
imphash ac906a057556b881e3a2dbe70f53cee4
File size 25.2 MB ( 26437531 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
nsis peexe overlay via-tor

VirusTotal metadata
First submission 2018-09-15 07:51:53 UTC ( 4 months, 1 week ago )
Last submission 2018-11-18 17:19:06 UTC ( 2 months ago )
File names claws-mail-3.17.1-1-32bit.exe
claws-mail-3.17.1-1-32bit.exe
claws-mail-3.17.1-1-32bit.exe
D1636A2C74434FA6B187C07C4F411F108165F2EA3E88C69200472812EA560D29.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!