× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d7be6b3e8ad8a5fc76f54f882c5c7ed7ea686811b504a933410b50788240268c
File name: Opera-Mail-1.0-1044.i386.exe
Detection ratio: 0 / 61
Analysis date: 2017-05-07 19:23:35 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware 20170507
AegisLab 20170507
AhnLab-V3 20170507
Alibaba 20170505
ALYac 20170507
Antiy-AVL 20170507
Arcabit 20170507
Avast 20170507
AVG 20170507
Avira (no cloud) 20170507
AVware 20170507
Baidu 20170503
BitDefender 20170507
Bkav 20170506
CAT-QuickHeal 20170506
ClamAV 20170507
CMC 20170507
Comodo 20170507
CrowdStrike Falcon (ML) 20170130
Cyren 20170507
DrWeb 20170507
Emsisoft 20170507
Endgame 20170503
ESET-NOD32 20170507
F-Prot 20170507
F-Secure 20170507
Fortinet 20170507
GData 20170507
Ikarus 20170507
Sophos ML 20170413
Jiangmin 20170507
K7AntiVirus 20170506
K7GW 20170507
Kaspersky 20170507
Kingsoft 20170507
Malwarebytes 20170507
McAfee 20170507
McAfee-GW-Edition 20170507
Microsoft 20170507
eScan 20170507
NANO-Antivirus 20170507
nProtect 20170507
Palo Alto Networks (Known Signatures) 20170507
Panda 20170507
Qihoo-360 20170507
Rising 20170507
SentinelOne (Static ML) 20170330
Sophos AV 20170507
SUPERAntiSpyware 20170507
Symantec 20170507
Symantec Mobile Insight 20170504
Tencent 20170507
TheHacker 20170505
TrendMicro 20170507
TrendMicro-HouseCall 20170507
Trustlook 20170507
VBA32 20170506
VIPRE 20170507
ViRobot 20170507
Webroot 20170507
WhiteArmor 20170502
Yandex 20170504
Zillya 20170505
ZoneAlarm by Check Point 20170507
Zoner 20170507
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (c) 1999-2008 Opera Software ASA

Product Opera
Original name Opera.exe
Internal name 7ZSfxNew
Description 7z Setup SFX
Signature verification Signed file, verified signature
Signing date 1:04 PM 2/3/2016
Signers
[+] Opera Software ASA
Status Valid
Issuer DigiCert EV Code Signing CA (SHA2)
Valid from 1:00 AM 1/25/2016
Valid to 1:00 PM 1/29/2019
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint E20BBC7F8D5C46740E35DB701BD1AEA97DFFFA71
Serial number 05 10 E0 3C D7 B8 B7 1E 2E 2D B1 66 79 B0 95 95
[+] DigiCert EV Code Signing CA (SHA2)
Status Valid
Issuer DigiCert High Assurance EV Root CA
Valid from 1:00 PM 4/18/2012
Valid to 1:00 PM 4/18/2027
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 60EE3FC53D4BDFD1697AE5BEAE1CAB1C0F3AD4E3
Serial number 03 F1 B4 E1 5F 3A 82 F1 14 96 78 B3 D7 D8 47 5C
[+] DigiCert
Status Valid
Issuer DigiCert High Assurance EV Root CA
Valid from 1:00 AM 11/10/2006
Valid to 1:00 AM 11/10/2031
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha1RSA
Thumbprint 5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25
Serial number 02 AC 5C 26 6A 0B 40 9B 8F 0B 79 F2 AE 46 25 77
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT maxorder, appended, 7Z, UTF-8
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-07-22 02:33:09
Entry Point 0x00011DE6
Number of sections 4
PE sections
Overlays
MD5 9cdc13fce910e53db1aedf73aa705668
File type data
Offset 536576
Size 11682304
Entropy 8.00
PE imports
GetDeviceCaps
SelectObject
DeleteObject
GetObjectW
CreateFontIndirectW
GetUserDefaultUILanguage
GetLastError
InitializeCriticalSection
GetStdHandle
GetDriveTypeW
ReadFile
LoadLibraryA
lstrlenA
RemoveDirectoryW
WaitForSingleObject
GetVersionExW
GetOEMCP
SystemTimeToFileTime
GetFileAttributesW
lstrlenW
GetLocalTime
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CompareFileTime
GetFileSize
SetFileTime
GetCommandLineW
CreateThread
MultiByteToWideChar
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
TerminateThread
lstrcmpW
SuspendThread
GetModuleFileNameW
SetFilePointer
lstrcpyW
SetFileAttributesW
WideCharToMultiByte
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetSystemDirectoryW
FindNextFileW
WriteFile
GetStartupInfoA
CloseHandle
GetSystemTimeAsFileTime
FindFirstFileW
GetACP
WaitForMultipleObjects
GetModuleHandleW
SetEvent
LocalFree
FormatMessageW
ResumeThread
CreateEventW
GetExitCodeThread
ResetEvent
lstrcmpiW
SetCurrentDirectoryW
GetTempPathW
CreateFileW
VirtualFree
FindClose
Sleep
SetEndOfFile
GetProcAddress
VirtualAlloc
GetModuleHandleA
MulDiv
_purecall
__p__fmode
malloc
__CxxFrameHandler
??1type_info@@UAE@XZ
memset
_wcsnicmp
__dllonexit
_controlfp
_except_handler3
??2@YAPAXI@Z
_onexit
_wtol
exit
_XcptFilter
memcmp
__setusermatherr
_adjust_fdiv
_acmdln
_CxxThrowException
__p__commode
??3@YAXPAX@Z
free
__getmainargs
_initterm
memmove
memcpy
_beginthreadex
_exit
__set_app_type
VariantClear
SysAllocString
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
SHGetSpecialFolderPathW
SHGetMalloc
SetFocus
GetParent
EndDialog
SystemParametersInfoW
DefWindowProcW
KillTimer
ShowWindow
MessageBeep
SetWindowPos
wvsprintfW
GetSystemMetrics
SetWindowLongW
GetWindowRect
ScreenToClient
CharUpperW
MessageBoxA
LoadIconW
GetWindowDC
GetWindow
SetDlgItemTextW
GetDC
GetKeyState
ReleaseDC
SendMessageW
wsprintfW
DrawIconEx
GetClientRect
GetDlgItem
DrawTextW
LoadImageW
EnableMenuItem
ClientToScreen
wsprintfA
SetTimer
CallWindowProcW
DialogBoxIndirectParamW
SetWindowTextW
GetWindowTextW
GetSystemMenu
GetWindowTextLengthW
GetWindowLongW
CoCreateInstance
CoInitialize
Number of PE resources by type
RT_ICON 11
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 14
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
462336

EntryPoint
0x11de6

OriginalFileName
Opera.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 1999-2008 Opera Software ASA

TimeStamp
2007:07:22 03:33:09+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
7ZSfxNew

FileDescription
7z Setup SFX

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Opera Software ASA

CodeSize
74752

ProductName
Opera

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 bb0e401ebb5ada0003c5f9c21a5bbddc
SHA1 a57336113278d1c5883fc24a157c42bc6d6c9d2d
SHA256 d7be6b3e8ad8a5fc76f54f882c5c7ed7ea686811b504a933410b50788240268c
ssdeep
196608:+ukh3gHIOEVN4+PPN73wl3SW3JOGCvH4yy53kRuRsmfj2G5XoOYKDvJ1PKo:+DLHB5WCuJO/Hy9kniaMLzDvJ1PT

authentihash 96a40517c223d2f60ad0f8065f1daaef339fed3194143e6ecbde10ae99b36de3
imphash 0c40996f6e1e5f2a82b51e9950881bf1
File size 11.7 MB ( 12218880 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2016-02-15 19:47:09 UTC ( 1 year, 8 months ago )
Last submission 2017-10-08 06:51:04 UTC ( 1 week, 3 days ago )
File names Opera-Mail-1.0-1044.i386.exe
Opera-Mail-1.0-1044.i386.exe
Opera-Mail-1.0-1044.i386.exe
Opera-Mail-1.0-1044.i386.exe
Opera-Mail-1.0-1044.i386(1).exe
OperaMail_Rus_Setup.exe
opera-mail-1.0-1044.i386.exe
7ZSfxNew
Opera Mail 1.0-1044.i386.exe
Opera-Mail-1.0-1044.i386.exe
Opera-Mail-1.0-1044.i386.exe
Opera-Mail-1.0-1044.i386 (1).exe
Opera.exe
Opera-Mail-1.0-1044.i386.exe
opera_mail_1.0.1044.exe
Opera-Mail-1.0-1044.i386.exe
myfile.exe
Opera-Mail-1.0-1044.i386.exe
Opera-Mail-1.0-1044.i386.exe
Opera-Mail-1.0-1044.i386.exe
opera-mail_1-0-1044_fr_429825.exe
D7BE6B3E8AD8A5FC76F54F882C5C7ED7EA686811B504A933410B50788240268C.exe
Opera-Mail-1.0-1044.i386.exe
Opera-Mail-1.0-1044.i386.exe
Opera Mail 1.0.1044.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs
UDP communications