× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d7d7e31310c453288ceffb2e0daa2936d5d1bf3abcf84c77907f23cbd6bbdea1
File name: LiquidStudio2018.exe
Detection ratio: 0 / 68
Analysis date: 2018-06-10 00:24:04 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware 20180609
AegisLab 20180610
AhnLab-V3 20180609
Alibaba 20180608
ALYac 20180609
Antiy-AVL 20180610
Arcabit 20180609
Avast 20180609
Avast-Mobile 20180609
AVG 20180609
Avira (no cloud) 20180609
AVware 20180609
Babable 20180406
Baidu 20180608
BitDefender 20180609
Bkav 20180609
CAT-QuickHeal 20180609
ClamAV 20180609
CMC 20180609
Comodo 20180609
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180610
Cyren 20180609
DrWeb 20180609
eGambit 20180610
Emsisoft 20180609
Endgame 20180507
ESET-NOD32 20180610
F-Prot 20180609
F-Secure 20180610
Fortinet 20180609
GData 20180609
Ikarus 20180609
Sophos ML 20180601
Jiangmin 20180609
K7AntiVirus 20180609
K7GW 20180609
Kaspersky 20180609
Kingsoft 20180610
Malwarebytes 20180609
MAX 20180610
McAfee 20180609
McAfee-GW-Edition 20180609
Microsoft 20180610
eScan 20180610
NANO-Antivirus 20180610
Palo Alto Networks (Known Signatures) 20180610
Panda 20180609
Qihoo-360 20180610
Rising 20180610
SentinelOne (Static ML) 20180225
Sophos AV 20180609
SUPERAntiSpyware 20180609
Symantec 20180609
Symantec Mobile Insight 20180605
TACHYON 20180608
Tencent 20180610
TheHacker 20180608
TotalDefense 20180609
TrendMicro 20180610
TrendMicro-HouseCall 20180610
Trustlook 20180610
VBA32 20180608
VIPRE 20180610
ViRobot 20180609
Webroot 20180610
Yandex 20180609
Zillya 20180608
ZoneAlarm by Check Point 20180609
Zoner 20180609
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
All rights reserved

Product Liquid Studio 2018
File version 16.1.4.8455
Description Liquid Studio 2018 Installation
Comments This installation was built with InstallAware: http://www.installaware.com
Signature verification Signed file, verified signature
Signing date 4:14 PM 6/4/2018
Signers
[+] Liquid Technologies Limited
Status Valid
Issuer thawte SHA256 Code Signing CA
Valid from 1:00 AM 3/10/2017
Valid to 12:59 AM 4/21/2020
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 120E8ACF451895508AAC6520B97A6DF70821041C
Serial number 04 A0 F1 7A E2 9D 9F 53 3F 6D AE D1 CC 31 97 D5
[+] thawte SHA256 Code Signing CA
Status Valid
Issuer thawte Primary Root CA
Valid from 1:00 AM 12/10/2013
Valid to 12:59 AM 12/10/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint D00CFDBF46C98A838BC10DC4E097AE0152C461BC
Serial number 71 A0 B7 36 95 DD B1 AF C2 3B 2B 9A 18 EE 54 CB
[+] thawte
Status Valid
Issuer thawte Primary Root CA
Valid from 1:00 AM 11/17/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 91C6D6EE3E8AC86384E548C299295C756C817B81
Serial number 34 4E D5 57 20 D5 ED EC 49 F4 2F CE 37 DB 2B 6D
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT 7Z
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-09-08 22:01:54
Entry Point 0x00021BD6
Number of sections 4
PE sections
Overlays
MD5 965cc8060a472340dd514bb5ca33eb89
File type data
Offset 414208
Size 3552824
Entropy 8.00
PE imports
RegCreateKeyExW
RegCloseKey
RegSetValueExW
GetObjectW
GetStdHandle
GetConsoleOutputCP
WaitForSingleObject
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
FormatMessageW
InitializeCriticalSection
FindClose
InterlockedDecrement
SetFileAttributesW
SetLastError
RemoveDirectoryW
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetFullPathNameW
CreateThread
SetUnhandledExceptionFilter
ExitThread
TerminateProcess
WriteConsoleA
SetCurrentDirectoryW
SetEndOfFile
GetVersion
LeaveCriticalSection
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
GetVersionExW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetWindowsDirectoryW
GetFileSize
GetModuleHandleW
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
GetTempFileNameW
GetModuleFileNameW
FindNextFileW
ResetEvent
FindFirstFileW
GetProcAddress
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LCMapStringW
GetShortPathNameW
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
lstrlenW
CreateProcessW
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetCurrentThreadId
IsValidCodePage
HeapCreate
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
SysAllocString
SysFreeString
VariantClear
SysAllocStringLen
SHGetFolderPathW
ShellExecuteExW
RegisterWindowMessageW
EndDialog
MoveWindow
KillTimer
ShowWindow
SetWindowLongW
MessageBoxW
PeekMessageW
GetWindowRect
CharUpperW
DialogBoxParamW
PostMessageW
SetDlgItemTextW
CreateDialogParamW
SendMessageW
LoadStringW
SetWindowTextW
GetDlgItem
SystemParametersInfoW
SetTimer
LoadImageW
AdjustWindowRect
IsDlgButtonChecked
GetWindowTextW
GetDesktopWindow
LoadIconW
GetWindowTextLengthW
GetWindowLongW
SetForegroundWindow
DestroyWindow
CoCreateInstance
CoInitialize
Number of PE resources by type
RT_STRING 105
RT_ICON 13
RT_DIALOG 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 19
HEBREW DEFAULT 3
SWEDISH 3
HUNGARIAN DEFAULT 3
VIETNAMESE DEFAULT 3
ESTONIAN DEFAULT 3
LITHUANIAN 3
FRENCH 3
CHINESE SIMPLIFIED 3
SLOVENIAN DEFAULT 3
DUTCH 3
PORTUGUESE 3
ITALIAN 3
CATALAN DEFAULT 3
FINNISH DEFAULT 3
PORTUGUESE BRAZILIAN 3
KOREAN 3
CZECH DEFAULT 3
BASQUE DEFAULT 3
LATVIAN DEFAULT 3
GERMAN 3
POLISH DEFAULT 3
JAPANESE DEFAULT 3
DANISH DEFAULT 3
SLOVAK DEFAULT 3
GREEK DEFAULT 3
TURKISH DEFAULT 3
NORWEGIAN BOKMAL 3
CHINESE TRADITIONAL 3
THAI DEFAULT 3
SERBIAN DEFAULT 3
ARABIC SAUDI ARABIA 3
NEUTRAL 3
SPANISH MODERN 3
ROMANIAN 3
RUSSIAN 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with InstallAware: http://www.installaware.com

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
16.1.4.8455

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
229888

EntryPoint
0x21bd6

MIMEType
application/octet-stream

LegalCopyright
All rights reserved

FileVersion
16.1.4.8455

TimeStamp
2015:09:08 23:01:54+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

ProductVersion
16.1.4.845

FileDescription
Liquid Studio 2018 Installation

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Liquid Technologies Limited

CodeSize
183296

ProductName
Liquid Studio 2018

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 3c4bccf6c201478d3af5b307cdec4206
SHA1 d6e4235ea9c98d7789047d225a395356ca77ee37
SHA256 d7d7e31310c453288ceffb2e0daa2936d5d1bf3abcf84c77907f23cbd6bbdea1
ssdeep
98304:nnZaLAtX5k6q3bQ27lZvjl5ayMxKJsUUR5qFx2WCp:0LAtXO6qLzB9ZrMxvRcztCp

authentihash a7f2728a8852e1ab0828302a7b1202ae6f7215476434362334204512a886573e
imphash eaefd1169420dcee9fef7c65aa268740
File size 3.8 MB ( 3967032 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (36.1%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win64 Executable (generic) (23.2%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.7%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2018-06-08 10:00:35 UTC ( 5 months, 1 week ago )
Last submission 2018-06-08 10:00:35 UTC ( 5 months, 1 week ago )
File names LiquidStudio2018.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Searched windows
Runtime DLLs