× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d80719431dc22b0e4a070f61fab982b113a4ed9a6d4cf25e64b5be390dcadb94
File name: wget64.exe
Detection ratio: 0 / 66
Analysis date: 2018-06-02 17:10:24 UTC ( 1 month, 2 weeks ago )
Antivirus Result Update
Ad-Aware 20180602
AegisLab 20180602
AhnLab-V3 20180602
Alibaba 20180601
ALYac 20180602
Antiy-AVL 20180602
Arcabit 20180602
Avast 20180602
Avast-Mobile 20180602
AVG 20180602
Avira (no cloud) 20180602
AVware 20180602
Babable 20180406
Baidu 20180601
BitDefender 20180602
Bkav 20180601
CAT-QuickHeal 20180602
ClamAV 20180602
CMC 20180602
Comodo 20180602
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cylance 20180602
Cyren 20180602
DrWeb 20180602
eGambit 20180602
Emsisoft 20180602
Endgame 20180507
ESET-NOD32 20180602
F-Prot 20180602
F-Secure 20180602
Fortinet 20180602
GData 20180602
Ikarus 20180602
Sophos ML 20180601
Jiangmin 20180602
K7AntiVirus 20180602
K7GW 20180602
Kaspersky 20180602
Kingsoft 20180602
Malwarebytes 20180602
MAX 20180602
McAfee 20180602
McAfee-GW-Edition 20180602
Microsoft 20180602
eScan 20180602
NANO-Antivirus 20180602
nProtect 20180602
Palo Alto Networks (Known Signatures) 20180602
Panda 20180602
Qihoo-360 20180602
Rising 20180602
SentinelOne (Static ML) 20180225
Sophos AV 20180602
SUPERAntiSpyware 20180602
Symantec 20180602
Symantec Mobile Insight 20180601
Tencent 20180602
TheHacker 20180531
TotalDefense 20180602
TrendMicro 20180602
TrendMicro-HouseCall 20180602
Trustlook 20180602
VBA32 20180601
VIPRE 20180602
ViRobot 20180602
Webroot 20180602
Yandex 20180529
Zillya 20180601
ZoneAlarm by Check Point 20180602
Zoner 20180602
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem that targets 64bit architectures.
Authenticode signature block and FileVersionInfo properties
Signature verification Signed file, verified signature
Signing date 11:46 AM 10/28/2017
Signers
[+] Jernej Simončič
Status Valid
Issuer COMODO Code Signing CA 2
Valid from 1:00 AM 3/28/2016
Valid to 12:59 AM 3/29/2019
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint A2E1E598D17B691542616EE26800E91C64DB99B7
Serial number 03 1C E8 45 CC A9 7A AE 1E AD 8B 64 64 F9 C7 B6
[+] COMODO Code Signing CA 2
Status Valid
Issuer UTN-USERFirst-Object
Valid from 1:00 AM 8/24/2011
Valid to 11:48 AM 5/30/2020
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint B64771392538D1EB7A9281998791C14AFD0C5035
Serial number 10 70 9D 4F F5 54 08 D7 30 60 01 D8 EA 91 75 BB
[+] UTN-USERFirst-Object
Status Valid
Issuer AddTrust External CA Root
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm sha1RSA
Thumbprint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] The USERTrust Network™
Status Valid
Issuer AddTrust External CA Root
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbprint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Counter signers
[+] COMODO SHA-1 Time Stamping Signer
Status Valid
Issuer UTN-USERFirst-Object
Valid from 1:00 AM 12/31/2015
Valid to 7:40 PM 7/9/2019
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 03A5B14663EB12023091B84A6D6A68BC871DE66B
Serial number 16 88 F0 39 25 5E 63 8E 69 14 39 07 E6 33 0B
[+] UTN-USERFirst-Object
Status Valid
Issuer AddTrust External CA Root
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm sha1RSA
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] The USERTrust Network™
Status Valid
Issuer AddTrust External CA Root
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
PE header basic information
Target machine x64
Entry Point 0x00001500
Number of sections 10
PE sections
Overlays
MD5 bb4b24890c1d1ddaa87ed41f21fb84c4
File type data
Offset 3933184
Size 24456
Entropy 6.38
PE imports
CryptDestroyKey
CryptGetUserKey
CryptReleaseContext
RegisterEventSourceW
CryptEnumProvidersW
CryptSignHashW
CryptExportKey
CryptSetHashParam
CryptGenRandom
CryptAcquireContextW
DeregisterEventSource
ReportEventW
CryptDecrypt
CryptGetProvParam
CryptDestroyHash
CryptCreateHash
CertEnumCertificatesInStore
CertOpenStore
CertFreeCertificateContext
CertCloseStore
CertGetCertificateContextProperty
CertDuplicateCertificateContext
CertFindCertificateInStore
GetStdHandle
DeleteFiber
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
UnhandledExceptionFilter
OpenFileMappingA
GetFileInformationByHandle
IsDBCSLeadByteEx
GetTempPathA
GetCPInfo
WriteFile
WaitForSingleObject
GetSystemTimeAsFileTime
SetEvent
FormatMessageW
ResumeThread
InitializeCriticalSection
FindClose
TlsGetValue
GetEnvironmentVariableW
SetLastError
GetSystemTime
GetModuleFileNameW
GetNumberOfConsoleInputEvents
GetModuleFileNameA
FindNextVolumeW
SetConsoleCtrlHandler
RtlVirtualUnwind
GetVolumeInformationW
MultiByteToWideChar
SwitchToFiber
GetModuleHandleA
LockFileEx
CreateThread
SetUnhandledExceptionFilter
ReadConsoleA
GlobalMemoryStatus
ConvertThreadToFiber
GetModuleHandleExW
VirtualQuery
GetDiskFreeSpaceExW
SetEndOfFile
RtlCaptureContext
GetVersion
SleepEx
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
PeekNamedPipe
TerminateThread
LoadLibraryW
FindVolumeClose
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
LoadLibraryA
ConvertFiberToThread
GetStartupInfoA
UnlockFile
GetFileSize
GetProcAddress
GetConsoleScreenBufferInfo
GetFileSizeEx
FindNextFileW
RtlLookupFunctionEntry
CreateFileMappingA
FindFirstFileW
TerminateProcess
WaitForMultipleObjects
ReadConsoleW
GetTimeZoneInformation
GetConsoleWindow
CreateEventA
GetFileType
TlsSetValue
GetCurrentThreadId
FindFirstVolumeW
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
UnmapViewOfFile
RtlAddFunctionTable
CreateFiber
GetCurrentProcessId
WideCharToMultiByte
GetCommandLineA
QueryPerformanceFrequency
MapViewOfFile
TlsFree
SetFilePointer
SetConsoleTitleA
CloseHandle
PeekConsoleInputA
GetACP
GetModuleHandleW
CreateProcessA
IsValidCodePage
SetConsoleMode
Sleep
MessageBoxW
DispatchMessageA
PeekMessageA
MsgWaitForMultipleObjects
TranslateMessage
GetUserObjectInformationW
GetProcessWindowStation
getaddrinfo
WSASocketA
getnameinfo
accept
ioctlsocket
WSAStartup
freeaddrinfo
connect
getsockname
WSAAddressToStringA
htons
WSASetLastError
WSAGetLastError
getsockopt
recv
send
ntohs
select
listen
__WSAFDIsSet
WSAEventSelect
gethostbyname
getpeername
WSACleanup
closesocket
setsockopt
socket
bind
WSAEnumNetworkEvents
__lconv_init
___lc_codepage_func
fclose
_time64
_snwprintf
strtoul
fflush
isxdigit
_fmode
strtol
__initenv
wcscmp
strtok
fwrite
_environ
_mkgmtime64
_fstat64
isspace
_close
iswctype
_exit
rewind
_isatty
_pipe
_wfopen
strstr
_write
memcpy
perror
fputs
memmove
signal
__dllonexit
_lseek
_mkdir
strcmp
memchr
strncmp
tmpfile
_getmaxstdio
fgetc
memset
strcat
_stricmp
_setmode
fgets
__pioinfo
strchr
clock
_sys_errlist
fgetpos
fsetpos
ftell
exit
sprintf
strrchr
_acmdln
strcspn
fputc
ferror
gmtime
free
ungetc
__getmainargs
_gmtime64
_lseeki64
_vsnprintf
puts
_read
_wopen
fseek
strcpy
bsearch
__mb_cur_max
islower
_getch
isupper
strftime
rand
raise
setlocale
realloc
__doserrno
_open_osfhandle
calloc
isprint
strncat
_dup
toupper
fopen
_vsnwprintf
strncpy
_cexit
__C_specific_handler
isalnum
_sys_nerr
_unlink
qsort
_tzset
_open
_onexit
wcslen
isalpha
memcmp
__setusermatherr
srand
_isctype
_utime
getenv
wcscat
atoi
vfprintf
localeconv
strerror
wcscpy
strspn
_strnicmp
localtime
rename
malloc
sscanf
fread
_chmod
abort
fprintf
towupper
ispunct
feof
_amsg_exit
clearerr
_fdopen
_errno
strlen
_lock
_get_osfhandle
_strdup
towlower
_fileno
_getpid
_telli64
tolower
_unlock
_setmaxstdio
strpbrk
isgraph
fwprintf
setbuf
_initterm
__argv
wcstombs
__iob_func
iscntrl
_filelengthi64
wcsstr
_stat64
getc
__set_app_type
CoUninitialize
CoInitializeEx
CoCreateInstance
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
AMD AMD64

TimeStamp
0000:00:00 00:00:00

FileType
Win64 EXE

PEType
PE32+

CodeSize
2789376

LinkerVersion
2.27

FileTypeExtension
exe

InitializedDataSize
3928576

SubsystemVersion
5.2

EntryPoint
0x1500

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
50176

File identification
MD5 1d0f3891401204926a90356146c23bc1
SHA1 4849367f8fa29f7f91de365f8baee2a9dc14480c
SHA256 d80719431dc22b0e4a070f61fab982b113a4ed9a6d4cf25e64b5be390dcadb94
ssdeep
49152:Al4KhCxrLbOvfhpox/NjVifpCR0sfa67QKTh7u02h3qBMOOLAuGtlqJiOFstXRVo:A9BK+GdOL1fK2r+xsGxVCAipeoD3

authentihash 0eec9fa9bd7cdd02b8b2414963e5c6e5c38ee46e0d9eb14974527ae45102b18e
imphash bf78cf43b2707856627fcbd2276d822b
File size 3.8 MB ( 3957640 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (console) Mono/.Net assembly

TrID Win64 Executable (generic) (82.0%)
OS/2 Executable (generic) (6.0%)
Generic Win/DOS Executable (5.9%)
DOS Executable Generic (5.9%)
VXD Driver (0.0%)
Tags
64bits peexe assembly signed overlay

VirusTotal metadata
First submission 2017-10-28 12:43:10 UTC ( 8 months, 3 weeks ago )
Last submission 2018-06-02 17:10:24 UTC ( 1 month, 2 weeks ago )
File names wget64.exe
wget.exe
wget.exe
wget64.exe
wget.exe
wget.exe
wget.exe
wget64.exe
wget64.exe
wget64.exe
wget64.exe
wget64.exe
wget64.exe
wget64.exe
wget.exe
wget.exe
wget64 1.19.2.exe
wget64.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!