× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: dae55437bec57a991a410a0d30d461431bbc4a60b658c94317acb19879d05287
File name: Installer.exe
Detection ratio: 0 / 56
Analysis date: 2015-07-19 05:05:02 UTC ( 1 week, 2 days ago )
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
ALYac 20150719
AVG 20150719
AVware 20150719
Ad-Aware 20150719
AegisLab 20150718
Agnitum 20150717
AhnLab-V3 20150718
Alibaba 20150717
Antiy-AVL 20150719
Arcabit 20150719
Avast 20150719
Avira 20150717
Baidu-International 20150718
BitDefender 20150719
Bkav 20150718
ByteHero 20150719
CAT-QuickHeal 20150717
ClamAV 20150717
Comodo 20150719
Cyren 20150719
DrWeb 20150719
ESET-NOD32 20150718
Emsisoft 20150719
F-Prot 20150719
F-Secure 20150718
Fortinet 20150719
GData 20150719
Ikarus 20150719
Jiangmin 20150718
K7AntiVirus 20150719
K7GW 20150718
Kaspersky 20150718
Kingsoft 20150719
Malwarebytes 20150718
McAfee 20150719
McAfee-GW-Edition 20150718
MicroWorld-eScan 20150719
Microsoft 20150719
NANO-Antivirus 20150719
Panda 20150718
Qihoo-360 20150719
Rising 20150718
SUPERAntiSpyware 20150719
Sophos 20150719
Symantec 20150719
Tencent 20150719
TheHacker 20150717
TotalDefense 20150718
TrendMicro 20150719
TrendMicro-HouseCall 20150719
VBA32 20150718
VIPRE 20150719
ViRobot 20150719
Zillya 20150718
Zoner 20150719
nProtect 20150717
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c) Moo0. All rights reserved.

Publisher Moo0
Product Moo0 Installer
Original name Installer.exe
Internal name Installer.exe
File version 1.0.0.0
Description Moo0 Installer
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-10-18 16:06:19
Link date 5:06 PM 10/18/2013
Entry Point 0x000C439C
Number of sections 4
PE sections
PE imports
RegCreateKeyExW
GetSidSubAuthorityCount
GetSidSubAuthority
RegCloseKey
OpenProcessToken
RegSetValueExW
IsValidSid
GetSidIdentifierAuthority
GetUserNameW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegQueryValueW
RegOpenKeyW
InitCommonControlsEx
GetFileTitleW
GetDIBColorTable
GetWindowExtEx
SetMapMode
TextOutW
CreateFontIndirectW
GetClipBox
GetRgnBox
SaveDC
GetPaletteEntries
CreateRectRgnIndirect
SetStretchBltMode
GetDeviceCaps
ExcludeClipRect
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
CreateBitmap
StretchBlt
EndDoc
CreateSolidBrush
StartPage
DeleteObject
GetObjectW
CreateDCW
CreateDIBSection
SetTextColor
DPtoLP
GetCurrentObject
RectVisible
ExtTextOutW
GetTextExtentPoint32W
BitBlt
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
GetViewportExtEx
PtVisible
ExtSelectClipRgn
CreateCompatibleDC
StartDocW
ScaleViewportExtEx
EndPage
SelectObject
GetMapMode
SetDIBColorTable
SetWindowExtEx
GetTextColor
GetStretchBltMode
SetViewportExtEx
Escape
SetBkColor
GetBkColor
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
FileTimeToSystemTime
WaitForSingleObject
GetDriveTypeA
HeapDestroy
GetFileAttributesW
DuplicateHandle
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleMode
GetLocaleInfoA
LocalAlloc
UnhandledExceptionFilter
SetErrorMode
FreeEnvironmentStringsW
GetLocaleInfoW
EnumResourceLanguagesW
GetFileTime
WideCharToMultiByte
GetStringTypeA
GetDiskFreeSpaceW
InterlockedExchange
FindResourceExW
GetProfileIntW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
ResumeThread
FreeLibrary
LocalFree
FormatMessageW
GetThreadPriority
BeginUpdateResourceW
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
SetFileAttributesW
WritePrivateProfileStringW
SetLastError
GetUserDefaultUILanguage
InitializeCriticalSection
CopyFileW
UpdateResourceW
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetVersionExA
GetModuleFileNameA
SetProcessWorkingSetSize
SetThreadPriority
GetVolumeInformationW
TlsGetValue
MultiByteToWideChar
SetFilePointerEx
CreateEventW
GetFullPathNameW
GlobalAddAtomW
CreateThread
MoveFileExW
SetUnhandledExceptionFilter
ConvertDefaultLocale
MulDiv
GetFileInformationByHandle
ExitThread
SetEnvironmentVariableA
SetPriorityClass
TerminateProcess
WriteConsoleA
GetVersion
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
GetModuleHandleA
CreateToolhelp32Snapshot
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
LoadLibraryW
EndUpdateResourceW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
GlobalFindAtomW
GetStartupInfoA
UnlockFile
GetFileSize
LCMapStringW
OpenProcess
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
GetTempFileNameW
EnumResourceNamesW
CompareStringW
lstrcpyW
GlobalReAlloc
RemoveDirectoryW
ExpandEnvironmentStringsW
lstrcmpA
FindNextFileW
ResetEvent
FindFirstFileW
lstrcmpW
WaitForMultipleObjects
GlobalLock
SetEvent
GetTempPathW
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LocalReAlloc
GlobalDeleteAtom
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
FindResourceW
LCMapStringA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
Process32NextW
GetCPInfoExW
SizeofResource
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
Process32FirstW
GetCurrentThread
EnumSystemCodePagesW
SuspendThread
GetSystemDefaultLangID
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
EnumResourceTypesW
GetACP
GetModuleHandleW
FreeResource
FileTimeToLocalFileTime
SetStdHandle
GetEnvironmentStrings
IsValidCodePage
HeapCreate
WriteFile
VirtualQuery
VirtualFree
Sleep
WriteConsoleW
VirtualAlloc
CompareStringA
OleCreateFontIndirect
VariantTimeToSystemTime
SysStringLen
SystemTimeToVariantTime
SysAllocStringLen
VariantChangeType
VariantClear
SysAllocString
SafeArrayDestroy
VariantCopy
SysFreeString
VariantInit
DragQueryFileW
Ord(716)
DragFinish
Ord(155)
Ord(190)
Shell_NotifyIconW
SHGetPathFromIDListW
DragAcceptFiles
SHChangeNotify
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFileInfoW
SHGetDesktopFolder
SHFileOperationW
Ord(162)
SHGetMalloc
SHBrowseForFolderW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatByteSizeW
PathFindFileNameW
RedrawWindow
GetForegroundWindow
SetWindowRgn
GetMenuInfo
UnregisterHotKey
SetMenuItemBitmaps
LoadBitmapW
DestroyMenu
PostQuitMessage
GetMessagePos
SetWindowPos
SetScrollPos
IsWindow
GrayStringW
EndPaint
WindowFromPoint
GetMessageTime
SetActiveWindow
DispatchMessageW
GetCursorPos
MapDialogRect
GetDlgCtrlID
GetMenu
UnregisterClassA
UnregisterClassW
GetClassInfoW
DrawTextW
GetNextDlgTabItem
CallNextHookEx
GetClientRect
ClientToScreen
GetActiveWindow
RegisterHotKey
GetWindowTextW
CopyAcceleratorTableW
GetWindowTextLengthW
GetTopWindow
InvalidateRgn
PtInRect
GetClassInfoExW
UpdateWindow
GetPropW
EqualRect
GetMessageW
ShowWindow
GetNextDlgGroupItem
SetPropW
ValidateRect
PeekMessageW
CreateIconFromResource
EnableWindow
CharUpperW
TranslateMessage
IsWindowEnabled
GetWindow
CreateCursor
CreateIconFromResourceEx
GetIconInfo
RegisterClassW
IsZoomed
GetWindowPlacement
DestroyWindow
DrawMenuBar
EnableMenuItem
GetSubMenu
GetScrollRange
SetTimer
IsDialogMessageW
CopyRect
GetSysColorBrush
CreateWindowExW
TabbedTextOutW
GetWindowLongW
CharNextW
IsChild
MapWindowPoints
RegisterWindowMessageW
GetMonitorInfoW
IsIconic
BeginPaint
OffsetRect
DefWindowProcW
GetScrollPos
KillTimer
SetClipboardViewer
GetParent
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
DrawTextExW
SendDlgItemMessageW
PostMessageW
InvalidateRect
CheckMenuItem
GetClassLongW
GetLastActivePopup
DrawIconEx
SetWindowTextW
GetDlgItem
GetMenuCheckMarkDimensions
ScreenToClient
PostThreadMessageW
GetMenuItemCount
GetMenuState
SetWindowsHookExW
LoadCursorW
LoadIconW
GetMenuItemID
SetForegroundWindow
GetAsyncKeyState
CreateDialogIndirectParamW
ReleaseDC
IntersectRect
EndDialog
SetWindowContextHelpId
GetCapture
MessageBeep
SetFocus
GetWindowThreadProcessId
MessageBoxW
SendMessageW
RegisterClassExW
UnhookWindowsHookEx
MoveWindow
GetWindowDC
ChangeClipboardChain
AdjustWindowRectEx
GetSysColor
RegisterClipboardFormatW
GetKeyState
SystemParametersInfoA
DestroyIcon
EnumDisplayMonitors
IsWindowVisible
WinHelpW
GetDesktopWindow
SystemParametersInfoW
GetDC
SetRect
MonitorFromRect
CallWindowProcW
GetClassNameW
ModifyMenuW
IsRectEmpty
GetFocus
wsprintfW
SetCursor
SetMenu
RemovePropW
HttpQueryInfoW
InternetConnectW
InternetReadFile
InternetCloseHandle
HttpSendRequestW
InternetGetConnectedState
InternetOpenW
HttpOpenRequestW
ClosePrinter
DocumentPropertiesW
OpenPrinterW
OleUninitialize
CoUninitialize
StgOpenStorageOnILockBytes
CoFreeUnusedLibraries
OleFlushClipboard
RegisterDragDrop
RevokeDragDrop
CoRegisterMessageFilter
OleGetClipboard
StgCreateDocfileOnILockBytes
CLSIDFromString
CreateILockBytesOnHGlobal
CoGetClassObject
CoInitialize
OleInitialize
CoLockObjectExternal
CoCreateInstance
CoTaskMemAlloc
CoRevokeClassObject
CLSIDFromProgID
CoInitializeSecurity
OleIsCurrentClipboard
CoTaskMemFree
OleUIBusyW
URLDownloadToCacheFileW
URLDownloadToFileW
Number of PE resources by type
RT_CURSOR 16
RT_GROUP_CURSOR 15
RT_STRING 13
RT_ICON 12
IDR_ZIP 4
RT_DIALOG 2
RT_BITMAP 2
RT_MANIFEST 1
RT_VERSION 1
IDR_XML 1
RT_GROUP_ICON 1
Number of PE resources by language
JAPANESE DEFAULT 49
ENGLISH US 19
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
2920448

EntryPoint
0xc439c

OriginalFileName
Installer.exe

MIMEType
application/octet-stream

LegalCopyright
(c) Moo0. All rights reserved.

FileVersion
1.0.0.0

TimeStamp
2013:10:18 17:06:19+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Installer.exe

ProductVersion
1.0.0.0

FileDescription
Moo0 Installer

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Moo0

CodeSize
1126400

ProductName
Moo0 Installer

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 781467201278b17a28d041c47aed4936
SHA1 6397302a28e72b113d5b208b716205683fd93962
SHA256 dae55437bec57a991a410a0d30d461431bbc4a60b658c94317acb19879d05287
ssdeep
98304:jtKMb9eIxC8xXQjX5PD8iDqw798WIoNUWpqYxYFr18t0GS:jcMh9xCAXQj9D8ChxlqYxYboW

authentihash 5966b1d927c62820245ed4a0b0fc4bac1ce45f25fa9a2982d3f3c9baf30de8db
imphash b9c96a8434df46149bee33a6d2c11289
File size 3.9 MB ( 4050944 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (48.1%)
Win32 Executable MS Visual C++ (generic) (34.9%)
Win32 Dynamic Link Library (generic) (7.3%)
Win32 Executable (generic) (5.0%)
Generic Win/DOS Executable (2.2%)
Tags
peexe

VirusTotal metadata
First submission 2013-10-21 10:57:00 UTC ( 1 year, 9 months ago )
Last submission 2015-07-03 04:36:26 UTC ( 3 weeks, 4 days ago )
File names Installer.exe
Moo0_SystemMonitor_v1.76_Installer.exe
Moo0_SystemMonitor_v1.76_Installer.exe
Moo0_SystemMonitor_v1.76_Installer.exe
Moo0_SystemMonitor_v1.76_Installer.exe
Moo0 SystemMonitor v1.76 Installer.exe
moo0 systemmonitor v1.76 installer.exe
Moo0_SystemMonitor_1.76_Installer.exe
file-7168992_exe
Moo0_SystemMonitor_v1.76_Installer.exe
Moo0_SystemMonitor_v1.76_Installer.exe
Moo0_SystemMonitor_v1.76_Installer.exe
Moo0%20SystemMonitor%20v1.76%20Installer.exe
Moo0 System Monitor 1.76.exe
Moo0 SystemMonitor v1.76 Installer.exe
Moo0 SystemMonitor v1.76 Installer.exe
Moo0_SystemMonitor.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
screen-capture

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created mutexes
Opened mutexes
Opened service managers
Opened services
Hooking activity
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.
HTTP requests
DNS requests
TCP connections
UDP communications