× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: db1a576143108fb8d35fea047abde55a0cac1e8593fe20f004b81aba0e6a5188
File name: norton-antivirus-1-jetelecharge.exe
Detection ratio: 0 / 63
Analysis date: 2018-09-25 19:09:04 UTC ( 6 months ago ) View latest
Antivirus Result Update
Ad-Aware 20180925
AegisLab 20180925
AhnLab-V3 20180925
Alibaba 20180921
ALYac 20180925
Antiy-AVL 20180925
Arcabit 20180925
Avast 20180925
Avast-Mobile 20180925
AVG 20180925
Avira (no cloud) 20180925
AVware 20180925
Babable 20180918
Baidu 20180925
BitDefender 20180925
Bkav 20180925
CAT-QuickHeal 20180923
ClamAV 20180924
CMC 20180925
Comodo 20180925
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180925
Cyren 20180925
DrWeb 20180925
eGambit 20180925
Emsisoft 20180925
Endgame 20180730
ESET-NOD32 20180925
F-Prot 20180925
F-Secure 20180925
Fortinet 20180925
GData 20180925
Ikarus 20180925
Sophos ML 20180717
Jiangmin 20180925
K7AntiVirus 20180925
K7GW 20180925
Kaspersky 20180925
Kingsoft 20180925
Malwarebytes 20180925
MAX 20180925
McAfee 20180925
McAfee-GW-Edition 20180925
Microsoft 20180925
eScan 20180925
NANO-Antivirus 20180925
Palo Alto Networks (Known Signatures) 20180925
Panda 20180925
Qihoo-360 20180925
Rising 20180925
SentinelOne (Static ML) 20180925
Sophos AV 20180925
SUPERAntiSpyware 20180907
Symantec 20180925
Symantec Mobile Insight 20180924
TACHYON 20180925
Tencent 20180925
TheHacker 20180924
TotalDefense 20180925
TrendMicro 20180925
TrendMicro-HouseCall 20180925
Trustlook 20180925
VBA32 20180925
VIPRE 20180925
ViRobot 20180925
Webroot 20180925
Yandex 20180924
Zillya 20180925
ZoneAlarm by Check Point 20180925
Zoner 20180924
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © 2017 Symantec Corporation. All rights reserved.

Product Norton Internet Security
Original name NIS_GenericDef_SuperMUI.exe
Internal name Norton Internet Security
File version 22.10.1.10
Description Norton Internet Security
Signature verification Signed file, verified signature
Signing date 12:15 PM 8/24/2017
Signers
[+] Symantec Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 12/16/2016
Valid to 12:59 AM 12/18/2017
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint AD96BB64BA36379D2E354660780C2067B81DA2E0
Serial number 0E BF EA 68 D6 77 B3 E2 6C AB 41 C3 3F 3E 69 DE
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT 7Z
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-08-22 16:35:48
Entry Point 0x0006E74A
Number of sections 6
PE sections
Overlays
MD5 acb90d0064a86dbffa3e142cfe8604df
File type data
Offset 1478656
Size 232263184
Entropy 8.00
PE imports
CryptDestroyKey
RegCreateKeyExW
MakeSelfRelativeSD
RegCloseKey
LsaNtStatusToWinError
LookupPrivilegeNameW
ConvertSidToStringSidW
GetSecurityDescriptorControl
GetAce
OpenServiceW
AdjustTokenPrivileges
InitializeAcl
LookupPrivilegeValueW
RegDeleteValueW
RegDeleteKeyW
GetSecurityInfo
CheckTokenMembership
RegQueryValueExW
CryptImportKey
SetSecurityDescriptorDacl
GetNamedSecurityInfoW
GetSidSubAuthority
ConvertStringSidToSidW
OpenProcessToken
GetSecurityDescriptorGroup
QueryServiceStatus
MakeAbsoluteSD
DuplicateToken
RegOpenKeyExW
SetSecurityInfo
SetTokenInformation
GetSecurityDescriptorLength
GetSecurityDescriptorOwner
CopySid
GetTokenInformation
DuplicateTokenEx
CryptReleaseContext
GetAclInformation
CryptDecrypt
CloseServiceHandle
IsValidSid
RegQueryInfoKeyW
GetSecurityDescriptorDacl
RegEnumValueW
RegEnumKeyExW
OpenThreadToken
GetSecurityDescriptorSacl
GetLengthSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeSid
TraceMessage
CreateProcessAsUserW
MapGenericMask
CryptAcquireContextW
SetEntriesInAclW
StartServiceW
RegSetValueExW
CryptSetKeyParam
FreeSid
GetSidLengthRequired
OpenSCManagerW
AllocateAndInitializeSid
InitializeSecurityDescriptor
QueryServiceStatusEx
ConvertSecurityDescriptorToStringSecurityDescriptorW
EqualSid
AddAce
SetNamedSecurityInfoW
InitCommonControlsEx
CertGetEnhancedKeyUsage
CertFreeCertificateContext
CertCloseStore
CryptQueryObject
CertNameToStrW
CertFindCertificateInStore
CertFreeCertificateChain
CertGetNameStringW
CertGetCertificateChain
CryptMsgClose
CryptMsgGetParam
GetStdHandle
FileTimeToSystemTime
WaitForSingleObject
HeapDestroy
EncodePointer
SetFileTime
GetFileAttributesW
lstrcmpW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
LocalAlloc
UnhandledExceptionFilter
SetErrorMode
FreeEnvironmentStringsW
InitializeSListHead
GetThreadContext
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
FormatMessageW
ResumeThread
InterlockedPushEntrySList
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
QueryDosDeviceW
MoveFileW
SetFileAttributesW
FreeLibraryAndExitThread
SetLastError
GetUserDefaultUILanguage
GetSystemTime
CopyFileW
GetUserDefaultLangID
OutputDebugStringW
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
VerSetConditionMask
GetPriorityClass
LoadLibraryExA
EnumSystemLocalesW
LoadLibraryExW
MultiByteToWideChar
VerifyVersionInfoW
SetFilePointerEx
FormatMessageA
CreateThread
GetSystemDefaultUILanguage
MoveFileExW
GetSystemDirectoryW
CreateSemaphoreW
IsProcessorFeaturePresent
ExitThread
DecodePointer
SetPriorityClass
WaitForMultipleObjectsEx
TerminateProcess
SetUnhandledExceptionFilter
GetModuleHandleExW
SetCurrentDirectoryW
VirtualQuery
SetEndOfFile
GetCurrentThreadId
WriteConsoleW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
TerminateThread
LoadLibraryW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
lstrcmpiW
RtlUnwind
GlobalSize
GetFileSize
OpenProcess
GetStartupInfoW
ReadProcessMemory
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
WriteFile
RemoveDirectoryW
ExpandEnvironmentStringsW
lstrcmpA
FindNextFileW
WTSGetActiveConsoleSessionId
ResetEvent
FindFirstFileW
IsValidLocale
DuplicateHandle
FindFirstFileExW
GetUserDefaultLCID
SetEvent
CreateEventW
CreateFileW
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
GetProcessTimes
GlobalUnlock
GetEnvironmentStringsW
lstrcpyW
GlobalAlloc
lstrlenW
Process32NextW
VirtualFree
CancelWaitableTimer
SizeofResource
GetCurrentProcessId
LockResource
ProcessIdToSessionId
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
Process32FirstW
GetCurrentThread
GetSystemDefaultLangID
RaiseException
ReleaseSemaphore
TlsFree
SetFilePointer
ReadFile
CloseHandle
SetDllDirectoryW
GetACP
GlobalLock
GetModuleHandleW
GetFileAttributesExW
FindResourceExW
GetLongPathNameW
IsValidCodePage
FindResourceW
CreateProcessW
WaitForMultipleObjects
Sleep
VirtualAlloc
GetOEMCP
VarUI4FromStr
SafeArrayAccessData
SafeArrayPtrOfIndex
SafeArrayCreate
SysStringByteLen
SafeArrayUnaccessData
VariantCopyInd
VariantClear
SysAllocStringLen
VariantInit
SafeArrayUnlock
SafeArrayCreateVector
SysAllocStringByteLen
SafeArrayLock
GetModuleFileNameExW
PathAddBackslashW
SHDeleteKeyW
PathSkipRootW
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
PathIsUNCServerW
PathIsUNCW
PathQuoteSpacesW
PathAppendW
UrlCanonicalizeW
PathIsDirectoryW
LsaGetLogonSessionData
LsaEnumerateLogonSessions
LsaFreeReturnBuffer
CryptCATAdminReleaseCatalogContext
CryptCATAdminReleaseContext
CryptCATCatalogInfoFromContext
WinVerifyTrust
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminEnumCatalogFromHash
WintrustGetRegPolicyFlags
CryptCATAdminAcquireContext
CoInitializeEx
CoUninitialize
CoTaskMemAlloc
OleLoadFromStream
CreateStreamOnHGlobal
StringFromIID
OleSaveToStream
CoTaskMemRealloc
CoCreateInstance
CoInitializeSecurity
GetHGlobalFromStream
CLSIDFromString
CoCreateGuid
PropVariantClear
CoTaskMemFree
StringFromGUID2
Number of PE resources by type
RT_DIALOG 25
RT_ICON 14
SYMPRO 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 16
ENGLISH US 2
TURKISH DEFAULT 2
HEBREW DEFAULT 1
SWEDISH 1
HUNGARIAN DEFAULT 1
CZECH DEFAULT 1
FRENCH 1
CHINESE SIMPLIFIED 1
SPANISH MODERN 1
DUTCH 1
ITALIAN 1
NORWEGIAN BOKMAL 1
FINNISH DEFAULT 1
PORTUGUESE BRAZILIAN 1
KOREAN 1
PORTUGUESE 1
GERMAN 1
POLISH DEFAULT 1
JAPANESE DEFAULT 1
DANISH DEFAULT 1
GREEK DEFAULT 1
CHINESE TRADITIONAL 1
ARABIC SAUDI ARABIA 1
ROMANIAN 1
RUSSIAN 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

ProductDate
8/22/2017

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
22.10.1.10

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Norton Internet Security

ImageFileCharacteristics
Executable, 32-bit, Removable run from swap, Net run from swap

CharacterSet
Unicode

InitializedDataSize
637952

EntryPoint
0x6e74a

OriginalFileName
NIS_GenericDef_SuperMUI.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2017 Symantec Corporation. All rights reserved.

FileVersion
22.10.1.10

TimeStamp
2017:08:22 17:35:48+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Norton Internet Security

ProductVersion
22.10.1.10

UninitializedDataSize
0

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Symantec Corporation

CodeSize
839680

ProductName
Norton Internet Security

ProductVersionNumber
22.10.1.10

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 d6d468086ab8029876a058090c59b2c8
SHA1 082316d570a743f905c6f333c1d592bdc46ba393
SHA256 db1a576143108fb8d35fea047abde55a0cac1e8593fe20f004b81aba0e6a5188
ssdeep
6291456:fBSpqH9vvoj+zbcaQT+FznvK3aQHp/wTQCDa:fBScHtvoibcB+pvK3aQHpIT/a

authentihash ba2a63fd45a5b78900f959f3f1cf26d2dcf99106b2ec7d126e9783621c76f75e
imphash cdf73de29eb8e8cf67578759c8ddc529
File size 222.9 MB ( 233741840 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (72.3%)
Win32 Executable (generic) (11.8%)
OS/2 Executable (generic) (5.3%)
Generic Win/DOS Executable (5.2%)
DOS Executable Generic (5.2%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2017-10-01 02:00:28 UTC ( 1 year, 5 months ago )
Last submission 2018-10-17 02:26:11 UTC ( 5 months, 1 week ago )
File names norton-antivirus-1-jetelecharge.exe
NIS_GenericDef_SuperMUI.exe
norton-antivirus-1-jetelecharge.exe
norton-security-8119.exe
Norton Internet Security
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!