× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: db9823700012ade9aba438345cdd4a0fb7d6c9cb81eb277d49c4b9bd0d967560
File name: stinger32.exe
Detection ratio: 2 / 70
Analysis date: 2019-03-19 11:18:15 UTC ( 1 month ago )
Antivirus Result Update
CMC Virus.Win32.Sality!O 20190319
Cylance Unsafe 20190319
Acronis 20190318
Ad-Aware 20190319
AegisLab 20190319
AhnLab-V3 20190319
Alibaba 20190306
ALYac 20190319
Antiy-AVL 20190319
Arcabit 20190319
Avast 20190319
Avast-Mobile 20190319
AVG 20190319
Avira (no cloud) 20190319
Babable 20180918
Baidu 20190318
BitDefender 20190319
Bkav 20190318
CAT-QuickHeal 20190318
ClamAV 20190319
Comodo 20190319
CrowdStrike Falcon (ML) 20190212
Cybereason 20190109
Cyren 20190319
DrWeb 20190319
eGambit 20190319
Emsisoft 20190319
Endgame 20190215
ESET-NOD32 20190319
F-Prot 20190319
F-Secure 20190319
Fortinet 20190319
GData 20190319
Ikarus 20190319
Sophos ML 20190313
Jiangmin 20190319
K7AntiVirus 20190319
K7GW 20190319
Kaspersky 20190319
Kingsoft 20190319
Malwarebytes 20190319
MAX 20190319
McAfee 20190319
McAfee-GW-Edition 20190319
Microsoft 20190319
eScan 20190319
NANO-Antivirus 20190319
Palo Alto Networks (Known Signatures) 20190319
Panda 20190319
Qihoo-360 20190319
Rising 20190319
SentinelOne (Static ML) 20190317
Sophos AV 20190319
SUPERAntiSpyware 20190314
Symantec 20190319
Symantec Mobile Insight 20190220
TACHYON 20190319
Tencent 20190319
TheHacker 20190315
TotalDefense 20190318
Trapmine 20190301
TrendMicro 20190319
TrendMicro-HouseCall 20190319
Trustlook 20190319
VBA32 20190319
VIPRE 20190319
ViRobot 20190319
Webroot 20190319
Yandex 20190318
ZoneAlarm by Check Point 20190319
Zoner 20190318
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright© 2013-2018, McAfee, LLC. All Rights Reserved.

Product McAfee Stinger
Original name Stinger.exe
Internal name Stinger.exe
File version 12.1.0.3071
Description McAfee Stinger
Signature verification Signed file, verified signature
Signing date 9:59 AM 3/19/2019
Signers
[+] McAfee, Inc.
Status Valid
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 12:00 AM 07/21/2016
Valid to 11:59 PM 07/21/2019
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 775B373B33B9D15B58BC02B184704332B97C3CAF
Serial number 58 7C D2 1A 05 D3 4D 3D DF AA 91 28 52 1C F4 FC
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 12:00 AM 02/08/2010
Valid to 11:59 PM 02/07/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 12:00 AM 11/08/2006
Valid to 11:59 PM 07/16/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 12:00 AM 10/18/2012
Valid to 11:59 PM 12/29/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 12/21/2012
Valid to 11:59 PM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 01/01/1997
Valid to 11:59 PM 12/31/2020
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-03-19 08:33:56
Entry Point 0x0262F1B1
Number of sections 3
PE sections
Overlays
MD5 ec667c15ae0b41b067c3f0ece79ed3a0
File type data
Offset 17756160
Size 169720
Entropy 7.85
PE imports
CryptMsgClose
GetProcAddress
GetModuleHandleA
PE exports
Number of PE resources by type
RT_RCDATA 27
RT_CURSOR 16
RT_GROUP_CURSOR 15
PNG 15
RT_STRING 13
RT_HTML 7
RT_DIALOG 4
RT_ICON 3
GIF 3
RT_BITMAP 3
RT_MANIFEST 1
RT_MENU 1
CSS 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 111
PE resources
ExifTool file metadata
SpecialBuild
5610-1040

SubsystemVersion
5.1

InitializedDataSize
32865792

ImageVersion
0.0

ProductName
McAfee Stinger

FileVersionNumber
12.1.0.3071

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit, No debug

CharacterSet
Unicode

LinkerVersion
11.0

FileTypeExtension
exe

OriginalFileName
Stinger.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
12.1.0.3071

TimeStamp
2019:03:19 09:33:56+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Stinger.exe

ProductVersion
12.1.0.3071

FileDescription
McAfee Stinger

OSVersion
5.1

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 2013-2018, McAfee, LLC. All Rights Reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
McAfee LLC

CodeSize
7157248

FileSubtype
0

ProductVersionNumber
12.1.0.3071

EntryPoint
0x262f1b1

ObjectFileType
Executable application

File identification
MD5 46bddbf4f1386f1700c103ebca763407
SHA1 572aa386f6fe6a9613e422a79a40077c10f08240
SHA256 db9823700012ade9aba438345cdd4a0fb7d6c9cb81eb277d49c4b9bd0d967560
ssdeep
393216:xa3bftTTbrgcmSXyqXS71KNzarD7SvtM2kU8MHf/B/:UbfdvrVXymS71AuP7S1M2kXyf/B

authentihash b72bd82d99bf5fb6f360585f3c26aa51d72f10afb430cb211fef3140bca7ba7b
imphash d35aaf46ab067e39dc24c90fe5e07bdd
File size 17.1 MB ( 17925880 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2019-03-19 11:18:15 UTC ( 1 month ago )
Last submission 2019-03-19 11:18:15 UTC ( 1 month ago )
File names stinger32.exe
Stinger.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created mutexes
Searched windows
Hooking activity
Runtime DLLs
Additional details
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.