× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e3ccf34dd393c8aa1c3c4f5743539fbf731145677e47cac668fc85cb5e7e6543
File name: web
Detection ratio: 0 / 68
Analysis date: 2018-07-12 12:20:15 UTC ( 5 days, 16 hours ago )
Antivirus Result Update
Ad-Aware 20180712
AegisLab 20180712
AhnLab-V3 20180712
Alibaba 20180712
ALYac 20180712
Antiy-AVL 20180712
Arcabit 20180712
Avast 20180712
Avast-Mobile 20180712
AVG 20180712
Avira (no cloud) 20180710
AVware 20180712
Babable 20180406
Baidu 20180712
BitDefender 20180712
Bkav 20180712
CAT-QuickHeal 20180712
ClamAV 20180712
CMC 20180712
Comodo 20180712
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180712
Cyren 20180712
DrWeb 20180712
eGambit 20180712
Emsisoft 20180712
Endgame 20180711
ESET-NOD32 20180712
F-Prot 20180712
F-Secure 20180712
Fortinet 20180712
GData 20180712
Ikarus 20180712
Sophos ML 20180601
Jiangmin 20180712
K7AntiVirus 20180712
K7GW 20180712
Kaspersky 20180712
Kingsoft 20180712
Malwarebytes 20180712
MAX 20180712
McAfee 20180712
McAfee-GW-Edition 20180712
Microsoft 20180712
eScan 20180712
NANO-Antivirus 20180712
Palo Alto Networks (Known Signatures) 20180712
Panda 20180711
Qihoo-360 20180712
Rising 20180712
SentinelOne (Static ML) 20180701
Sophos AV 20180712
SUPERAntiSpyware 20180712
Symantec 20180712
TACHYON 20180712
Tencent 20180712
TheHacker 20180712
TotalDefense 20180712
TrendMicro 20180712
TrendMicro-HouseCall 20180712
Trustlook 20180712
VBA32 20180712
VIPRE 20180712
ViRobot 20180712
Webroot 20180712
Yandex 20180712
Zillya 20180711
ZoneAlarm by Check Point 20180712
Zoner 20180711
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
All rights reserved

Product Liquid Studio 2018
File version 16.1.7.8497
Description Liquid Studio 2018 Installation
Comments This installation was built with InstallAware: http://www.installaware.com
Signature verification Signed file, verified signature
Signing date 1:13 PM 7/11/2018
Signers
[+] Liquid Technologies Limited
Status Valid
Issuer thawte SHA256 Code Signing CA
Valid from 1:00 AM 3/10/2017
Valid to 12:59 AM 4/21/2020
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 120E8ACF451895508AAC6520B97A6DF70821041C
Serial number 04 A0 F1 7A E2 9D 9F 53 3F 6D AE D1 CC 31 97 D5
[+] thawte SHA256 Code Signing CA
Status Valid
Issuer thawte Primary Root CA
Valid from 1:00 AM 12/10/2013
Valid to 12:59 AM 12/10/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint D00CFDBF46C98A838BC10DC4E097AE0152C461BC
Serial number 71 A0 B7 36 95 DD B1 AF C2 3B 2B 9A 18 EE 54 CB
[+] thawte
Status Valid
Issuer thawte Primary Root CA
Valid from 1:00 AM 11/17/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 91C6D6EE3E8AC86384E548C299295C756C817B81
Serial number 34 4E D5 57 20 D5 ED EC 49 F4 2F CE 37 DB 2B 6D
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT 7Z
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-09-08 22:01:54
Entry Point 0x00021BD6
Number of sections 4
PE sections
Overlays
MD5 e17c0bed0d6d935eb7ab675f0da5c251
File type data
Offset 414208
Size 3552000
Entropy 8.00
PE imports
RegCreateKeyExW
RegCloseKey
RegSetValueExW
GetObjectW
GetStdHandle
GetConsoleOutputCP
WaitForSingleObject
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
FormatMessageW
InitializeCriticalSection
FindClose
InterlockedDecrement
SetFileAttributesW
SetLastError
RemoveDirectoryW
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetFullPathNameW
CreateThread
SetUnhandledExceptionFilter
ExitThread
TerminateProcess
WriteConsoleA
SetCurrentDirectoryW
SetEndOfFile
GetVersion
LeaveCriticalSection
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
GetVersionExW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetWindowsDirectoryW
GetFileSize
GetModuleHandleW
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
GetTempFileNameW
GetModuleFileNameW
FindNextFileW
ResetEvent
FindFirstFileW
GetProcAddress
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LCMapStringW
GetShortPathNameW
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
lstrlenW
CreateProcessW
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetCurrentThreadId
IsValidCodePage
HeapCreate
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
SysAllocString
SysFreeString
VariantClear
SysAllocStringLen
SHGetFolderPathW
ShellExecuteExW
RegisterWindowMessageW
EndDialog
MoveWindow
KillTimer
ShowWindow
SetWindowLongW
MessageBoxW
PeekMessageW
GetWindowRect
CharUpperW
DialogBoxParamW
PostMessageW
SetDlgItemTextW
CreateDialogParamW
SendMessageW
LoadStringW
SetWindowTextW
GetDlgItem
SystemParametersInfoW
SetTimer
LoadImageW
AdjustWindowRect
IsDlgButtonChecked
GetWindowTextW
GetDesktopWindow
LoadIconW
GetWindowTextLengthW
GetWindowLongW
SetForegroundWindow
DestroyWindow
CoCreateInstance
CoInitialize
Number of PE resources by type
RT_STRING 105
RT_ICON 13
RT_DIALOG 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 19
HEBREW DEFAULT 3
SWEDISH 3
HUNGARIAN DEFAULT 3
VIETNAMESE DEFAULT 3
ESTONIAN DEFAULT 3
LITHUANIAN 3
FRENCH 3
CHINESE SIMPLIFIED 3
SLOVENIAN DEFAULT 3
DUTCH 3
PORTUGUESE 3
ITALIAN 3
CATALAN DEFAULT 3
FINNISH DEFAULT 3
PORTUGUESE BRAZILIAN 3
KOREAN 3
CZECH DEFAULT 3
BASQUE DEFAULT 3
LATVIAN DEFAULT 3
GERMAN 3
POLISH DEFAULT 3
JAPANESE DEFAULT 3
DANISH DEFAULT 3
SLOVAK DEFAULT 3
GREEK DEFAULT 3
TURKISH DEFAULT 3
NORWEGIAN BOKMAL 3
CHINESE TRADITIONAL 3
THAI DEFAULT 3
SERBIAN DEFAULT 3
ARABIC SAUDI ARABIA 3
NEUTRAL 3
SPANISH MODERN 3
ROMANIAN 3
RUSSIAN 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with InstallAware: http://www.installaware.com

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
16.1.7.8497

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
229888

EntryPoint
0x21bd6

MIMEType
application/octet-stream

LegalCopyright
All rights reserved

FileVersion
16.1.7.8497

TimeStamp
2015:09:08 23:01:54+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

ProductVersion
16.1.7.849

FileDescription
Liquid Studio 2018 Installation

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Liquid Technologies Limited

CodeSize
183296

ProductName
Liquid Studio 2018

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 7985bb6442edb393837eaa30603538ac
SHA1 7014dc9716c439497db60e07b8ec5b7d51ca639c
SHA256 e3ccf34dd393c8aa1c3c4f5743539fbf731145677e47cac668fc85cb5e7e6543
ssdeep
98304:ynZaLP3P91tBAgFvnK1SvginMSVSYUPGow78k5qqp:DLP35BhFvdvBMvGPoCqqp

authentihash 328c0c6df9bfe22fcfd13ba414d7d909a0df75e086f05c9e935d980c965f4991
imphash eaefd1169420dcee9fef7c65aa268740
File size 3.8 MB ( 3966208 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (36.1%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win64 Executable (generic) (23.2%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.7%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2018-07-11 22:32:28 UTC ( 6 days, 6 hours ago )
Last submission 2018-07-11 22:32:28 UTC ( 6 days, 6 hours ago )
File names web
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Searched windows
Runtime DLLs