× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f0ababa7b773d518e6fd0ca97ed985514f67db7490b7bd72060f7db98c4b5dd1
File name: Computta
Detection ratio: 2 / 66
Analysis date: 2017-11-08 22:50:46 UTC ( 1 month ago )
Antivirus Result Update
F-Secure Application.Generic.1756722 20171110
Ikarus PUA.CoinMiner 20171109
Ad-Aware 20171110
AegisLab 20171110
AhnLab-V3 20171110
Alibaba 20170911
ALYac 20171110
Antiy-AVL 20171110
Arcabit 20171110
Avast 20171110
Avast-Mobile 20171109
AVG 20171110
Avira (no cloud) 20171110
AVware 20171110
Baidu 20171109
BitDefender 20171110
Bkav 20171109
CAT-QuickHeal 20171110
ClamAV 20171110
Comodo 20171110
CrowdStrike Falcon (ML) 20171016
Cybereason 20171030
Cylance 20171110
Cyren 20171110
DrWeb 20171110
eGambit 20171110
Emsisoft 20171110
Endgame 20171024
ESET-NOD32 20171110
F-Prot 20171110
Fortinet 20171110
GData 20171110
Sophos ML 20170914
Jiangmin 20171110
K7AntiVirus 20171110
K7GW 20171110
Kaspersky 20171110
Kingsoft 20171110
Malwarebytes 20171110
MAX 20171110
McAfee 20171110
McAfee-GW-Edition 20171110
Microsoft 20171110
eScan 20171110
NANO-Antivirus 20171110
nProtect 20171110
Palo Alto Networks (Known Signatures) 20171110
Panda 20171109
Qihoo-360 20171110
Rising 20171110
SentinelOne (Static ML) 20171019
Sophos AV 20171110
SUPERAntiSpyware 20171110
Symantec 20171109
Symantec Mobile Insight 20171110
Tencent 20171110
TheHacker 20171102
TotalDefense 20171110
TrendMicro 20171110
TrendMicro-HouseCall 20171110
Trustlook 20171110
VBA32 20171109
VIPRE 20171110
ViRobot 20171110
Webroot 20171110
WhiteArmor 20171104
Yandex 20171109
Zillya 20171109
ZoneAlarm by Check Point 20171110
Zoner 20171110
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
Authenticode signature block and FileVersionInfo properties
Copyright
Computta.com

Product Computta
Original name Computta_windows-x64_0_72.exe
Internal name Computta
File version 0.72
Description Computta
Signature verification Signed file, verified signature
Signing date 8:37 PM 7/13/2017
Signers
[+] Kibernetika LTD
Status Valid
Issuer COMODO RSA Code Signing CA
Valid from 1:00 AM 5/16/2017
Valid to 12:59 AM 5/17/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint C18ABDC4049F098A16DF5979EC4D88E1A263E028
Serial number 00 FA EB AE F1 EC 54 CC 17 85 7C 8D 7C 9A 84 71 D4
[+] COMODO RSA Code Signing CA
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 5/9/2013
Valid to 12:59 AM 5/9/2028
Valid usage Code Signing
Algorithm sha384RSA
Thumbprint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
[+] COMODO SECURE™
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 1/19/2010
Valid to 12:59 AM 1/19/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha384RSA
Thumbprint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
Counter signers
[+] GlobalSign TSA for MS Authenticode advanced - G2
Status Valid
Issuer GlobalSign Timestamping CA - SHA256 - G2
Valid from 1:00 AM 5/24/2016
Valid to 1:00 AM 6/24/2027
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 37C0418CA8480BBACE02E000EC8846AD3DB691EC
Serial number 11 21 ED 90 18 CA A9 27 B7 62 6C 52 6B 90 6D 93 F5 67
[+] GlobalSign Timestamping CA - SHA256 - G2
Status Valid
Issuer GlobalSign
Valid from 11:00 AM 8/2/2011
Valid to 11:00 AM 3/29/2029
Valid usage All
Algorithm sha256RSA
Thumbrint 91843BBD936D86EAFA42A3AFBF33E92831068F99
Serial number 04 00 00 00 00 01 31 89 C6 50 04
[+] GlobalSign
Status Valid
Issuer GlobalSign
Valid from 11:00 AM 3/18/2009
Valid to 11:00 AM 3/18/2029
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha256RSA
Thumbrint D69B561148F01C77C54578C10926DF5B856976AD
Serial number 04 00 00 00 00 01 21 58 53 08 A2
PE header basic information
Target machine x64
Compilation timestamp 2016-08-16 13:04:36
Entry Point 0x0002BD24
Number of sections 6
PE sections
Overlays
MD5 16b62d4b679f12da7bdd9c83171cf042
File type data
Offset 553472
Size 68278248
Entropy 8.00
PE imports
RegCreateKeyExW
LookupPrivilegeValueA
RegCloseKey
RegRestoreKeyW
RegQueryValueExA
SetEntriesInAclW
OpenServiceW
QueryServiceConfigW
ControlService
LookupPrivilegeValueW
RegDeleteKeyW
DeleteService
RegQueryValueExW
LookupAccountSidW
CloseServiceHandle
OpenProcessToken
QueryServiceStatus
RegOpenKeyExW
LookupAccountNameW
RegOpenKeyExA
CreateServiceW
GetNamedSecurityInfoW
RegQueryInfoKeyW
RegEnumKeyExW
RegEnumKeyExA
RegCreateKeyExA
AdjustTokenPrivileges
RegEnumValueW
StartServiceW
RegSetValueExW
RegDeleteValueW
OpenSCManagerW
AllocateAndInitializeSid
RegSetValueExA
RegSaveKeyW
RegDeleteValueA
FreeSid
ChangeServiceConfigW
SetNamedSecurityInfoW
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
WaitForSingleObject
GetDriveTypeA
FindNextFileA
SizeofResource
EncodePointer
FlsGetValue
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleMode
GetLocaleInfoA
LocalAlloc
RtlUnwindEx
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
WideCharToMultiByte
GetStringTypeA
GetConsoleTitleA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetExitCodeProcess
LocalFree
ConnectNamedPipe
GetEnvironmentVariableA
LoadResource
FindClose
GetFullPathNameW
DebugBreak
GetEnvironmentVariableW
SetLastError
InitializeCriticalSection
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
CreateMailslotA
RemoveDirectoryA
GetVersionExA
HeapSetInformation
LoadLibraryExA
SetThreadPriority
AllocConsole
RtlVirtualUnwind
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
GetModuleHandleA
CreateSemaphoreA
CreateThread
SetEnvironmentVariableW
MoveFileExW
GetSystemDirectoryW
DisconnectNamedPipe
CreateSemaphoreW
GetMailslotInfo
DecodePointer
SetEnvironmentVariableA
TerminateProcess
SetUnhandledExceptionFilter
WriteConsoleA
SetCurrentDirectoryW
SearchPathA
GetDiskFreeSpaceExW
SetEndOfFile
RtlCaptureContext
GetCurrentThreadId
SetCurrentDirectoryA
WriteConsoleW
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
GetTickCount
FlsSetValue
LoadLibraryA
FreeLibrary
GetStartupInfoA
RtlPcToFileHeader
GetWindowsDirectoryW
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
GetTempFileNameW
CompareStringW
WaitNamedPipeW
RemoveDirectoryW
FlushFileBuffers
FindFirstFileA
RtlLookupFunctionEntry
CompareStringA
GetTempFileNameA
FindFirstFileW
GlobalMemoryStatus
DuplicateHandle
WaitForMultipleObjects
GetUserDefaultLCID
GetTimeZoneInformation
CreateFileW
GetFileType
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
GetShortPathNameW
CreateNamedPipeW
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentStrings
GetCurrentProcessId
LockResource
GetConsoleTitleW
GetCommandLineW
GetCPInfo
HeapSize
FlsAlloc
GetCommandLineA
FlsFree
GetCurrentThread
SetConsoleTitleW
RaiseException
SetFilePointer
ReadFile
SetConsoleTitleA
CloseHandle
GetACP
GlobalLock
GetModuleHandleW
GetLongPathNameW
CreateProcessA
IsValidCodePage
HeapCreate
GetTempPathW
CreateProcessW
GetLongPathNameA
Sleep
FindResourceA
SafeArrayAccessData
SafeArrayUnaccessData
GetParent
EndDialog
GetLastActivePopup
OffsetRect
FindWindowW
FindWindowA
ShowWindow
SetWindowPos
GetWindowThreadProcessId
SendDlgItemMessageA
MessageBoxW
GetWindowRect
MessageBoxA
DialogBoxParamA
PostMessageW
RegisterClipboardFormatW
RegisterClassW
IsWindowVisible
EnumWindows
SetWindowTextW
GetDlgItem
IsIconic
LoadCursorA
LoadIconA
CopyRect
GetWindowTextW
SetDlgItemTextW
GetDesktopWindow
LoadIconW
SendMessageTimeoutW
wsprintfW
SetForegroundWindow
DefDlgProcW
ExitWindowsEx
ReleaseStgMedium
CoCreateInstance
CoTaskMemFree
CoInitialize
CoUninitialize
PE exports
Number of PE resources by type
RT_ICON 8
RT_DIALOG 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 11
ENGLISH US 3
PE resources
ExifTool file metadata
SubsystemVersion
5.2

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.72.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x0017

CharacterSet
Unicode

InitializedDataSize
375296

EntryPoint
0x2bd24

OriginalFileName
Computta_windows-x64_0_72.exe

MIMEType
application/octet-stream

LegalCopyright
Computta.com

FileVersion
0.72

TimeStamp
2016:08:16 14:04:36+01:00

FileType
Win64 EXE

PEType
PE32+

InternalName
Computta

ProductVersion
0.72

FileDescription
Computta

OSVersion
5.2

FileOS
Win32

Subsystem
Windows GUI

MachineType
AMD AMD64

CompanyName
Computta.com

CodeSize
266752

ProductName
Computta

ProductVersionNumber
0.72.0.0

FileTypeExtension
exe

ObjectFileType
Unknown

Compressed bundles
File identification
MD5 91003ad31070e2d3b0e98ea36fe30603
SHA1 190f7717850ce0b124d54412f9d639cfdff4fe52
SHA256 f0ababa7b773d518e6fd0ca97ed985514f67db7490b7bd72060f7db98c4b5dd1
ssdeep
1572864:G3aEI6y8JT6vcYeyPXkMgamDpcFuMp1jeWaWzOFUSP8wNh:K+8x6EYZfkMgapuMnKWPBS

authentihash c9f12df6d9eaa5bd58a4c3445ca43f28cfe42b8f0e2393cdd9cc37a544577063
imphash 67a12313d6a6190882d94669ffb4e1bb
File size 65.6 MB ( 68831720 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI) Mono/.Net assembly

TrID InstallShield setup (57.6%)
Win64 Executable (generic) (36.9%)
Generic Win/DOS Executable (2.6%)
DOS Executable Generic (2.6%)
Tags
64bits peexe assembly signed overlay

VirusTotal metadata
First submission 2017-07-14 17:07:58 UTC ( 5 months ago )
Last submission 2017-11-08 22:50:46 UTC ( 1 month ago )
File names Computta_windows-x64.exe
Computta_windows-x64 (1).exe
Computta_windows-x64.exe
Computta_windows-x64_0_72.exe
BITCOIN_MINER_windows-x64.exe
Computta_windows-x64.exe
Computta_windows-x64.exe
Computta_windows-x64.exe
Computta
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!