× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f27587b78de728dba4399f1f547c986c3df2991af0e6d798792a56c4a143f4db
File name: GPU-Z.2.18.0.exe
Detection ratio: 0 / 70
Analysis date: 2019-04-05 13:26:28 UTC ( 1 month, 2 weeks ago ) View latest
Antivirus Result Update
Acronis 20190330
Ad-Aware 20190405
AegisLab 20190405
AhnLab-V3 20190405
Alibaba 20190401
ALYac 20190405
Antiy-AVL 20190405
Arcabit 20190405
Avast 20190405
Avast-Mobile 20190405
AVG 20190405
Avira (no cloud) 20190405
Babable 20180918
Baidu 20190318
BitDefender 20190405
Bkav 20190405
CAT-QuickHeal 20190405
CMC 20190321
Comodo 20190405
CrowdStrike Falcon (ML) 20190212
Cybereason 20190403
Cylance 20190405
Cyren 20190405
DrWeb 20190405
eGambit 20190405
Emsisoft 20190405
Endgame 20190403
ESET-NOD32 20190405
F-Prot 20190405
F-Secure 20190405
FireEye 20190405
Fortinet 20190405
GData 20190405
Ikarus 20190405
Sophos ML 20190313
Jiangmin 20190405
K7AntiVirus 20190405
K7GW 20190405
Kaspersky 20190405
Kingsoft 20190405
Malwarebytes 20190405
MAX 20190405
McAfee 20190405
McAfee-GW-Edition 20190404
Microsoft 20190405
eScan 20190405
NANO-Antivirus 20190405
Palo Alto Networks (Known Signatures) 20190405
Panda 20190404
Qihoo-360 20190405
Rising 20190405
SentinelOne (Static ML) 20190317
Sophos AV 20190405
SUPERAntiSpyware 20190403
Symantec 20190405
Symantec Mobile Insight 20190325
TACHYON 20190405
Tencent 20190405
TheHacker 20190403
TotalDefense 20190405
Trapmine 20190325
TrendMicro 20190405
TrendMicro-HouseCall 20190405
Trustlook 20190405
VBA32 20190405
VIPRE 20190405
ViRobot 20190405
Webroot 20190405
Yandex 20190404
ZoneAlarm by Check Point 20190405
Zoner 20190404
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
(c) 2007-2019 TechPowerUp (www.techpowerup.com)

Product GPU-Z - Video card Information Utility
Original name GPU-Z.exe
Internal name GPU-Z.exe
File version 2.18.0.0
Description GPU-Z - Video card Information Utility
Signature verification Signed file, verified signature
Signing date 10:08 AM 3/15/2019
Signers
[+] TechPowerUp LLC
Status Valid
Issuer DigiCert SHA2 High Assurance Code Signing CA
Valid from 12:00 AM 08/09/2017
Valid to 12:00 PM 10/15/2020
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 5AB2534E30001E2FE9AEA774537D4383EBFE5B4C
Serial number 0E 4B 8F 22 49 25 C6 BE AF 10 44 5C 06 0E 01 95
[+] DigiCert SHA2 High Assurance Code Signing CA
Status Valid
Issuer DigiCert High Assurance EV Root CA
Valid from 12:00 PM 10/22/2013
Valid to 12:00 PM 10/22/2028
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint F7E0F449F1A2594F88856C0758F8E6F627E5F5A2
Serial number 0B 7E 10 90 3C 38 49 0F FA 2F 67 9A 87 A1 A7 B9
[+] DigiCert
Status Valid
Issuer DigiCert High Assurance EV Root CA
Valid from 01:00 AM 11/10/2006
Valid to 01:00 AM 11/10/2031
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha1RSA
Thumbprint 5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25
Serial number 02 AC 5C 26 6A 0B 40 9B 8F 0B 79 F2 AE 46 25 77
Counter signers
[+] GlobalSign TSA for MS Authenticode - G2
Status Valid
Issuer GlobalSign Timestamping CA - G2
Valid from 12:00 AM 05/24/2016
Valid to 12:00 AM 06/24/2027
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 63B82FAB61F583909695050B00249C502933EC79
Serial number 11 21 D6 99 A7 64 97 3E F1 F8 42 7E E9 19 CC 53 41 14
[+] GlobalSign Timestamping CA - G2
Status Valid
Issuer GlobalSign Root CA
Valid from 10:00 AM 04/13/2011
Valid to 01:00 PM 01/28/2028
Valid usage All
Algorithm sha1RSA
Thumbrint C0E49D2D7D90A5CD427F02D9125694D5D6EC5B71
Serial number 04 00 00 00 00 01 2F 4E E1 52 D7
[+] GlobalSign Root CA - R1
Status Valid
Issuer GlobalSign Root CA
Valid from 12:00 PM 09/01/1998
Valid to 01:00 PM 01/28/2028
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, IPSEC IKE Intermediate
Algorithm sha1RSA
Thumbrint B1BC968BD4F49D622AA89A81F2150152A41D829C
Serial number 04 00 00 00 00 01 15 4B 5A C3 94
Packers identified
F-PROT UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-03-15 08:08:41
Entry Point 0x01307210
Number of sections 3
PE sections
Overlays
MD5 911eb23ccbb1a9e09740e37aa12dec38
File type data
Offset 6461440
Size 6288
Entropy 7.38
PE imports
RegOpenKeyW
LineTo
ImmGetContext
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
AlphaBlend
NetWkstaGetInfo
LresultFromObject
VariantClear
EnumProcesses
CM_Get_Parent
DragFinish
PathIsUNCW
IsAppThemed
VerQueryValueW
InternetOpenW
PlaySoundW
OpenPrinterW
MiniDumpWriteDump
OleRun
Number of PE resources by type
RT_STRING 253
RT_DIALOG 21
RT_ICON 16
RT_CURSOR 16
RT_GROUP_CURSOR 15
RT_BITMAP 12
RT_RCDATA 11
AFX_DIALOG_LAYOUT 8
RT_GROUP_ICON 6
RT_MENU 5
Struct(240) 4
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 75
UKRAINIAN NEUTRAL 60
PORTUGUESE NEUTRAL 12
SERBIAN NEUTRAL 12
FRENCH NEUTRAL 12
GREEK NEUTRAL 12
HUNGARIAN NEUTRAL 12
SPANISH NEUTRAL 12
RUSSIAN NEUTRAL 12
FARSI NEUTRAL 12
PORTUGUESE BRAZILIAN 12
ITALIAN NEUTRAL 12
ENGLISH NEUTRAL 12
ARABIC NEUTRAL 12
ARMENIAN NEUTRAL 12
TURKISH NEUTRAL 12
BULGARIAN NEUTRAL 12
GERMAN NEUTRAL 12
CHINESE NEUTRAL 12
CHINESE *unknown* 12
ALBANIAN NEUTRAL 12
ENGLISH US 6
PE resources
ExifTool file metadata
UninitializedDataSize
13549568

LinkerVersion
14.16

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.18.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
GPU-Z - Video card Information Utility

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
61440

EntryPoint
0x1307210

OriginalFileName
GPU-Z.exe

MIMEType
application/octet-stream

LegalCopyright
(c) 2007-2019 TechPowerUp (www.techpowerup.com)

FileVersion
2.18.0.0

TimeStamp
2019:03:15 09:08:41+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
GPU-Z.exe

ProductVersion
2.18.0.0

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
techPowerUp (www.techpowerup.com)

CodeSize
6402048

ProductName
GPU-Z - Video card Information Utility

ProductVersionNumber
2.18.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 788ff15a336761a2f3d5a24fa8dcf59d
SHA1 0e47e8064e063a6d09a1cd19b8b959d1a558a9c2
SHA256 f27587b78de728dba4399f1f547c986c3df2991af0e6d798792a56c4a143f4db
ssdeep
196608:ZvGbFM8hPPDLby3LRq96Dv97liIDPu2XAH0:ZebrALRzDv9JiIDPHAU

authentihash 236ee461bcc0384a90cb6d8e9882ccccc2596366059c66213b5b5f0c45672c0f
imphash 41df8e444858202ae23aff3f9b9dd6e2
File size 6.2 MB ( 6467728 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 EXE PECompact compressed (generic) (39.3%)
UPX compressed Win32 Executable (25.5%)
Win32 EXE Yoda's Crypter (25.1%)
Win32 Executable (generic) (4.2%)
OS/2 Executable (generic) (1.9%)
Tags
peexe signed upx overlay

VirusTotal metadata
First submission 2019-03-15 08:33:42 UTC ( 2 months, 1 week ago )
Last submission 2019-04-29 18:37:41 UTC ( 3 weeks, 5 days ago )
File names GPU-Z.2.18.0.exe
gpu-z.exe
GPU-Z.2.18.0.exe
GPU-Z.2.18.0.exe
GPU-Z.2.18.0.exe
gpu-z.exe
GPU-Z.2.18.0.exe
GPU-Z.2.18.exe
output.124089341.txt
gpu-z_2-18-0_en_45616.exe
GPU-Z.exe
gpu-z.exe
GPU-Z.2.18.0.exe
GPU-Z.2.18.0.exe
GPU-Z.2.18.0.exe
GPU-Z.exe
GPU-Z.2.18.0.exe
GPU-Z.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files
Deleted files
Created mutexes
Searched windows
Opened service managers
Opened services
Hooking activity
Runtime DLLs
Additional details
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.