× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f3570bd7dbe4b2d5b2fc41ff1d1d3e5b8173229bb69116678405024e0cea6eea
File name: PowerGUI.3.8.0.129.msi
Detection ratio: 1 / 59
Analysis date: 2017-11-30 09:49:31 UTC ( 1 week, 4 days ago )
Antivirus Result Update
Zillya Trojan.PatchedCRTD.Win32.8666 20171129
Ad-Aware 20171130
AegisLab 20171130
AhnLab-V3 20171130
Alibaba 20171130
ALYac 20171129
Antiy-AVL 20171130
Arcabit 20171130
Avast 20171130
Avast-Mobile 20171129
AVG 20171130
Avira (no cloud) 20171129
AVware 20171130
Baidu 20171130
BitDefender 20171130
Bkav 20171129
CAT-QuickHeal 20171129
ClamAV 20171130
CMC 20171126
Comodo 20171130
CrowdStrike Falcon (ML) 20171016
Cybereason None
Cylance 20171130
Cyren 20171130
DrWeb 20171130
eGambit 20171130
Emsisoft 20171130
Endgame 20171024
ESET-NOD32 20171130
F-Prot 20171130
F-Secure 20171130
Fortinet 20171130
GData 20171130
Ikarus 20171130
Sophos ML 20170914
Jiangmin 20171130
K7AntiVirus 20171130
K7GW 20171130
Kaspersky 20171130
Kingsoft 20171130
Malwarebytes 20171130
MAX 20171130
McAfee 20171130
McAfee-GW-Edition 20171129
Microsoft 20171130
eScan 20171130
NANO-Antivirus 20171130
nProtect 20171130
Palo Alto Networks (Known Signatures) 20171130
Panda 20171129
Qihoo-360 20171130
Rising 20171130
SentinelOne (Static ML) 20171113
Sophos AV 20171130
SUPERAntiSpyware 20171130
Symantec 20171130
Symantec Mobile Insight 20171130
Tencent 20171130
TheHacker 20171126
TrendMicro 20171130
TrendMicro-HouseCall 20171130
Trustlook 20171130
VBA32 20171129
VIPRE 20171130
ViRobot 20171130
Webroot 20171130
WhiteArmor 20171104
Yandex 20171120
ZoneAlarm by Check Point 20171130
Zoner 20171130
The file being studied is a Windows Installer file! These types of files are software components used for the installation, maintenance, and removal of software on modern Microsoft Windows systems.
Authenticode signature block
Signature verification Signed file, verified signature
Signing date 3:26 PM 10/29/2013
Signers
[+] Quest Software, Inc.
Status This certificate or one of the certificates in the certificate chain is not time valid.
Valid from 1:00 AM 3/3/2011
Valid to 12:59 AM 3/3/2014
Valid usage Code Signing
Algorithm sha1RSA
Thumbrint D6EA5C1A073F0DB076951C4EE089E4FA185A1898
Serial number 54 33 02 52 8D B2 5D D2 7D 56 E3 1D 4F 9F EC EE
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbrint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbrint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
OLE structured storage summary
last_author
Builder
creation_datetime
2013-10-29 15:25:33
template
;1033
author
Quest Software, Inc.
page_count
200
last_saved
2013-10-29 15:25:33
word_count
2
comments
The Installation database contains the logic and data required to install Quest PowerGUI\ufffd 3.8 .
revision_number
{FBF9163D-0B76-4C43-A553-37631E8358E0}
last_printed
2013-10-29 15:25:33
application_name
Wise for Windows Installer - Professional Edition Standalone
title
Quest PowerGUI\ufffd 3.8
subject
Quest PowerGUI\ufffd 3.8
OLE Streams
name
Root Entry
clsid
000c1084-0000-0000-c000-000000000046
type_literal
root
clsid_literal
on
sid
0
size
36160
type_literal
stream
sid
82
name
\x05DigitalSignature
size
6440
type_literal
stream
sid
81
name
\x05SummaryInformation
size
576
type_literal
stream
sid
23
name
\u410c\u45a5\u46be\u4781\u4126\u4825
size
10171199
type_literal
stream
sid
66
name
\u4192\u4472\u3cbe\u44a6\u3b71\u3ac4\u3b4c\u3b4f\u38c3\u423e\u423b
size
515584
type_literal
stream
sid
67
name
\u4192\u4472\u3cbe\u44a6\u3b71\u3ac4\u3b4c\u3b4f\u3903\u423e\u423b
size
366080
type_literal
stream
sid
76
name
\u430b\u4131\u4735\u3abe\u3ee8\u3b19\u421c\u4637\u3f33\u4568\u4239\u47b5\u46e8\u38a8
size
176128
type_literal
stream
sid
79
name
\u430b\u4131\u4735\u3b3e\u43e4\u3eaf\u3df6\u3f4e\u421f\u45b5\u44ac\u3b31\u422b\u43a6\u4568
size
97280
type_literal
stream
sid
61
name
\u430b\u4131\u4735\u3b3e\u43e4\u412f\u41e8\u412c\u44af\u45aa
size
122880
type_literal
stream
sid
72
name
\u430b\u4131\u4735\u3b3e\u43e4\u412f\u43e8\u41ac\u4468\u4236\u43e7\u482f
size
1768448
type_literal
stream
sid
77
name
\u430b\u4131\u4735\u3b3e\u43e4\u412f\u4568\u41b3\u4236\u4637\u41b3\u43e4\u422f\u4835
size
143360
type_literal
stream
sid
74
name
\u430b\u4131\u4735\u3b3e\u43e4\u412f\u4568\u4528\u4338\u4235\u4230\u45f1\u4836
size
244736
type_literal
stream
sid
68
name
\u430b\u4131\u4735\u3b3e\u43e4\u412f\u4628\u4236\u4475\u4424\u4828
size
163840
type_literal
stream
sid
75
name
\u430b\u4131\u4735\u3b3e\u43e4\u44ef\u46b2\u4568\u462a\u412c\u45e6\u44ac\u45b1
size
159744
type_literal
stream
sid
51
name
\u430b\u4131\u4735\u3b3e\u4432\u43f3\u45e8\u4828
size
1662
type_literal
stream
sid
38
name
\u430b\u4131\u4735\u3b3e\u45b8\u44b7\u4830
size
1662
type_literal
stream
sid
9
name
\u430b\u4131\u4735\u3b3e\u480d
size
766
type_literal
stream
sid
24
name
\u430b\u4131\u4735\u3cbe\u4271\u4832
size
1078
type_literal
stream
sid
25
name
\u430b\u4131\u4735\u3dbe\u45b8\u41ac
size
818
type_literal
stream
sid
10
name
\u430b\u4131\u4735\u3dfe\u46a8
size
318
type_literal
stream
sid
53
name
\u430b\u4131\u4735\u3e7e\u3a9c\u45b6\u4428\u43e5\u483c
size
239616
type_literal
stream
sid
80
name
\u430b\u4131\u4735\u3f3e\u45e8\u44f8\u4211\u44ef\u4568\u423e\u423b\u41be\u4472\u4329\u482a
size
267
type_literal
stream
sid
39
name
\u430b\u4131\u4735\u3f7e\u44fc\u41ac\u43e4
size
1662
type_literal
stream
sid
62
name
\u430b\u4131\u4735\u3f7e\u45a8\u3e77\u3c5c\u43e8\u39b3\u4804
size
6656
type_literal
stream
sid
78
name
\u430b\u4131\u4735\u3f7e\u45a8\u3e77\u3c5c\u43e8\u47b3\u46e8\u47a8\u44a6\u4271\u42ac
size
267
type_literal
stream
sid
54
name
\u430b\u4131\u4735\u3f7e\u45a8\u3e77\u3c5c\u43e8\u4833
size
7168
type_literal
stream
sid
11
name
\u430b\u4131\u4735\u3fbe\u4833
size
318
type_literal
stream
sid
26
name
\u430b\u4131\u4735\u433e\u44a6\u4831
size
1662
type_literal
stream
sid
40
name
\u430b\u4131\u4735\u45be\u41ec\u3868\u4806
size
158328
type_literal
stream
sid
41
name
\u430b\u4131\u4735\u45fe\u4135\u42f6\u4801
size
766
type_literal
stream
sid
27
name
\u430b\u4131\u4735\u45fe\u44f2\u3981
size
29848
type_literal
stream
sid
12
name
\u4840\u3b3f\u43f2\u4438\u45b1
size
3840
type_literal
stream
sid
4
name
\u4840\u3c9e\u421d\u45fb
size
204
type_literal
stream
sid
55
name
\u4840\u3cbf\u45b1\u4137\u43ef\u411f\u432f\u4127\u4237
size
408
type_literal
stream
sid
28
name
\u4840\u3eff\u4528\u4338\u4235\u4827
size
312
type_literal
stream
sid
29
name
\u4840\u3f3f\u4528\u4238\u41b1\u4828
size
888
type_literal
stream
sid
42
name
\u4840\u3f3f\u4577\u446c\u3b6a\u45e4\u4824
size
517097
type_literal
stream
sid
43
name
\u4840\u3f3f\u4577\u446c\u3e6a\u44b2\u482f
size
17620
type_literal
stream
sid
13
name
\u4840\u3f7f\u4164\u422f\u4836
size
206
type_literal
stream
sid
44
name
\u4840\u3fff\u43e4\u41ec\u45e4\u44ac\u4831
size
11064
type_literal
stream
sid
1
name
\u4840\u410c\u45a5
size
4
type_literal
stream
sid
56
name
\u4840\u4115\u4478\u42e6\u448c\u41f1\u45ec\u44ac\u4831
size
20
type_literal
stream
sid
45
name
\u4840\u411b\u4327\u3af2\u45f8\u44b7\u4831
size
198
type_literal
stream
sid
30
name
\u4840\u418a\u4337\u4472\u421d\u45fb
size
636
type_literal
stream
sid
2
name
\u4840\u4192\u4472
size
8
type_literal
stream
sid
69
name
\u4840\u41ca\u4330\u3bb1\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
54
type_literal
stream
sid
57
name
\u4840\u41ca\u4330\u3fb1\u3f12\u4528\u4238\u41b1\u4828
size
66
type_literal
stream
sid
70
name
\u4840\u41ca\u45f9\u46ce\u41a8\u45f8\u3f28\u4528\u4238\u41b1\u4828
size
78
type_literal
stream
sid
14
name
\u4840\u420a\u420d\u3bb9\u45fb
size
30
type_literal
stream
sid
63
name
\u4840\u420a\u460b\u43ec\u4227\u3ef5\u45a8\u4632\u41b5\u45a8
size
52
type_literal
stream
sid
64
name
\u4840\u420f\u45e4\u4578\u3b28\u4432\u44b3\u4231\u45f1\u4836
size
1472
type_literal
stream
sid
15
name
\u4840\u420f\u45e4\u4578\u4828
size
288
type_literal
stream
sid
58
name
\u4840\u4210\u4231\u44b5\u45b8\u420d\u4237\u45e6\u4836
size
204
type_literal
stream
sid
71
name
\u4840\u4210\u4231\u44b5\u45b8\u421b\u4634\u456c\u4428\u4468\u45b7
size
48
type_literal
stream
sid
59
name
\u4840\u4210\u4231\u44b5\u45b8\u421f\u45b5\u44ac\u45b1
size
456
type_literal
stream
sid
5
name
\u4840\u4216\u4327\u4824
size
12
type_literal
stream
sid
31
name
\u4840\u421b\u3d6a\u41b2\u45e4\u4572
size
10
type_literal
stream
sid
16
name
\u4840\u421b\u432a\u45f6\u4735
size
876
type_literal
stream
sid
32
name
\u4840\u421b\u44b0\u4239\u430f\u422f
size
10
type_literal
stream
sid
33
name
\u4840\u421d\u45fb\u45dc\u43fc\u4828
size
300
type_literal
stream
sid
17
name
\u4840\u42cc\u41a8\u3aee\u46f2
size
40
type_literal
stream
sid
18
name
\u4840\u42dc\u4572\u41b7\u45f8
size
144
type_literal
stream
sid
6
name
\u4840\u430b\u4131\u4735
size
100
type_literal
stream
sid
34
name
\u4840\u430d\u4235\u45e6\u4572\u483c
size
576
type_literal
stream
sid
7
name
\u4840\u430d\u43e4\u42b2
size
682
type_literal
stream
sid
3
name
\u4840\u430f\u422f
size
10062
type_literal
stream
sid
73
name
\u4840\u4452\u45f6\u43e4\u3baf\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
528
type_literal
stream
sid
65
name
\u4840\u4452\u45f6\u43e4\u3faf\u3f12\u4528\u4238\u41b1\u4828
size
198
type_literal
stream
sid
19
name
\u4840\u448c\u4170\u3af2\u46f2
size
24
type_literal
stream
sid
35
name
\u4840\u448c\u44f0\u4472\u4468\u4837
size
4416
type_literal
stream
sid
60
name
\u4840\u448c\u45f1\u44b5\u3b2f\u4472\u4327\u4337\u4472
size
408
type_literal
stream
sid
46
name
\u4840\u448c\u45f1\u44b5\u3baf\u4239\u45f1
size
1668
type_literal
stream
sid
20
name
\u4840\u448c\u45f1\u44b5\u482f
size
7202
type_literal
stream
sid
36
name
\u4840\u44ca\u3f33\u4128\u41b5\u482b
size
4
type_literal
stream
sid
21
name
\u4840\u44de\u456a\u41e4\u4828
size
32
type_literal
stream
sid
47
name
\u4840\u454c\u4128\u4237\u448f\u41ef\u4568
size
4
type_literal
stream
sid
8
name
\u4840\u454e\u44b5\u4835
size
2060
type_literal
stream
sid
22
name
\u4840\u4559\u44f2\u4568\u4737
size
252
type_literal
stream
sid
48
name
\u4840\u4596\u3bec\u43ec\u3c68\u45a4\u482b
size
980
type_literal
stream
sid
37
name
\u4840\u459a\u4320\u41ef\u4126\u41f5
size
18
type_literal
stream
sid
49
name
\u4840\u460c\u45f6\u4432\u418a\u4337\u4472
size
272
type_literal
stream
sid
52
name
\u4840\u460d\u43f3\u41ac\u45e4\u3be8\u43ec\u4828
size
10
type_literal
stream
sid
50
name
\u4840\u464e\u4468\u3db7\u44e4\u4333\u42b1
size
112
ExifTool file metadata
MIMEType
image/vnd.fpx

ModifyDate
2013:10:29 14:25:33

Template
;1033

Title
Quest PowerGUI? 3.8

FileType
FPX

Author
Quest Software, Inc.

Comments
The Installation database contains the logic and data required to install Quest PowerGUI? 3.8 .

LastModifiedBy
Builder

FileTypeExtension
fpx

Words
2

CreateDate
2013:10:29 14:25:33

LastPrinted
2013:10:29 14:25:33

Software
Wise for Windows Installer - Professional Edition Standalone

Pages
200

RevisionNumber
{FBF9163D-0B76-4C43-A553-37631E8358E0}

Subject
Quest PowerGUI? 3.8

File identification
MD5 59e342f9267013e568631bd2e2d30b0c
SHA1 4c8be00ff6dd070842ef9ccaa6cfd288be248ac2
SHA256 f3570bd7dbe4b2d5b2fc41ff1d1d3e5b8173229bb69116678405024e0cea6eea
ssdeep
393216:AdvNl5YoNVmmGuNJWxQgg5e3WPuBjxPffAd/twU:U1lKAmmlNJ6Jg5gWGxRff

File size 14.4 MB ( 15116288 bytes )
File type Windows Installer
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 5.1, Name of Creating Application: Wise for Windows Installer - Professional Edition Standalone, Last Saved Time/Date: Mon Oct 28 14:25:33 2013, Create Time/Date: Mon Oct 28 14:25:33 2013, Last Printed: Mon Oct 28 14:25:33 2013, Title: Quest PowerGUI� 3.8, Subject: Quest PowerGUI� 3.8, Author: Quest Software, Inc., Comments: The Installation database contains the logic and data required to install Quest PowerGUI� 3.8 ., Template:

TrID Microsoft Windows Installer (82.8%)
Windows SDK Setup Transform Script (9.3%)
Windows Installer Patch (6.6%)
Generic OLE2 / Multistream Compound File (1.1%)
Tags
msi signed

VirusTotal metadata
First submission 2013-11-01 00:25:29 UTC ( 4 years, 1 month ago )
Last submission 2017-11-30 09:49:31 UTC ( 1 week, 4 days ago )
File names PowerGUI.3.8.0.129.msi
PowerGUI.3.8.0.129(1).msi
powergui_380129.msi
40bc75f.msi
PowerGUI.3.8.0.129.msi
PowerGUI.3.8.0.129.msi
1e07116.msi
file-7309552_msi
quest-powergui-download-190028-.msi
filename
48c3316.msi
29b1ea3a.msi
PowerGUI.3.8.0.129.msi
7d2307.msi
df9a1e7.msi
f3570bd7dbe4b2d5b2fc41ff1d1d3e5b8173229bb69116678405024e0cea6eea
PowerGUI.3.8.0.129.msi
1004942
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!