× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f65009afe762d86ea3322d9170277fbb1e3084622d4fd8575e3eca9418c921fc
File name: HandBrake-1.2.2-x86_64-Win_GUI.exe
Detection ratio: 0 / 67
Analysis date: 2019-04-10 07:38:29 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Acronis 20190409
Ad-Aware 20190410
AegisLab 20190410
AhnLab-V3 20190410
Alibaba 20190402
ALYac 20190410
Antiy-AVL 20190410
Arcabit 20190410
Avast 20190410
Avast-Mobile 20190409
AVG 20190410
Avira (no cloud) 20190410
Babable 20180918
Baidu 20190318
BitDefender 20190410
Bkav 20190409
CAT-QuickHeal 20190409
ClamAV 20190409
CMC 20190321
Comodo 20190410
CrowdStrike Falcon (ML) 20190212
Cybereason 20190403
Cylance 20190410
Cyren 20190410
DrWeb 20190410
eGambit 20190410
Emsisoft 20190410
Endgame 20190403
ESET-NOD32 20190410
F-Prot 20190410
F-Secure 20190410
FireEye 20190410
Fortinet 20190410
GData 20190410
Ikarus 20190409
Sophos ML 20190313
Jiangmin 20190410
K7AntiVirus 20190410
K7GW 20190410
Kaspersky 20190410
Kingsoft 20190410
Malwarebytes 20190410
MAX 20190410
McAfee 20190410
McAfee-GW-Edition 20190409
Microsoft 20190410
eScan 20190410
NANO-Antivirus 20190410
Palo Alto Networks (Known Signatures) 20190410
Panda 20190409
Qihoo-360 20190410
Rising 20190410
SentinelOne (Static ML) 20190407
Sophos AV 20190410
SUPERAntiSpyware 20190404
Symantec 20190410
Symantec Mobile Insight 20190408
TACHYON 20190410
Tencent 20190410
TheHacker 20190405
Trapmine 20190325
TrendMicro-HouseCall 20190410
Trustlook 20190410
VBA32 20190409
ViRobot 20190410
Webroot 20190410
Yandex 20190408
ZoneAlarm by Check Point 20190410
Zoner 20190410
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Signature verification Signed file, verified signature
Signing date 6:21 PM 2/23/2019
Signers
[+] Open Source Developer, Scott Rae
Status Valid
Issuer Certum Code Signing CA SHA2
Valid from 07:35 PM 09/18/2018
Valid to 06:59 AM 09/17/2019
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 9E02C1313A384CDD71B4FD1682199F57DF7F9AE2
Serial number 61 F5 5A 4E F0 7D 41 42 CA FD 48 EA 88 71 EF 99
[+] Certum Code Signing CA SHA2
Status Valid
Issuer Certum Trusted Network CA
Valid from 11:30 AM 10/29/2015
Valid to 11:30 AM 06/09/2027
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 905DE119F6A0118CFFBF8B69463EFE5BD0C1D322
Serial number 6B 32 6A 0F 03 28 D3 7A 1D 53 0B FD 23 BD 48 E2
[+] Certum Trusted Network CA
Status Valid
Issuer Certum Trusted Network CA
Valid from 12:07 PM 10/22/2008
Valid to 12:07 PM 12/31/2029
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbprint 07E032E020B72C3F192F0628A2593A19A70F069E
Serial number 04 44 C0
Counter signers
[+] Certum EV TSA SHA2
Status Valid
Issuer Certum Trusted Network CA
Valid from 01:10 PM 03/08/2016
Valid to 01:10 PM 05/30/2027
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 4F8D4C480649426AEF8B86D4D5FC7932E7142D85
Serial number 00 FE 67 E4 F1 5A 24 E3 C6 0D 54 7C A0 20 C2 76 70
[+] Certum Trusted Network CA
Status Valid
Issuer Certum Trusted Network CA
Valid from 12:07 PM 10/22/2008
Valid to 12:07 PM 12/31/2029
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbrint 07E032E020B72C3F192F0628A2593A19A70F069E
Serial number 04 44 C0
Packers identified
F-PROT NSIS, appended, UTF-8
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-08-01 00:33:49
Entry Point 0x000031BB
Number of sections 5
PE sections
Overlays
MD5 e1ff1e54209efd2d5c9adbfac61a5360
File type data
Offset 155136
Size 13226400
Entropy 8.00
PE imports
RegDeleteKeyA
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
OpenProcessToken
RegSetValueExA
RegQueryValueExA
AdjustTokenPrivileges
RegEnumKeyA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
ImageList_Create
Ord(17)
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
SelectObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetBkColor
DeleteObject
SetTextColor
GetLastError
lstrlenA
GetFileAttributesA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
CopyFileA
ExitProcess
SetFileTime
GlobalUnlock
RemoveDirectoryA
GetModuleFileNameA
GetShortPathNameA
GetCurrentProcess
LoadLibraryExA
CompareFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileSize
lstrcatA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetErrorMode
MultiByteToWideChar
ExpandEnvironmentStringsA
GetCommandLineA
GetProcAddress
GetFullPathNameA
GetModuleHandleA
GetTempPathA
CreateThread
lstrcmpiA
SetFilePointer
lstrcmpA
ReadFile
WriteFile
FindFirstFileA
CloseHandle
GetTempFileNameA
lstrcpynA
FindNextFileA
GetSystemDirectoryA
GetDiskFreeSpaceA
MoveFileExA
GlobalLock
SetEnvironmentVariableA
SetFileAttributesA
FreeLibrary
MoveFileA
CreateProcessA
lstrcpyA
GlobalAlloc
SearchPathA
FindClose
Sleep
CreateFileA
GetTickCount
GetVersion
SetCurrentDirectoryA
MulDiv
SHGetFileInfoA
ShellExecuteExA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHFileOperationA
EmptyClipboard
GetMessagePos
CharPrevA
EndDialog
BeginPaint
PostQuitMessage
DefWindowProcA
GetClassInfoA
SetClassLongA
LoadBitmapA
SetWindowPos
GetSystemMetrics
IsWindow
AppendMenuA
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
MessageBoxIndirectA
LoadImageA
GetDlgItemTextA
PeekMessageA
SetWindowLongA
IsWindowEnabled
GetSysColor
CheckDlgButton
GetDC
FindWindowExA
ReleaseDC
SystemParametersInfoA
CreatePopupMenu
wsprintfA
ShowWindow
SetClipboardData
IsWindowVisible
SendMessageA
DialogBoxParamA
GetClientRect
SetTimer
GetDlgItem
SetForegroundWindow
CreateDialogParamA
SetWindowTextA
EnableMenuItem
ScreenToClient
InvalidateRect
GetWindowLongA
SendMessageTimeoutA
CreateWindowExA
LoadCursorA
TrackPopupMenu
DrawTextA
DestroyWindow
FillRect
RegisterClassA
CharNextA
CallWindowProcA
GetSystemMenu
EndPaint
CloseClipboard
OpenClipboard
ExitWindowsEx
SetCursor
OleUninitialize
CoTaskMemFree
OleInitialize
CoCreateInstance
Number of PE resources by type
RT_DIALOG 5
RT_ICON 4
RT_GROUP_ICON 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 11
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2017:08:01 01:33:49+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
24576

LinkerVersion
6.0

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

EntryPoint
0x31bb

InitializedDataSize
118784

SubsystemVersion
4.0

ImageVersion
6.0

OSVersion
4.0

UninitializedDataSize
1024

File identification
MD5 d86cb0947e0d6e3eb4ffdb58b665c055
SHA1 ce8c1777bdf02077cbaa4a47fa13462e555f71ad
SHA256 f65009afe762d86ea3322d9170277fbb1e3084622d4fd8575e3eca9418c921fc
ssdeep
393216:1ppdYPqjD3kGIhKDa0JJ9DWEVXFR53sgP7X:DpOPeD3kGIsDa0JuEVVvcgP7X

authentihash 0a733263a6762dae43e4986fcc7b851f247b5fb54601b835ce4df3a2338cc365
imphash 3abe302b6d9a1256e6a915429af4ffd2
File size 12.8 MB ( 13381536 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (64.5%)
Win32 Dynamic Link Library (generic) (13.6%)
Win32 Executable (generic) (9.3%)
OS/2 Executable (generic) (4.1%)
Generic Win/DOS Executable (4.1%)
Tags
nsis peexe via-tor signed overlay

VirusTotal metadata
First submission 2019-02-23 19:02:18 UTC ( 2 months, 3 weeks ago )
Last submission 2019-05-18 09:30:05 UTC ( 21 hours, 8 minutes ago )
File names HandBrake-1.2.2-x86_64-Win_GUI.exe
HandBrake-1.2.2-x86_64-Win_GUI.exe
output.125070014.txt
HandBrake-1.2.2-x86_64-Win_GUI.exe
HandBrake-1.2.2-x86_64-Win_GUI.exe
HandBrake-1.2.2-x86_64-Win_GUI.exe
HandBrake-1.2.2-x86_64-Win_GUI.exe
HandBrake-1.2.2-x86_64-Win_GUI.exe
HandBrake_(64bit)_v1.2.2.exe
HandBrake-1.2.2-x86_64-Win_GUI.exe
HandBrake-1.2.2-x86_64-Win_GUI(1).exe
HandBrake-1.2.2-x86_64-Win_GUI.exe
HandBrake-1.2.2-x86_64-Win_GUI.exe
HandBrake-1.2.2-x86_64-Win_GUI.exe
HandBrake_v.1.2.2_(x86_64-Win_GUI).exe
handbrake-setup.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created mutexes
Runtime DLLs