× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fd7fffd5c50b5a4e20bdee0e163f2aed2d7b85154ca5ada03c84d44ed38b3404
File name: WiFiPasswordRevealerInstaller [www.Expert2Program.com].exe
Detection ratio: 1 / 51
Analysis date: 2014-04-21 00:44:05 UTC ( 3 days, 19 hours ago )
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
ESET-NOD32 Win32/OpenCandy 20140421
AVG 20140421
Ad-Aware 20140421
AegisLab 20140421
Agnitum 20140420
AhnLab-V3 20140421
AntiVir 20140421
Antiy-AVL 20140421
Avast 20140421
Baidu-International 20140420
BitDefender 20140421
Bkav 20140418
ByteHero 20140421
CAT-QuickHeal 20140421
CMC 20140421
ClamAV 20140421
Commtouch 20140421
Comodo 20140421
DrWeb 20140421
Emsisoft 20140421
F-Prot 20140421
F-Secure 20140421
Fortinet 20140420
GData 20140421
Ikarus 20140421
Jiangmin 20140421
K7AntiVirus 20140418
K7GW 20140418
Kaspersky 20140421
Kingsoft 20140421
Malwarebytes 20140421
McAfee 20140421
McAfee-GW-Edition 20140421
MicroWorld-eScan 20140421
Microsoft 20140421
NANO-Antivirus 20140421
Norman 20140421
Panda 20140421
Qihoo-360 20140421
Rising 20140421
SUPERAntiSpyware 20140420
Sophos 20140421
Symantec 20140421
TheHacker 20140421
TotalDefense 20140421
TrendMicro 20140421
TrendMicro-HouseCall 20140421
VBA32 20140418
VIPRE 20140421
ViRobot 20140421
nProtect 20140421
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright © 2013 KeyFinder LTD.

Publisher KeyFinder LTD
Product WiFi Password Revealer
File version 1.0.0.3
Description WiFi Password Revealer Setup
Comments This installation was built with Inno Setup.
Signature verification Signed file, verified signature
Signing date 1:18 PM 6/26/2013
Signers
[+] KeyFinder LTD
Status Valid
Valid from 7:33 PM 2/25/2013
Valid to 4:14 PM 4/26/2016
Valid usage Code Signing
Algorithm SHA1
Thumbrint 25C3D3D39E7A0C6E7AB8D7009096102E363698B7
Serial number 4B 12 EA D0 A0 A9 F5
[+] Starfield Secure Certification Authority
Status Valid
Valid from 2:15 AM 11/16/2006
Valid to 2:15 AM 11/16/2026
Valid usage All
Algorithm SHA1
Thumbrint 7E1874A98FAA5D6D2F506A8920FF22FBD16652D9
Serial number 02 01
[+] Starfield Class 2 Certification Authority
Status Valid
Valid from 6:39 PM 6/29/2004
Valid to 6:39 PM 6/29/2034
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm SHA1
Thumbrint AD7E1C28B064EF8F6003402014C3D0E3370EB58A
Serial number 00
Counter signers
[+] Starfield Services Timestamp Authority
Status Valid
Valid from 8:00 AM 4/11/2013
Valid to 8:00 AM 4/11/2018
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 1D8E3A688E81D1E75E89365933A833A1BB3332F1
Serial number 20 0D
[+] Starfield Technologies Inc.
Status Valid
Valid from 1:00 AM 6/2/2008
Valid to 12:59 AM 1/1/2030
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, 1.3.6.1.5.5.8.2.2
Algorithm SHA1
Thumbrint 5D003860F002ED829DEAA41868F788186D62127F
Serial number 00
Packers identified
F-PROT INNO, appended, INNO, INNO
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-10-09 08:48:22
Entry Point 0x0000F3BC
Number of sections 8
PE sections
PE imports
RegCloseKey
OpenProcessToken
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControls
GetLastError
GetStdHandle
GetUserDefaultLangID
GetSystemInfo
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetThreadLocale
VirtualProtect
GetFileAttributesW
RtlUnwind
lstrlenW
GetExitCodeProcess
CreateProcessW
GetStartupInfoA
SizeofResource
GetWindowsDirectoryW
LocalAlloc
LockResource
GetDiskFreeSpaceW
GetCommandLineW
SetErrorMode
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetCPInfo
DeleteFileW
GetProcAddress
InterlockedCompareExchange
GetLocaleInfoW
lstrcpynW
RaiseException
WideCharToMultiByte
RemoveDirectoryW
SetFilePointer
GetFullPathNameW
ReadFile
GetEnvironmentVariableW
InterlockedExchange
CreateDirectoryW
WriteFile
GetCurrentProcess
CloseHandle
FindFirstFileW
GetACP
GetModuleHandleW
SignalObjectAndWait
SetEvent
FormatMessageW
LoadLibraryW
CreateEventW
GetVersion
LoadResource
FindResourceW
CreateFileW
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
VirtualAlloc
GetFileSize
SetLastError
ResetEvent
SysReAllocStringLen
SysFreeString
SysAllocStringLen
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
LoadStringW
MessageBoxA
CreateWindowExW
MsgWaitForMultipleObjects
TranslateMessage
CharUpperBuffW
CallWindowProcW
CharNextW
GetKeyboardType
ExitWindowsEx
DispatchMessageW
DestroyWindow
Number of PE resources by type
RT_STRING 6
RT_ICON 5
RT_RCDATA 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 9
ENGLISH US 9
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
1.0.0.3

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
336384

MIMEType
application/octet-stream

LegalCopyright
Copyright 2013 KeyFinder LTD.

FileVersion
1.0.0.3

TimeStamp
2012:10:09 09:48:22+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

FileAccessDate
2014:04:21 12:45:42+01:00

ProductVersion
1.0.0.3

FileDescription
WiFi Password Revealer Setup

OSVersion
5.0

FileCreateDate
2014:04:21 12:45:42+01:00

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Magical Jelly Bean

CodeSize
60416

ProductName
WiFi Password Revealer

ProductVersionNumber
1.0.0.3

EntryPoint
0xf3bc

ObjectFileType
Executable application

File identification
MD5 c30ae656a0168588b53fce4fc15f23c7
SHA1 7d2b0643946285148782bee82b516b190aaed420
SHA256 fd7fffd5c50b5a4e20bdee0e163f2aed2d7b85154ca5ada03c84d44ed38b3404
ssdeep
49152:zLzbedyhlr8ceE4PZmH/rXVBfjD6CQ7uMLwX1MtN:XzbeUhlrnN8EfPj2a5FMT

imphash 48aa5c8931746a9655524f67b25a47ef
File size 2.2 MB ( 2306312 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.5%)
Win16/32 Executable Delphi generic (19.5%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe signed

VirusTotal metadata
First submission 2013-07-07 23:16:49 UTC ( 9 months, 2 weeks ago )
Last submission 2014-02-26 04:52:50 UTC ( 1 month, 3 weeks ago )
File names _2d78c62994364aec8ac6851592df7888
WiFiPasswordRevealerInstaller [www.Expert2Program.com].exe
WiFi Password Revealer 1.0.0.4 (1).exe
wifipasswordrevealerinstaller.exe
WiFiPasswordRevealerI.exe
c30ae656a0168588b53fce4fc15f23c7.7d2b0643946285148782bee82b516b190aaed420
WiFiPasswordRevealerInstaller [www.RiazAliKhan.net].exe
WiFiPasswordRevealerInstaller_2.exe
file-5747609_exe
559443421
WiFiPasswordRevealer.exe
WiFiPasswordRevealerInstaller.exe
WiFi Password Revealer 1.0.0.4.exe
file
WiFi-Password-Revealer1004.exe
WiFiPasswordRevealer104.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!