× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fef8d03983d59b932064b1d9ad7053f990f3d40c690a4f87c953c21e9c93537c
File name: avg_antivirus_free_setup.exe
Detection ratio: 0 / 69
Analysis date: 2019-02-07 01:12:41 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Acronis 20190130
Ad-Aware 20190207
AegisLab 20190206
AhnLab-V3 20190206
Alibaba 20180921
ALYac 20190207
Antiy-AVL 20190207
Arcabit 20190206
Avast 20190206
Avast-Mobile 20190206
AVG 20190206
Avira (no cloud) 20190206
Babable 20180918
Baidu 20190202
BitDefender 20190206
Bkav 20190201
CAT-QuickHeal 20190206
ClamAV 20190206
CMC 20190206
Comodo 20190206
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190207
Cyren 20190206
DrWeb 20190207
eGambit 20190207
Emsisoft 20190207
Endgame 20181108
ESET-NOD32 20190206
F-Prot 20190207
F-Secure 20190207
Fortinet 20190206
GData 20190207
Ikarus 20190206
Sophos ML 20181128
Jiangmin 20190207
K7AntiVirus 20190206
K7GW 20190206
Kaspersky 20190207
Kingsoft 20190207
Malwarebytes 20190206
MAX 20190207
McAfee 20190207
McAfee-GW-Edition 20190206
Microsoft 20190207
eScan 20190207
NANO-Antivirus 20190206
Palo Alto Networks (Known Signatures) 20190207
Panda 20190206
Qihoo-360 20190207
Rising 20190207
SentinelOne (Static ML) 20190203
Sophos AV 20190206
SUPERAntiSpyware 20190206
Symantec 20190207
TACHYON 20190206
Tencent 20190207
TheHacker 20190203
TotalDefense 20190206
Trapmine 20190123
TrendMicro 20190206
TrendMicro-HouseCall 20190206
VBA32 20190206
ViRobot 20190206
Webroot 20190207
Yandex 20190206
Zillya 20190206
ZoneAlarm by Check Point 20190206
Zoner 20190207
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (C) 2019 AVG Technologies CZ, s.r.o.

Product AVG Internet Security System
Original name SfxInst.exe
Internal name SfxInst
File version 19.2.4186.0
Description AVG Antivirus Installer
Comments AVG Technologies
Signature verification Signed file, verified signature
Signing date 10:42 AM 2/6/2019
Signers
[+] AVG Technologies USA, Inc.
Status Valid
Issuer DigiCert Assured ID Code Signing CA-1
Valid from 12:00 AM 01/30/2018
Valid to 12:00 PM 01/22/2021
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint F74407DCA8D49D42D72D88863C17AB905EB94D1C
Serial number 05 57 95 5E 02 A6 B5 3D D1 D5 74 ED E1 5F 31 0E
[+] DigiCert Assured ID Code Signing CA-1
Status Valid
Issuer DigiCert Assured ID Root CA
Valid from 12:00 PM 02/11/2011
Valid to 12:00 PM 02/10/2026
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 409AA4A74A0CDA7C0FEE6BD0BB8823D16B5F1875
Serial number 0F A8 49 06 15 D7 00 A0 BE 21 76 FD C5 EC 6D BD
[+] DigiCert
Status Valid
Issuer DigiCert Assured ID Root CA
Valid from 12:00 AM 11/10/2006
Valid to 12:00 AM 11/10/2031
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha1RSA
Thumbprint 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Serial number 0C E7 E0 E5 17 D8 46 FE 8F E5 60 FC 1B F0 30 39
Counter signers
[+] DigiCert Timestamp Responder
Status Valid
Issuer DigiCert Assured ID CA-1
Valid from 12:00 AM 10/22/2014
Valid to 12:00 AM 10/22/2024
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 614D271D9102E30169822487FDE5DE00A352B01D
Serial number 03 01 9A 02 3A FF 58 B1 6B D6 D5 EA E6 17 F0 66
[+] DigiCert Assured ID CA-1
Status Valid
Issuer DigiCert Assured ID Root CA
Valid from 12:00 AM 11/10/2006
Valid to 12:00 AM 11/10/2021
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing
Algorithm sha1RSA
Thumbrint 19A09B5A36F4DD99727DF783C17A51231A56C117
Serial number 06 FD F9 03 96 03 AD EA 00 0A EB 3F 27 BB BA 1B
[+] DigiCert
Status Valid
Issuer DigiCert Assured ID Root CA
Valid from 12:00 AM 11/10/2006
Valid to 12:00 AM 11/10/2031
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha1RSA
Thumbrint 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Serial number 0C E7 E0 E5 17 D8 46 FE 8F E5 60 FC 1B F0 30 39
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-02-04 13:34:02
Entry Point 0x0002D600
Number of sections 6
PE sections
Overlays
MD5 9aa7e789450c971d08240b9e58cf8f0e
File type data
Offset 1294336
Size 6468216
Entropy 8.00
PE imports
GetVolumePathNameW
GetStdHandle
FileTimeToSystemTime
WaitForSingleObject
HeapDestroy
EncodePointer
CreateTimerQueue
GetFileAttributesW
GetExitCodeProcess
GetVolumePathNamesForVolumeNameW
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
UnhandledExceptionFilter
ExitProcess
UnregisterWait
FreeEnvironmentStringsW
lstrcatW
InitializeSListHead
InterlockedPopEntrySList
GetLocaleInfoW
SetStdHandle
GetFileTime
WideCharToMultiByte
lstrcmpiA
WriteFile
GetTimeZoneInformation
GetSystemTimeAsFileTime
SetThreadAffinityMask
GetThreadTimes
GlobalMemoryStatusEx
HeapReAlloc
GetStringTypeW
QueryDepthSList
GetThreadPriority
GetOEMCP
LocalFree
FormatMessageW
IsWow64Process
ResumeThread
FreeLibraryAndExitThread
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
QueryDosDeviceW
SetFileAttributesW
SignalObjectAndWait
OutputDebugStringA
GetEnvironmentVariableW
SetLastError
DeviceIoControl
InterlockedDecrement
GetUserDefaultLangID
OutputDebugStringW
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
HeapAlloc
FindNextVolumeW
TzSpecificLocalTimeToSystemTime
LoadLibraryExA
SetThreadPriority
GetUserDefaultLCID
EnumSystemLocalesW
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
DeleteTimerQueueTimer
GetPrivateProfileStringW
SetFilePointer
GetFullPathNameW
LockFileEx
CreateThread
SetEnvironmentVariableW
MoveFileExW
GetSystemDirectoryW
GetExitCodeThread
CreateSemaphoreW
GetVolumeNameForVolumeMountPointW
IsProcessorFeaturePresent
GetSystemTimes
ExitThread
DecodePointer
TerminateProcess
SetUnhandledExceptionFilter
GetModuleHandleExW
GlobalAlloc
GetDiskFreeSpaceExW
SetEndOfFile
GetVersion
InterlockedIncrement
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
TerminateThread
LoadLibraryW
FindVolumeClose
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
FreeLibrary
GetWindowsDirectoryW
ChangeTimerQueueTimer
GetFileSize
WriteProcessMemory
WaitForMultipleObjects
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CreateFileMappingW
CompareStringW
GetFileSizeEx
RemoveDirectoryW
ExpandEnvironmentStringsW
FindNextFileW
ResetEvent
CreateTimerQueueTimer
FindFirstFileW
IsValidLocale
DuplicateHandle
FindFirstFileExW
GlobalLock
GetLogicalProcessorInformation
ReadConsoleW
GetProcessAffinityMask
CreateEventW
CreateFileW
GetFileType
TlsSetValue
GetCurrentThreadId
FindFirstVolumeW
LeaveCriticalSection
GetNativeSystemInfo
GetLastError
InterlockedPushEntrySList
SystemTimeToFileTime
LCMapStringW
GetShortPathNameW
GetSystemInfo
GlobalFree
GetConsoleCP
UnregisterWaitEx
GetEnvironmentStringsW
GlobalUnlock
VirtualQuery
VirtualFree
WaitForSingleObjectEx
InterlockedFlushSList
SwitchToThread
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
GetCPInfo
HeapSize
RegisterWaitForSingleObject
GetCommandLineA
InterlockedCompareExchange
GetCurrentThread
RaiseException
ReleaseSemaphore
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
SetDllDirectoryW
UnlockFileEx
GetACP
GetModuleHandleW
FreeResource
GetLongPathNameW
GetNumaHighestNodeNumber
IsValidCodePage
UnmapViewOfFile
FindResourceW
CreateProcessW
Sleep
VirtualAlloc
CreateHardLinkW
RtlUnwind
PE exports
Number of PE resources by type
RT_ICON 10
RT_MANIFEST 1
RT_VERSION 1
FILE 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 12
ENGLISH US 1
CZECH DEFAULT 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.0

Comments
AVG Technologies

InitializedDataSize
422912

ImageVersion
0.0

ProductName
AVG Internet Security System

FileVersionNumber
19.2.4186.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x0017

ImageFileCharacteristics
Executable, Large address aware, 32-bit, Net run from swap

CharacterSet
Unicode

LinkerVersion
14.16

FileTypeExtension
exe

OriginalFileName
SfxInst.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
19.2.4186.0

TimeStamp
2019:02:04 14:34:02+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
SfxInst

ProductVersion
19.2.4186.0

FileDescription
AVG Antivirus Installer

OSVersion
6.0

FileOS
Win32

LegalCopyright
Copyright (C) 2019 AVG Technologies CZ, s.r.o.

MachineType
Intel 386 or later, and compatibles

CompanyName
AVG Technologies CZ, s.r.o.

CodeSize
882176

FileSubtype
0

ProductVersionNumber
19.2.4186.0

EntryPoint
0x2d600

ObjectFileType
Dynamic link library

File identification
MD5 ef0c6db1f7434476b1d3276ed94274d1
SHA1 7d9ab675ac1afe4a26ecc5b4a2fb1f6d9729ea3c
SHA256 fef8d03983d59b932064b1d9ad7053f990f3d40c690a4f87c953c21e9c93537c
ssdeep
196608:diKCzH6HQFtEeAmZIgkgLd5ebNFH3I0n5dL6nGH:AKCzH6HuA0IBgLd8bNFH7jH

authentihash 64a7b629c1a1bbb7a6a465766ca99380c42e0aad8e38310c4b486eb5e96ee270
imphash c9b9d6541dd97f5789bc69a4d95846a1
File size 7.4 MB ( 7762552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
TAR - Tape ARchive (hard link) (0.0%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2019-02-06 13:03:45 UTC ( 1 month, 1 week ago )
Last submission 2019-03-07 12:15:36 UTC ( 1 week, 6 days ago )
File names SfxInst.exe
SfxInst
avg_antivirus_free_setup_u2k.exe
avg_antivirus_free_setup_f2h.exe
avg_free_antivirus_setup_online.exe
avg_antivirus_free_setup.exe
avg_antivirus_free_setup_e2e.exe
avg_antivirus_free_setup_b3a.exe
avg_antivirus_free_setup.exe
avg-antivirus-free-edition_19-2-4186_fr_10997.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!