× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 039746854c21ca23a9430d41d62289c678a40e6cab2dd542db76e25fc7e88e93
Nom du fichier : GesFine-v7.5.87.6909-setup.exe
Ratio de détection : 0 / 67
Date d'analyse : 2018-12-01 13:19:23 UTC (il y a 1 semaine, 5 jours)
Antivirus Résultat Mise à jour
Ad-Aware 20181201
AegisLab 20181201
AhnLab-V3 20181201
Alibaba 20180921
ALYac 20181201
Antiy-AVL 20181201
Arcabit 20181201
Avast 20181201
Avast-Mobile 20181201
AVG 20181201
Avira (no cloud) 20181201
Babable 20180918
Baidu 20181130
BitDefender 20181201
Bkav 20181129
CAT-QuickHeal 20181201
ClamAV 20181201
CMC 20181201
Comodo 20181201
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181201
Cyren 20181201
DrWeb 20181201
Emsisoft 20181201
Endgame 20181108
ESET-NOD32 20181201
F-Prot 20181201
F-Secure 20181201
Fortinet 20181201
GData 20181201
Sophos ML 20181128
Jiangmin 20181201
K7AntiVirus 20181201
K7GW 20181201
Kaspersky 20181201
Kingsoft 20181201
Malwarebytes 20181201
MAX 20181201
McAfee 20181201
McAfee-GW-Edition 20181201
Microsoft 20181203
eScan 20181201
NANO-Antivirus 20181201
Palo Alto Networks (Known Signatures) 20181201
Panda 20181201
Qihoo-360 20181201
Rising 20181201
SentinelOne (Static ML) 20181011
Sophos AV 20181201
SUPERAntiSpyware 20181128
Symantec 20181201
Symantec Mobile Insight 20181121
TACHYON 20181201
Tencent 20181201
TheHacker 20181129
Trapmine 20181128
TrendMicro 20181203
TrendMicro-HouseCall 20181201
Trustlook 20181201
VBA32 20181130
VIPRE 20181203
ViRobot 20181201
Webroot 20181201
Yandex 20181130
Zillya 20181130
ZoneAlarm by Check Point 20181201
Zoner 20181201
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Signature verification Signed file, verified signature
Signing date 2:17 PM 12/1/2018
Signers
[+] LEBLOND JACQUES
Status Valid
Issuer GlobalSign Extended Validation CodeSigning CA - SHA256 - G3
Valid from 6:21 AM 3/9/2018
Valid to 6:21 AM 3/9/2021
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 6FA9211281983E856673E266878C97A21EC2DA49
Serial number 28 15 AE 0E B1 74 B1 7D C4 EA 74 4B
[+] GlobalSign Extended Validation CodeSigning CA - SHA256 - G3
Status Valid
Issuer GlobalSign
Valid from 1:00 AM 6/15/2016
Valid to 1:00 AM 6/15/2024
Valid usage Code Signing, OCSP Signing
Algorithm sha256RSA
Thumbprint 87A63D9ADB627D777836153C680A3DFCF27DE90C
Serial number 48 1B 6A 07 A9 42 4C 1E AA FE F3 CD F1 0F
[+] GlobalSign Root CA - R3
Status Valid
Issuer GlobalSign
Valid from 11:00 AM 3/18/2009
Valid to 11:00 AM 3/18/2029
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha256RSA
Thumbprint D69B561148F01C77C54578C10926DF5B856976AD
Serial number 04 00 00 00 00 01 21 58 53 08 A2
Counter signers
[+] GlobalSign TSA for Advanced - G2
Status Valid
Issuer GlobalSign Timestamping CA - SHA256 - G2
Valid from 1:00 AM 2/19/2018
Valid to 11:00 AM 3/18/2029
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 9B12057AE72AAFF6D63772B49F6A236F2649CDA9
Serial number 0C A7 CF 5D 07 07 24 AC 89 E7 9A 3A
[+] GlobalSign Timestamping CA - SHA256 - G2
Status Valid
Issuer GlobalSign
Valid from 11:00 AM 8/2/2011
Valid to 11:00 AM 3/29/2029
Valid usage All
Algorithm sha256RSA
Thumbrint 91843BBD936D86EAFA42A3AFBF33E92831068F99
Serial number 04 00 00 00 00 01 31 89 C6 50 04
[+] GlobalSign Root CA - R3
Status Valid
Issuer GlobalSign
Valid from 11:00 AM 3/18/2009
Valid to 11:00 AM 3/18/2029
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha256RSA
Thumbrint D69B561148F01C77C54578C10926DF5B856976AD
Serial number 04 00 00 00 00 01 21 58 53 08 A2
Packers identified
F-PROT NSIS
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-12-27 05:38:52
Entry Point 0x0000324F
Number of sections 5
PE sections
Overlays
MD5 3c7281b3aa6f854d90a09ded4ec3ad4e
File type data
Offset 125952
Size 35971720
Entropy 8.00
PE imports
RegDeleteKeyA
RegCloseKey
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
ImageList_Create
Ord(17)
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
SelectObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetBkColor
DeleteObject
SetTextColor
GetLastError
ReadFile
LoadLibraryA
lstrlenA
lstrcmpiA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
CopyFileA
GetTickCount
SetFileTime
GlobalUnlock
GetModuleFileNameA
RemoveDirectoryA
GetShortPathNameA
GetCurrentProcess
LoadLibraryExA
CompareFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileSize
lstrcatA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GlobalLock
GetFullPathNameA
GetModuleHandleA
GetTempPathA
CreateThread
GetFileAttributesA
SetFilePointer
lstrcmpA
FindFirstFileA
WriteFile
CloseHandle
GetTempFileNameA
lstrcpynA
FindNextFileA
GetSystemDirectoryA
GetDiskFreeSpaceA
ExpandEnvironmentStringsA
SetFileAttributesA
FreeLibrary
MoveFileA
CreateProcessA
GlobalAlloc
SearchPathA
FindClose
Sleep
CreateFileA
ExitProcess
GetVersion
GetProcAddress
SetCurrentDirectoryA
MulDiv
SHGetFileInfoA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHFileOperationA
CharPrevA
GetMessagePos
EndPaint
SystemParametersInfoA
EndDialog
BeginPaint
PostQuitMessage
DefWindowProcA
GetClassInfoA
SetClassLongA
LoadBitmapA
SetWindowPos
GetSystemMetrics
IsWindow
AppendMenuA
GetWindowRect
DispatchMessageA
ScreenToClient
SetDlgItemTextA
MessageBoxIndirectA
LoadImageA
GetDlgItemTextA
PeekMessageA
SetWindowLongA
IsWindowEnabled
GetSysColor
CheckDlgButton
GetDC
FindWindowExA
DrawTextA
CreatePopupMenu
wsprintfA
DialogBoxParamA
SetClipboardData
IsWindowVisible
SendMessageA
SetForegroundWindow
GetClientRect
SetTimer
GetDlgItem
CreateDialogParamA
EnableMenuItem
RegisterClassA
InvalidateRect
GetWindowLongA
SendMessageTimeoutA
CreateWindowExA
LoadCursorA
TrackPopupMenu
SetWindowTextA
FillRect
ShowWindow
OpenClipboard
CharNextA
CallWindowProcA
GetSystemMenu
EmptyClipboard
EnableWindow
CloseClipboard
DestroyWindow
ExitWindowsEx
SetCursor
OleUninitialize
CoTaskMemFree
OleInitialize
CoCreateInstance
Number of PE resources by type
RT_ICON 6
RT_DIALOG 6
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 14
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

SubsystemVersion
4.0

MachineType
Intel 386 or later, and compatibles

TimeStamp
2015:12:27 06:38:52+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
24064

LinkerVersion
6.0

FileTypeExtension
exe

InitializedDataSize
120320

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

EntryPoint
0x324f

OSVersion
4.0

ImageVersion
6.0

UninitializedDataSize
1024

File identification
MD5 8c4210e3436856947548a26fec53ee97
SHA1 c0ef19e7f4ffc41a47f3043c403e9f8f6498d3a1
SHA256 039746854c21ca23a9430d41d62289c678a40e6cab2dd542db76e25fc7e88e93
ssdeep
786432:hS52M9/96NuZMuoh4if78wP9djdVfaBz81YDGLx/a1zikwx3mKU/:4oM9/okquo5XLVM41YYM1Zw9mP

authentihash bd5e717e81e018fc83137715f2b304d0aabbbedc8a36dea7f0aebb5e415b97fe
imphash ab6770b0a8635b9d92a5838920cfe770
File size 34.4 MB ( 36097672 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
nsis peexe signed overlay

VirusTotal metadata
First submission 2018-12-01 13:19:23 UTC (il y a 1 semaine, 5 jours)
Last submission 2018-12-01 13:19:23 UTC (il y a 1 semaine, 5 jours)
Noms du fichier GesFine-v7.5.87.6909-setup.exe
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !