× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 352deb88c79339db3a6e3f70c85129bb427581d970b9bf1c2c83591348aa7179
Nom du fichier : setup.exe
Ratio de détection : 0 / 63
Date d'analyse : 2017-07-31 14:59:27 UTC (il y a 1 an, 6 mois) Voir les derniers
Antivirus Résultat Mise à jour
Ad-Aware 20170731
AegisLab 20170731
AhnLab-V3 20170731
Alibaba 20170731
ALYac 20170731
Antiy-AVL 20170731
Arcabit 20170731
Avast 20170731
AVG 20170731
Avira (no cloud) 20170731
AVware 20170731
Baidu 20170728
BitDefender 20170731
Bkav 20170731
CAT-QuickHeal 20170731
ClamAV 20170731
CMC 20170731
Comodo 20170731
CrowdStrike Falcon (ML) 20170710
Cylance 20170731
Cyren 20170731
DrWeb 20170731
Emsisoft 20170731
Endgame 20170721
ESET-NOD32 20170731
F-Prot 20170731
F-Secure 20170731
Fortinet 20170731
GData 20170731
Ikarus 20170731
Sophos ML 20170607
Jiangmin 20170731
K7AntiVirus 20170731
K7GW 20170731
Kaspersky 20170731
Kingsoft 20170731
Malwarebytes 20170731
MAX 20170731
McAfee 20170731
McAfee-GW-Edition 20170731
Microsoft 20170731
eScan 20170731
NANO-Antivirus 20170731
nProtect 20170731
Palo Alto Networks (Known Signatures) 20170731
Panda 20170731
Qihoo-360 20170731
Rising 20170731
SentinelOne (Static ML) 20170718
Sophos AV 20170731
SUPERAntiSpyware 20170731
Symantec 20170731
Symantec Mobile Insight 20170730
Tencent 20170731
TheHacker 20170730
TrendMicro-HouseCall 20170731
Trustlook 20170731
VBA32 20170731
VIPRE 20170731
ViRobot 20170731
Webroot 20170731
WhiteArmor 20170731
Yandex 20170728
Zillya 20170731
ZoneAlarm by Check Point 20170731
Zoner 20170731
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Original name setup.exe
Internal name setup.exe
File version 14.0.23107.0 built by: D14REL
Description Setup
Signature verification Certificate out of its validity period
Signers
[+] BDS NET Sarl
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer COMODO RSA Code Signing CA
Valid from 11:00 PM 04/11/2016
Valid to 10:59 PM 04/12/2017
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint F983858F30A01065BF7FA912748BA93CFDFB6557
Serial number 7C FB 91 B9 55 FA A6 EE 29 7E FD 4B 8E F1 93 63
[+] COMODO RSA Code Signing CA
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 11:00 PM 05/08/2013
Valid to 10:59 PM 05/08/2028
Valid usage Code Signing
Algorithm sha384RSA
Thumbprint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
[+] COMODO SECURE™
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 12:00 AM 01/19/2010
Valid to 11:59 PM 01/18/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha384RSA
Thumbprint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-07-07 06:26:33
Entry Point 0x000330C2
Number of sections 5
PE sections
Overlays
MD5 7d37594eba525a73a6e9d384d522078c
File type data
Offset 546816
Size 3600
Entropy 7.39
PE imports
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertFreeCertificateChain
GetDeviceCaps
GetTextMetricsW
DeleteDC
CreateFontIndirectW
SelectObject
GetTextExtentPoint32W
GetStockObject
EnumFontFamiliesExW
GetObjectW
CreateCompatibleDC
DeleteObject
GetStdHandle
WaitForSingleObject
GetFileAttributesW
GetExitCodeProcess
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
UnhandledExceptionFilter
LoadLibraryExW
FreeEnvironmentStringsW
InitializeSListHead
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
LocalFree
FormatMessageW
GetEnvironmentVariableA
LoadResource
OutputDebugStringW
FindClose
BeginUpdateResourceW
BeginUpdateResourceA
SetLastError
InitializeCriticalSection
CopyFileW
UpdateResourceW
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
UpdateResourceA
HeapSetInformation
LoadLibraryExA
EnumSystemLocalesW
TlsGetValue
MultiByteToWideChar
SetFilePointerEx
CreateThread
GetSystemDirectoryW
SetUnhandledExceptionFilter
MulDiv
IsProcessorFeaturePresent
TerminateProcess
GetModuleHandleExW
GlobalAlloc
GetDiskFreeSpaceExW
SetEndOfFile
GetVersion
WriteConsoleW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
EndUpdateResourceW
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
RtlUnwind
FreeLibrary
GetWindowsDirectoryW
OpenProcess
DeleteFileA
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetProcessHeap
GetTempFileNameW
CompareStringW
WriteFile
ExpandEnvironmentStringsW
FindNextFileW
GetEnvironmentVariableW
FindFirstFileW
IsValidLocale
FindFirstFileExW
GetProcAddress
ReadConsoleW
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetNativeSystemInfo
GetLastError
LCMapStringW
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
GetTimeFormatW
GetEnvironmentStringsW
VirtualQuery
lstrlenW
Process32NextW
SwitchToThread
SizeofResource
GetCurrentProcessId
LockResource
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
Process32FirstW
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
IsValidCodePage
FindResourceW
Sleep
FindResourceA
GetCurrentThreadId
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetMalloc
ShellExecuteA
GetComputerObjectNameW
SetFocus
CreateDialogIndirectParamW
DrawTextW
SetClassLongW
ShowWindow
ShowScrollBar
MessageBoxW
PeekMessageW
GetWindowRect
EnableWindow
MoveWindow
MessageBoxA
SendDlgItemMessageW
SetDlgItemTextW
DispatchMessageW
CreateDialogParamW
ReleaseDC
SendMessageW
TranslateMessage
GetSystemMetrics
SendMessageA
SetWindowTextW
GetDlgItem
SystemParametersInfoW
ScreenToClient
LoadImageW
IsDialogMessageW
GetClientRect
GetDialogBaseUnits
LoadCursorW
LoadIconW
GetFocus
GetDC
MsgWaitForMultipleObjects
SetForegroundWindow
SetCursor
ExitWindowsEx
DestroyWindow
InternetCrackUrlW
InternetCombineUrlW
Ord(78)
Ord(150)
Ord(8)
Ord(92)
CoUninitialize
CoInitialize
PE exports
Number of PE resources by type
Struct(43) 92
RT_ICON 18
RT_DIALOG 3
Struct(40) 3
Struct(44) 2
Struct(45) 2
RT_GROUP_ICON 2
RT_MANIFEST 1
RT_VERSION 1
Struct(41) 1
Number of PE resources by language
NEUTRAL 100
ENGLISH US 25
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
14.0

ImageVersion
10.0

FileVersionNumber
14.0.23107.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Setup

ImageFileCharacteristics
Executable, Large address aware, 32-bit

CharacterSet
Unicode

InitializedDataSize
181248

EntryPoint
0x330c2

OriginalFileName
setup.exe

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
14.0.23107.0 built by: D14REL

TimeStamp
2015:07:06 23:26:33-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
setup.exe

ProductVersion
14.0.23107.0

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
364544

FileSubtype
0

ProductVersionNumber
14.0.23107.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 06ff2001227104ecd2d7a43018d73dec
SHA1 227042feb51525818ae4ba73699194059911280a
SHA256 352deb88c79339db3a6e3f70c85129bb427581d970b9bf1c2c83591348aa7179
ssdeep
12288:kDPdsil5fCMggBIiMVO26kk+FGieMb01JQntLOCVGUM:kD1s2ts96kT5emV6

authentihash 21ee173f823b90e3d505cd978038d0f8aa04fad455d8ef3162140f20cf2ab286
imphash 81fd276d49dcfb5944ab1253641f139e
File size 537.5 KB ( 550416 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (72.3%)
Win32 Executable (generic) (11.8%)
OS/2 Executable (generic) (5.3%)
Generic Win/DOS Executable (5.2%)
DOS Executable Generic (5.2%)
Tags
peexe overlay signed via-tor

VirusTotal metadata
First submission 2016-08-05 17:51:54 UTC (il y a 2 ans, 6 mois)
Last submission 2018-11-14 11:23:55 UTC (il y a 3 mois)
Noms du fichier mycashbar_setup.exe
de6ae0df0e969ba4b99c5f573c428948.safe
setup.exe
setup(1).exe
setup mycashbar.exe
setup (2).exe
Setup MiCachBar.exe
setup.exe
setup.exe
setup.exe
setup cashmybar.exe
setup.exe
setup[1].exe
de6ae0df0e969ba4b99c5f573c428948.safe
148506420
setup.exe
mycashbar.exe
MCB setup.exe
setup.exe
CashMyBar_setup.exe
setup (1).exe
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files
Deleted files
Runtime DLLs
UDP communications