× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 5a18acd14ef36dde99862589a57c17111bfb9d8fe310159b3540a6480cded06d
Nom du fichier : ultdata-ios.exe
Ratio de détection : 0 / 65
Date d'analyse : 2019-03-20 17:01:04 UTC (il y a 2 mois) Voir les derniers
Antivirus Résultat Mise à jour
Acronis 20190320
Ad-Aware 20190320
AegisLab 20190320
AhnLab-V3 20190320
Alibaba 20190306
ALYac 20190320
Antiy-AVL 20190320
Arcabit 20190320
Avast 20190320
Avast-Mobile 20190320
AVG 20190320
Avira (no cloud) 20190320
Babable 20180918
Baidu 20190318
BitDefender 20190320
Bkav 20190320
CAT-QuickHeal 20190319
ClamAV 20190320
CMC 20190320
Comodo 20190320
CrowdStrike Falcon (ML) 20190212
Cybereason 20190109
Cyren 20190320
DrWeb 20190320
eGambit 20190320
Emsisoft 20190320
Endgame 20190215
ESET-NOD32 20190320
F-Prot 20190320
F-Secure 20190320
Fortinet 20190320
GData 20190320
Ikarus 20190320
Sophos ML 20190313
Jiangmin 20190320
K7AntiVirus 20190320
K7GW 20190320
Kaspersky 20190320
Kingsoft 20190320
Malwarebytes 20190320
MAX 20190320
McAfee 20190320
McAfee-GW-Edition 20190320
Microsoft 20190320
eScan 20190320
NANO-Antivirus 20190320
Palo Alto Networks (Known Signatures) 20190320
Panda 20190320
Qihoo-360 20190320
Rising 20190320
SentinelOne (Static ML) 20190317
Sophos AV 20190320
SUPERAntiSpyware 20190314
Symantec Mobile Insight 20190220
TACHYON 20190320
Tencent 20190320
TheHacker 20190319
TotalDefense 20190318
Trapmine 20190301
TrendMicro-HouseCall 20190320
Trustlook 20190320
VBA32 20190320
ViRobot 20190320
Yandex 20190320
Zillya 20190320
ZoneAlarm by Check Point 20190320
Zoner 20190320
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (C) 2007-2019 Tenorshare Co.,Ltd.

Product 2019-1-18 16:56:27
File version 2.4.0.3
Description Tenorshare UltData
Signature verification Signed file, verified signature
Signing date 12:32 PM 1/18/2019
Signers
[+] Tenorshare Co.,Ltd.
Status Valid
Issuer Symantec Class 3 SHA256 Code Signing CA
Valid from 12:00 AM 06/19/2018
Valid to 11:59 PM 07/04/2021
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint D5FFFAA81CB21115D2CA1C7E2C9E6B8B20E0AAD9
Serial number 11 78 FE 14 2A 9B 29 35 58 D9 34 DD 93 B8 F3 A1
[+] Symantec Class 3 SHA256 Code Signing CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 01:00 AM 12/10/2013
Valid to 12:59 AM 12/10/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint 007790F6561DAD89B0BCD85585762495E358F8A5
Serial number 3D 78 D7 F9 76 49 60 B2 61 7D F4 F0 1E CA 86 2A
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 01:00 AM 11/08/2006
Valid to 11:59 PM 07/16/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 12:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 01:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 01:00 AM 01/01/1997
Valid to 12:59 AM 01/01/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-01-18 09:49:53
Entry Point 0x00314270
Number of sections 3
PE sections
Overlays
MD5 89aa8e2930862eabee035c6bde6e3f6e
File type data
Offset 1400832
Size 13024
Entropy 7.35
PE imports
RegCloseKey
SaveDC
ImmGetContext
GetAdaptersInfo
VirtualProtect
LoadLibraryA
ExitProcess
GetProcAddress
VariantInit
ShellExecuteW
PathFileExistsW
VerQueryValueW
InternetOpenA
timeGetTime
Ord(41)
getpeername
GdipFree
CoCreateGuid
Number of PE resources by type
RT_ICON 6
ZIPRES 1
RT_VERSION 1
RT_GROUP_ICON 1
RT_MANIFEST 1
Number of PE resources by language
CHINESE SIMPLIFIED 9
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
1957888

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.4.0.3

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Tenorshare UltData

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
135168

EntryPoint
0x314270

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2007-2019 Tenorshare Co.,Ltd.

FileVersion
2.4.0.3

TimeStamp
2019:01:18 10:49:53+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
2.4.0.3

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Tenorshare Co.Ltd

CodeSize
1269760

ProductName
2019-1-18 16:56:27

ProductVersionNumber
2.4.0.3

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 00c8222cca54aabc7cad9448ab33cf61
SHA1 402590eb8747a208e7a0c0c7244f243128bb4ca1
SHA256 5a18acd14ef36dde99862589a57c17111bfb9d8fe310159b3540a6480cded06d
ssdeep
24576:zpzxWi/E8H2fF4EhTvCDU0SGxXaikeMFc7RP8FaTwIGACcb3QUy:5oRz4+T8BhXtMO1P7TwYt3QUy

authentihash 9de1b44807874e3f22af0d4b27b6ab74de48993d2bce77d2a67e4e7e352e1a94
imphash e33dcf8f289596125edcd46acf97eff1
File size 1.3 MB ( 1413856 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (71.9%)
Win32 Executable (generic) (11.9%)
OS/2 Executable (generic) (5.3%)
Generic Win/DOS Executable (5.3%)
DOS Executable Generic (5.3%)
Tags
peexe signed upx overlay

VirusTotal metadata
First submission 2019-01-24 12:30:01 UTC (il y a 4 mois)
Last submission 2019-05-11 06:57:03 UTC (il y a 2 semaines)
Noms du fichier ultdata-ios.exe
ultdata-ios.exe
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections