× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: c6c56b2e2979e6bab471e7a77bd7e6ee23de06626838d7f5c2da43239fcabf9a
Nom du fichier : c6c56b2e2979e6bab471e7a77bd7e6ee23de06626838d7f5c2da43239fcabf9a
Ratio de détection : 1 / 51
Date d'analyse : 2014-04-08 13:58:33 UTC (il y a 5 ans) Voir les derniers
Antivirus Résultat Mise à jour
DrWeb BackDoor.PcClient.6226 20140408
Ad-Aware 20140408
AegisLab 20140408
Yandex 20140408
AhnLab-V3 20140408
AntiVir 20140408
Antiy-AVL 20140408
Avast 20140408
AVG 20140408
Baidu-International 20140408
BitDefender 20140408
Bkav 20140408
ByteHero 20140408
CAT-QuickHeal 20140408
ClamAV 20140408
CMC 20140408
Commtouch 20140408
Comodo 20140408
Emsisoft 20140408
ESET-NOD32 20140408
F-Prot 20140408
F-Secure 20140408
Fortinet 20140408
GData 20140408
Ikarus 20140408
Jiangmin 20140408
K7AntiVirus 20140408
K7GW 20140408
Kaspersky 20140408
Kingsoft 20140408
Malwarebytes 20140408
McAfee 20140408
McAfee-GW-Edition 20140408
Microsoft 20140408
eScan 20140408
NANO-Antivirus 20140408
Norman 20140408
nProtect 20140408
Panda 20140408
Qihoo-360 20140408
Rising 20140408
Sophos AV 20140408
SUPERAntiSpyware 20140408
Symantec 20140408
TheHacker 20140408
TotalDefense 20140408
TrendMicro 20140408
TrendMicro-HouseCall 20140408
VBA32 20140408
VIPRE 20140408
ViRobot 20140408
The file being studied is a Windows Installer file! These types of files are software components used for the installation, maintenance, and removal of software on modern Microsoft Windows systems.
Authenticode signature block
Publisher BitTorrent Inc
Signature verification A certificate was explicitly revoked by its issuer.
Signers
[+] BitTorrent Inc
Status Certificate out of its validity period
Valid from 1:00 AM 6/21/2010
Valid to 12:59 AM 7/27/2013
Valid usage Code Signing
Algorithm SHA1
Thumbrint 1D132064BA317AC022DF309CCC750DA6E6A7A144
Serial number 36 BC 30 56 2A 65 0A FA A5 AD 10 1E CD 64 3A B4
[+] VeriSign Class 3 Code Signing 2009-2 CA
Status Valid
Valid from 1:00 AM 5/21/2009
Valid to 12:59 AM 5/21/2019
Valid usage Client Auth, Code Signing
Algorithm SHA1
Thumbrint 12D4872BC3EF019E7E0B6F132480AE29DB5B1CA3
Serial number 65 52 26 E1 B2 2E 18 E1 59 0F 29 85 AC 22 E7 5C
[+] VeriSign Class 3 Public Primary CA
Status Valid
Valid from 1:00 AM 1/29/1996
Valid to 12:59 AM 8/2/2028
Valid usage Email Protection, Client Auth, Code Signing, Server Auth
Algorithm MD2
Thumbrint 742C3192E607E424EB4549542BE1BBC53E6174E2
Serial number 70 BA E4 1D 10 D9 29 34 B6 38 CA 7B 03 CC BA BF
Counter signers
[+] Symantec Time Stamping Services Signer - G3
Status Certificate out of its validity period
Valid from 1:00 AM 5/1/2012
Valid to 12:59 AM 1/1/2013
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 8FD99D63FB3AFBD534A4F6E31DACD27F59504021
Serial number 79 A2 A5 85 F9 D1 15 42 13 D9 B8 3E F6 B6 8D ED
[+] VeriSign Time Stamping Services CA
Status Certificate out of its validity period
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm MD5
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
ExifTool file metadata
MIMEType
image/vnd.fpx

FileType
FPX

FileCreateDate
2015:01:15 02:08:37+01:00

FileAccessDate
2015:01:15 02:08:37+01:00

File identification
MD5 2058b47d85f467f91eb5460a0c0684d3
SHA1 8d70476a5c02a5badb60ea4bbaa607535cbc1c8d
SHA256 c6c56b2e2979e6bab471e7a77bd7e6ee23de06626838d7f5c2da43239fcabf9a
ssdeep
24576:SXu7zNy3RjOvpU4w0LzWZYAWa6YSzbCVY0hvtZGcxpvBpfH7dn+12YTAR7kjxAB:SXuVy3R2pU4wZZHv6DCVjhzGcxBB1EfA

File size 1.4 MB ( 1433600 bytes )
File type Windows Installer
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1252, Title: Installation Database, Subject: Installer for the Torque plugin, Author: BitTorrent, Inc, Keywords: Installer, Comments: This installer database contains the logic and data required to install Torque Plugin., Template: Intel

TrID Microsoft Windows Installer (98.6%)
Generic OLE2 / Multistream Compound File (1.3%)
Tags
msi signed

VirusTotal metadata
First submission 2013-01-09 21:06:03 UTC (il y a 6 ans, 3 mois)
Last submission 2015-04-15 22:57:34 UTC (il y a 4 ans)
Noms du fichier 666c5a3.msi
file-7277186_msi
c6c56b2e2979e6bab471e7a77bd7e6ee23de06626838d7f5c2da43239fcabf9a
Torque.msi
Torque.msi
Torque.msi
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

ExifTool file metadata
MIMEType
image/vnd.fpx

FileType
FPX

FileCreateDate
2015:01:15 02:08:37+01:00

FileAccessDate
2015:01:15 02:08:37+01:00

Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !