× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: c9ecda511de33fd5a787404f8b8abc0a6650b7bfc1f97944d519e0a7701dffa6
Nom du fichier : winx-dvd-copy-pro.exe
Ratio de détection : 0 / 53
Date d'analyse : 2016-06-30 10:36:07 UTC (il y a 2 ans, 3 mois) Voir les derniers
Antivirus Résultat Mise à jour
Ad-Aware 20160630
AegisLab 20160630
Yandex 20160629
AhnLab-V3 20160630
Alibaba 20160630
Antiy-AVL 20160630
Arcabit 20160630
Avast 20160630
AVG 20160630
Avira (no cloud) 20160630
AVware 20160630
Baidu 20160630
BitDefender 20160630
Bkav 20160629
CAT-QuickHeal 20160630
ClamAV 20160630
CMC 20160630
Comodo 20160630
Cyren 20160630
DrWeb 20160630
Emsisoft 20160630
ESET-NOD32 20160630
F-Prot 20160630
F-Secure 20160630
Fortinet 20160630
GData 20160630
Ikarus 20160630
Jiangmin 20160630
K7AntiVirus 20160630
K7GW 20160630
Kaspersky 20160630
Kingsoft 20160630
Malwarebytes 20160630
McAfee 20160630
McAfee-GW-Edition 20160630
Microsoft 20160630
eScan 20160630
NANO-Antivirus 20160630
nProtect 20160630
Panda 20160629
Qihoo-360 20160630
Sophos AV 20160630
SUPERAntiSpyware 20160630
Symantec 20160630
Tencent 20160630
TheHacker 20160630
TrendMicro 20160630
TrendMicro-HouseCall 20160630
VBA32 20160629
VIPRE 20160630
ViRobot 20160630
Yandex 20160630
Zoner 20160629
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright

Product WinX DVD Copy Pro
File version 3.7.0
Description WinX DVD Copy Pro Setup
Comments This installation was built with Inno Setup.
Signature verification Signed file, verified signature
Signing date 3:40 AM 4/14/2016
Signers
[+] Digiarty, Inc.
Status Valid
Issuer Symantec Class 3 SHA256 Code Signing CA
Valid from 1:00 AM 1/7/2016
Valid to 12:59 AM 9/24/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 70DB4927617DBB0CD2718CC27E4D6FE05F8BE10B
Serial number 0D DD 68 3D 63 0A A7 70 B5 18 7C 7F 03 8B A4 B7
[+] Symantec Class 3 SHA256 Code Signing CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 12/10/2013
Valid to 12:59 AM 12/10/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint 007790F6561DAD89B0BCD85585762495E358F8A5
Serial number 3D 78 D7 F9 76 49 60 B2 61 7D F4 F0 1E CA 86 2A
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] WoSign Time Stamping Signer
Status Valid
Issuer Certification Authority of WoSign
Valid from 2:00 AM 8/8/2009
Valid to 2:00 AM 8/8/2024
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 5409B56C89BB1A881DE1A32C950D40FD6B94C74E
Serial number 25 1F 5D 98 81 82 17 2E 3C 41 9E 01 4F B0 40 4C
[+] WoSign
Status Valid
Issuer Certification Authority of WoSign
Valid from 2:00 AM 8/8/2009
Valid to 2:00 AM 8/8/2039
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha1RSA
Thumbrint B94294BF91EA8FB64BE61097C7FB001359B676CB
Serial number 5E 68 D6 11 71 94 63 50 56 00 68 F3 3E C9 C5 91
Packers identified
F-PROT INNO, appended, embedded, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-03-17 10:22:54
Entry Point 0x00016478
Number of sections 8
PE sections
Overlays
MD5 51f36fd29a0a8f35b92cda40864ca8cd
File type data
Offset 236032
Size 17569520
Entropy 8.00
PE imports
RegCloseKey
OpenProcessToken
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControls
GetLastError
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
GetSystemInfo
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetThreadLocale
VirtualProtect
GetFileAttributesW
RtlUnwind
lstrlenW
GetLocalTime
CreateProcessW
DeleteCriticalSection
GetStartupInfoA
SizeofResource
GetWindowsDirectoryW
LocalAlloc
LockResource
GetDiskFreeSpaceW
GetCommandLineW
SetErrorMode
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetCPInfo
DeleteFileW
GetProcAddress
GetDateFormatW
InterlockedCompareExchange
GetLocaleInfoW
lstrcpynW
CompareStringW
RaiseException
WideCharToMultiByte
RemoveDirectoryW
SetFilePointer
GetFullPathNameW
ReadFile
GetEnvironmentVariableW
InterlockedExchange
CreateDirectoryW
WriteFile
GetCurrentProcess
CloseHandle
FindFirstFileW
GetACP
GetModuleHandleW
SignalObjectAndWait
SetEvent
FormatMessageW
LoadLibraryW
CreateEventW
GetExitCodeProcess
GetVersion
InitializeCriticalSection
LoadResource
FindResourceW
CreateFileW
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
LeaveCriticalSection
VirtualAlloc
GetFileSize
SetLastError
ResetEvent
VariantChangeType
SafeArrayGetLBound
SafeArrayPtrOfIndex
SysAllocStringLen
VariantClear
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
SysFreeString
VariantInit
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
LoadStringW
MessageBoxA
CreateWindowExW
MsgWaitForMultipleObjects
TranslateMessage
CharUpperBuffW
CallWindowProcW
CharNextW
GetKeyboardType
ExitWindowsEx
DispatchMessageW
DestroyWindow
Number of PE resources by type
RT_STRING 6
RT_ICON 5
RT_RCDATA 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 9
ENGLISH US 9
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
3.7.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
148992

EntryPoint
0x16478

MIMEType
application/octet-stream

FileVersion
3.7.0

TimeStamp
2011:03:17 11:22:54+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

ProductVersion
3.7.0

FileDescription
WinX DVD Copy Pro Setup

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Digiarty Software,Inc.

CodeSize
86016

ProductName
WinX DVD Copy Pro

ProductVersionNumber
3.7.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 478b616e6aeb5dd07a201193720a8bf2
SHA1 c8cfb212e0ee96deae1756148d205c73ddf5c03e
SHA256 c9ecda511de33fd5a787404f8b8abc0a6650b7bfc1f97944d519e0a7701dffa6
ssdeep
393216:AgB9rjF03IOL4DFXZmIvq7TFCZIQUKYFHiF:AgB9V03IOsDTm7FCZIQUKYFHiF

authentihash 176a782a88dc135b48ffec4380e3c75ee3d29c556599440c94b1c52ce4193dac
imphash 483f0c4259a9148c34961abbda6146c1
File size 17.0 MB ( 17805552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Inno Setup installer (89.6%)
Win32 Executable (generic) (3.6%)
Win16/32 Executable Delphi generic (1.6%)
OS/2 Executable (generic) (1.6%)
Generic Win/DOS Executable (1.6%)
Tags
peexe overlay signed via-tor

VirusTotal metadata
First submission 2016-04-14 14:09:00 UTC (il y a 2 ans, 6 mois)
Last submission 2018-04-30 11:06:27 UTC (il y a 5 mois, 3 semaines)
Noms du fichier WinX DVD Copy Pro.exe
winx-dvd-copy-pro.exe
winx-dvd-copy-pro.exe
dvdcopy.exe
winx-dvd-copy-pro370.exe
winx-dvd-copy-pro.exe
C9ECDA511DE33FD5A787404F8B8ABC0A6650B7BFC1F97944D519E0A7701DFFA6.exe
winx-dvd-copy-pro370.exe
837378
winx-dvd-copy-pro.exe
C9ECDA511DE33FD5A787404F8B8ABC0A6650B7BFC1F97944D519E0A7701DFFA6.exe
winx-dvd-copy-pro.exe
winx-dvd-copy-pro.exe
winx-dvd-copy-pro.exe
winx-dvd-copy-pro BR-VJVEVQJL-ZYOOUX.exe
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Runtime DLLs
UDP communications