× I cookies sono disabilitati! Questo sito richiede i cookies abilitati per funzionare correttamente
SHA256: d685b2f5f7128597b34605e196d52edfe5161b7ae7da239d81a949eb9c3d9d3d
Nome del file: Decoder2DPlusSetup3.3.19.0.exe
Rapporto rilevamento: 0 / 63
Data analisi: 2017-08-31 08:24:49 UTC ( 3 mesi, 1 settimana fa ) Leggli gli ultimi
Antivirus Risultato Aggiornamento
Ad-Aware 20170831
AegisLab 20170831
AhnLab-V3 20170831
Alibaba 20170831
ALYac 20170831
Antiy-AVL 20170831
Arcabit 20170831
Avast 20170831
AVG 20170831
Avira (no cloud) 20170831
AVware 20170831
Baidu 20170831
BitDefender 20170831
Bkav 20170830
CAT-QuickHeal 20170830
ClamAV 20170831
CMC 20170828
Comodo 20170831
CrowdStrike Falcon (ML) 20170804
Cylance 20170831
Cyren 20170831
DrWeb 20170831
Emsisoft 20170831
Endgame 20170821
ESET-NOD32 20170831
F-Prot 20170831
F-Secure 20170831
Fortinet 20170831
GData 20170831
Ikarus 20170831
Sophos ML 20170822
Jiangmin 20170831
K7AntiVirus 20170831
K7GW 20170831
Kaspersky 20170831
Kingsoft 20170831
Malwarebytes 20170831
MAX 20170831
McAfee 20170831
McAfee-GW-Edition 20170831
Microsoft 20170831
eScan 20170831
NANO-Antivirus 20170831
nProtect 20170831
Palo Alto Networks (Known Signatures) 20170831
Panda 20170830
Qihoo-360 20170831
Rising 20170831
SentinelOne (Static ML) 20170806
Sophos AV 20170831
SUPERAntiSpyware 20170831
Symantec 20170831
Symantec Mobile Insight 20170831
TheHacker 20170828
TrendMicro 20170831
TrendMicro-HouseCall 20170831
Trustlook 20170831
VBA32 20170830
VIPRE 20170831
ViRobot 20170831
Webroot 20170831
WhiteArmor 20170829
Yandex 20170830
Zillya 20170829
ZoneAlarm by Check Point 20170831
Zoner 20170831
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © 2017 GT50 S.r.l.

Product Decoder2DPlus
File version
Description Decoder2DPlus Setup
Comments This installation was built with Inno Setup.
Signature verification Signed file, verified signature
Signing date 9:16 AM 8/31/2017
Signers
[+] GT50
Status Valid
Issuer COMODO RSA Code Signing CA
Valid from 1:00 AM 4/12/2017
Valid to 12:59 AM 4/13/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 930E13D67C72ED238A65B4E1CEED4AE85534C4D3
Serial number 00 C4 7F E7 4B 83 6C 4E EC D9 D5 20 B7 4A 01 71 67
[+] COMODO RSA Code Signing CA
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 5/9/2013
Valid to 12:59 AM 5/9/2028
Valid usage Code Signing
Algorithm sha384RSA
Thumbprint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
[+] COMODO SECURE™
Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 1/19/2010
Valid to 12:59 AM 1/19/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha384RSA
Thumbprint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
Counter signers
[+] COMODO SHA-256 Time Stamping Signer
Status Valid
Issuer UTN-USERFirst-Object
Valid from 1:00 AM 12/31/2015
Valid to 7:40 PM 7/9/2019
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 36527D4FA26A68F9EB4596F1D99ABB2C0EA76DFA
Serial number 4E B0 87 8F CC 24 35 36 B2 D8 C9 F7 BF 39 55 77
[+] USERTrust (Code Signing)
Status Valid
Issuer UTN-USERFirst-Object
Valid from 7:31 PM 7/9/1999
Valid to 7:40 PM 7/9/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm sha1RSA
Thumbrint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
Packers identified
F-PROT INNO, appended, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-04-06 14:39:04
Entry Point 0x000117DC
Number of sections 8
PE sections
Overlays
MD5 a35fc8ae2f79248accaf177d3c243a55
File type data
Offset 119808
Size 13097272
Entropy 8.00
PE imports
RegCloseKey
OpenProcessToken
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControls
GetLastError
GetStdHandle
GetUserDefaultLangID
GetSystemInfo
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetThreadLocale
VirtualProtect
GetFileAttributesW
RtlUnwind
lstrlenW
GetExitCodeProcess
CreateProcessW
GetStartupInfoA
SizeofResource
GetWindowsDirectoryW
LocalAlloc
LockResource
GetDiskFreeSpaceW
GetCommandLineW
SetErrorMode
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetCPInfo
DeleteFileW
GetProcAddress
InterlockedCompareExchange
GetLocaleInfoW
lstrcpynW
RaiseException
WideCharToMultiByte
RemoveDirectoryW
SetFilePointer
GetSystemDirectoryW
GetFullPathNameW
ReadFile
GetEnvironmentVariableW
InterlockedExchange
CreateDirectoryW
WriteFile
GetCurrentProcess
CloseHandle
FindFirstFileW
GetACP
GetModuleHandleW
SignalObjectAndWait
SetEvent
FormatMessageW
LoadLibraryW
CreateEventW
GetVersion
LoadResource
FindResourceW
CreateFileW
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
SetEndOfFile
TlsSetValue
ExitProcess
GetCurrentThreadId
VirtualAlloc
GetFileSize
SetLastError
ResetEvent
SysReAllocStringLen
SysFreeString
SysAllocStringLen
GetSystemMetrics
SetWindowLongW
MessageBoxW
PeekMessageW
LoadStringW
MessageBoxA
CreateWindowExW
MsgWaitForMultipleObjects
TranslateMessage
CharUpperBuffW
CallWindowProcW
CharNextW
GetKeyboardType
ExitWindowsEx
DispatchMessageW
DestroyWindow
Number of PE resources by type
RT_STRING 6
RT_RCDATA 4
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 9
ENGLISH US 5
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
52224

EntryPoint
0x117dc

MIMEType
application/octet-stream

LegalCopyright
Copyright 2017 GT50 S.r.l.

TimeStamp
2016:04:06 15:39:04+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

ProductVersion
3.3.19.0 NoXP

FileDescription
Decoder2DPlus Setup

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
GT50 S.r.l.

CodeSize
66560

ProductName
Decoder2DPlus

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 d9606d515603ae214616c7d5d4d9c6b6
SHA1 59645586c5e9501684abcd9281dd45d6a08964a5
SHA256 d685b2f5f7128597b34605e196d52edfe5161b7ae7da239d81a949eb9c3d9d3d
ssdeep
393216:lGa9t1fDgPcwqTsaE4JxQopp59u8FEHIVLDpyj3:4a9jxwqTsf4Bb9u8FEOLDp

authentihash 35583e34f790c4c3f70554f66578bd9a149afd3afdb639681bc8844a17d8ccb9
imphash 20dd26497880c05caed9305b3c8b9109
File size 12.6 MB ( 13217080 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Delphi generic (45.2%)
Win32 Dynamic Link Library (generic) (20.9%)
Win32 Executable (generic) (14.3%)
Win16/32 Executable Delphi generic (6.6%)
Generic Win/DOS Executable (6.3%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2017-08-31 08:24:49 UTC ( 3 mesi, 1 settimana fa )
Last submission 2017-09-30 17:20:17 UTC ( 2 mesi, 1 settimana fa )
Nomi dei files Decoder2DPlusSetup3.3.19.0.exe
Nessun commento. Nessun membro della Comunità di VirusTotal ha commentato questo item, sii il primo a farlo!

Lascia il tuo commento...

?
Posta commento

Non ti sei ancora collegato. Solo gli utenti registrati possono commentare, collegati ed esprimi il tuo giudizio!

Nessun voto. Nessuno ha ancora votato questo item, sii il primo a farlo!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Created mutexes
Runtime DLLs