× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: 979939c3df6b94c9d6db776b61e3d2dab2207de4d557927e42f89f0ef456a610
ファイル名: TrustViewerSetup.exe
検出率: 2 / 67
分析日時: 2017-11-12 05:07:39 UTC (1 週間, 4 日前) 最新を表示
ウイルス対策ソフト 結果 更新日
CrowdStrike Falcon (ML) malicious_confidence_80% (D) 20171016
Cylance Unsafe 20171112
Ad-Aware 20171112
AegisLab 20171112
AhnLab-V3 20171111
Alibaba 20170911
ALYac 20171110
Antiy-AVL 20171112
Arcabit 20171110
Avast 20171112
Avast-Mobile 20171111
AVG 20171112
Avira (no cloud) 20171111
AVware 20171111
Baidu 20171109
BitDefender 20171112
Bkav 20171111
CAT-QuickHeal 20171111
ClamAV 20171111
CMC 20171109
Comodo 20171112
Cybereason 20171030
Cyren 20171112
DrWeb 20171112
eGambit 20171112
Emsisoft 20171112
Endgame 20171024
ESET-NOD32 20171111
F-Prot 20171112
F-Secure 20171112
Fortinet 20171112
GData 20171112
Ikarus 20171111
Sophos ML 20170914
Jiangmin 20171110
K7AntiVirus 20171112
K7GW 20171112
Kaspersky 20171112
Kingsoft 20171112
Malwarebytes 20171112
MAX 20171112
McAfee 20171112
McAfee-GW-Edition 20171112
Microsoft 20171112
eScan 20171112
NANO-Antivirus 20171112
nProtect 20171112
Palo Alto Networks (Known Signatures) 20171112
Panda 20171111
Qihoo-360 20171112
Rising 20171112
SentinelOne (Static ML) 20171019
Sophos AV 20171112
SUPERAntiSpyware 20171112
Symantec 20171111
Symantec Mobile Insight 20171110
Tencent 20171112
TheHacker 20171112
TrendMicro 20171112
TrendMicro-HouseCall 20171112
Trustlook 20171112
VBA32 20171110
VIPRE 20171112
ViRobot 20171111
Webroot 20171112
WhiteArmor 20171104
Yandex 20171110
Zillya 20171110
ZoneAlarm by Check Point 20171112
Zoner 20171112
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Signature verification A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signing date 5:17 AM 11/21/2017
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00009574
Number of sections 8
PE sections
Overlays
MD5 3c1f6d870b6379cfe85ece5ec4c0eabd
File type data
Offset 1759232
Size 960
Entropy 7.14
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetStdHandle
EnterCriticalSection
lstrlenA
GlobalFree
FreeLibrary
ExitProcess
GetThreadLocale
GetVersionExA
VirtualProtect
GlobalUnlock
GetModuleFileNameA
GlobalAlloc
RtlUnwind
LoadLibraryA
DeleteCriticalSection
GetStartupInfoA
LoadLibraryExA
SizeofResource
GetLocaleInfoA
LocalAlloc
LockResource
GetCPInfo
UnhandledExceptionFilter
GetCommandLineA
GetProcAddress
RaiseException
WideCharToMultiByte
GetModuleHandleA
FindFirstFileA
WriteFile
EnumCalendarInfoA
CompareStringA
lstrcpynA
GetACP
GlobalLock
GetVersion
FreeResource
GetDiskFreeSpaceA
LocalFree
InitializeCriticalSection
LoadResource
VirtualQuery
VirtualFree
FindClose
TlsGetValue
TlsSetValue
GetCurrentThreadId
FindResourceA
VirtualAlloc
LeaveCriticalSection
SysReAllocStringLen
SysFreeString
GetSystemMetrics
LoadStringA
CharNextA
MessageBoxA
GetKeyboardType
CharToOemA
Number of PE resources by type
RT_ICON 8
RT_STRING 5
RT_RCDATA 3
RT_GROUP_ICON 2
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 7
RUSSIAN 6
ENGLISH US 6
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
35840

LinkerVersion
2.25

EntryPoint
0x9574

InitializedDataSize
1722368

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 bc9271141f7aa112a2a2f154dc6f33a0
SHA1 f7f9dfd7c395716d3a05125e9f4af5fd7fdf900f
SHA256 979939c3df6b94c9d6db776b61e3d2dab2207de4d557927e42f89f0ef456a610
ssdeep
49152:GNnS7TVd4NOqlDl4UwJTlVY9BIMhFnhLRHgI8A:GweOaDl4USyB7VRHgIV

authentihash f2332c3472a78acab3484cd54394f5d225d05e619407c10c7d243354e6f34f09
imphash 6156ec1110cbf8ff9d744b5cb97a9367
File size 1.7 MB ( 1760192 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Delphi generic (57.2%)
Win32 Executable (generic) (18.2%)
Win16/32 Executable Delphi generic (8.3%)
Generic Win/DOS Executable (8.0%)
DOS Executable Generic (8.0%)
Tags
peexe overlay

VirusTotal metadata
First submission 2017-11-01 19:33:06 UTC (3 週間前)
Last submission 2017-11-21 04:17:27 UTC (2 日, 3 時間前)
ファイル名 TrustViewer.exe
TrustViewerSetup.exe
trustviewer.exe
TrustViewerSetup.exe
1002-f7f9dfd7c395716d3a05125e9f4af5fd7fdf900f
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs
UDP communications