× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: feb1cea29faa1019fc9d7716bd366efbaae68fe776e794dbe43830db0f9894cb
ファイル名: RealTimes-RealPlayer_ja.exe
検出率: 0 / 68
分析日時: 2019-02-25 22:53:09 UTC (2 ヶ月, 3 週間前)
ウイルス対策ソフト 結果 更新日
Acronis 20190222
Ad-Aware 20190225
AegisLab 20190225
AhnLab-V3 20190225
Alibaba 20180921
ALYac 20190225
Antiy-AVL 20190225
Arcabit 20190225
Avast 20190225
Avast-Mobile 20190225
AVG 20190225
Avira (no cloud) 20190225
Babable 20180918
Baidu 20190215
BitDefender 20190225
Bkav 20190222
CAT-QuickHeal 20190225
ClamAV 20190225
CMC 20190225
Comodo 20190225
CrowdStrike Falcon (ML) 20190212
Cybereason 20190109
Cylance 20190225
Cyren 20190225
DrWeb 20190225
eGambit 20190225
Emsisoft 20190225
Endgame 20190215
ESET-NOD32 20190225
F-Prot 20190225
F-Secure 20190225
Fortinet 20190225
GData 20190225
Ikarus 20190225
Sophos ML 20181128
Jiangmin 20190225
K7AntiVirus 20190225
K7GW 20190225
Kaspersky 20190225
Kingsoft 20190225
Malwarebytes 20190225
MAX 20190225
McAfee 20190225
McAfee-GW-Edition 20190225
Microsoft 20190225
eScan 20190225
NANO-Antivirus 20190225
Palo Alto Networks (Known Signatures) 20190225
Panda 20190225
Qihoo-360 20190225
Rising 20190225
SentinelOne (Static ML) 20190203
Sophos AV 20190225
SUPERAntiSpyware 20190220
Symantec 20190225
Symantec Mobile Insight 20190220
TACHYON 20190225
Tencent 20190225
TheHacker 20190225
TotalDefense 20190225
Trapmine 20190123
TrendMicro-HouseCall 20190225
Trustlook 20190225
VBA32 20190225
ViRobot 20190225
Webroot 20190225
Yandex 20190225
Zillya 20190225
ZoneAlarm by Check Point 20190225
Zoner 20190225
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright ゥ RealNetworks, Inc. 1995-2017

Product セットアップ プログラムのシェル実行可能ファイル (32-bit)
Original name RNSetup.DLL
Internal name RNSETUP
File version 18.1.16.215
Description セットアップ プログラムのシェル実行可能ファイル
Signature verification Signed file, verified signature
Signing date 10:57 PM 2/25/2019
Signers
[+] RealNetworks, Inc.
Status Valid
Issuer thawte SHA256 Code Signing CA
Valid from 12:00 AM 07/26/2017
Valid to 11:59 PM 08/14/2019
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 95A81189980CE7D96C825D9F452FC18551775F0E
Serial number 79 75 BE 18 5D D3 B5 E5 CB 86 71 2E AA CC 41 DF
[+] thawte SHA256 Code Signing CA
Status Valid
Issuer thawte Primary Root CA
Valid from 12:00 AM 12/10/2013
Valid to 11:59 PM 12/09/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint D00CFDBF46C98A838BC10DC4E097AE0152C461BC
Serial number 71 A0 B7 36 95 DD B1 AF C2 3B 2B 9A 18 EE 54 CB
[+] thawte
Status Valid
Issuer thawte Primary Root CA
Valid from 12:00 AM 11/17/2006
Valid to 11:59 PM 07/16/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 91C6D6EE3E8AC86384E548C299295C756C817B81
Serial number 34 4E D5 57 20 D5 ED EC 49 F4 2F CE 37 DB 2B 6D
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 12:00 AM 10/18/2012
Valid to 11:59 PM 12/29/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 12/21/2012
Valid to 11:59 PM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 01/01/1997
Valid to 11:59 PM 12/31/2020
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-02-21 03:22:53
Entry Point 0x0000D2D9
Number of sections 7
PE sections
Overlays
MD5 f9bc16b15b4a7002fa831684d14abef5
File type data
Offset 66169856
Size 12696
Entropy 7.38
PE imports
GetTokenInformation
RegCloseKey
OpenProcessToken
RegQueryValueExA
AllocateAndInitializeSid
RegSetValueExA
SystemFunction036
EqualSid
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyA
RegQueryValueExW
SetBkColor
GetDeviceCaps
CreateSolidBrush
DeleteObject
SetTextColor
GetStdHandle
GetDriveTypeW
FileTimeToSystemTime
WaitForSingleObject
GetDriveTypeA
FindNextFileA
HeapDestroy
EncodePointer
SystemTimeToTzSpecificLocalTime
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
LocalAlloc
UnhandledExceptionFilter
SetErrorMode
FreeEnvironmentStringsW
InitializeSListHead
GetThreadContext
SetStdHandle
GetTempPathA
WideCharToMultiByte
GetDiskFreeSpaceW
WriteFile
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
Thread32First
GetDiskFreeSpaceA
GetStringTypeW
SetFileAttributesA
GetOEMCP
LocalFree
MoveFileA
IsWow64Process
GetEnvironmentVariableA
OutputDebugStringW
FindClose
TlsGetValue
SetFileAttributesW
SetLastError
PeekNamedPipe
OpenThread
LocalLock
LoadResource
RemoveDirectoryW
CopyFileA
HeapAlloc
RemoveDirectoryA
LoadLibraryA
Module32First
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
GetModuleHandleA
GetFullPathNameW
CreateThread
SetEnvironmentVariableW
MoveFileExW
GetSystemDirectoryW
Module32Next
SetUnhandledExceptionFilter
SetDllDirectoryA
IsProcessorFeaturePresent
DecodePointer
SetEnvironmentVariableA
TerminateProcess
GetModuleHandleExW
SetCurrentDirectoryW
VirtualQuery
CreateEventW
ReadConsoleW
GetCurrentThreadId
SetCurrentDirectoryA
WriteConsoleW
CloseHandle
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
OpenProcess
TerminateThread
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
FlushFileBuffers
InitializeCriticalSectionEx
RtlUnwind
Process32Next
TzSpecificLocalTimeToSystemTime
Process32First
DeleteFileA
GetWindowsDirectoryA
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CompareStringW
GetModuleFileNameW
GetFileInformationByHandle
FindFirstFileExA
FindNextFileW
ResetEvent
Thread32Next
FindFirstFileExW
SetEvent
GetTimeZoneInformation
CreateFileW
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LocalUnlock
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
LCMapStringW
GetConsoleCP
FindResourceW
HeapReAlloc
GetEnvironmentStringsW
WaitForSingleObjectEx
GetModuleFileNameA
GetCPInfo
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
K32GetProcessMemoryInfo
RaiseException
TlsFree
SetFilePointer
ReadFile
SetEndOfFile
FindFirstFileA
GetACP
GetModuleHandleW
FreeResource
GetFileAttributesExW
IsValidCodePage
FindResourceExW
CreateProcessW
IsBadReadPtr
FindResourceA
GetFullPathNameA
SHGetKnownFolderPath
SHCreateDirectoryExA
SHCreateDirectoryExW
SHGetFolderPathW
PathAddBackslashW
PathFileExistsW
PathAppendW
GetMessageA
GetParent
CharPrevA
EndDialog
CreateDialogIndirectParamA
PostQuitMessage
DefWindowProcA
FindWindowA
SetWindowPos
SendDlgItemMessageA
CharLowerA
IsWindow
GetWindowRect
DispatchMessageA
UpdateWindow
MessageBoxA
PeekMessageA
TranslateMessage
CharUpperA
GetSysColor
GetDC
ReleaseDC
SystemParametersInfoA
SetWindowTextA
LoadStringA
GetSystemMetrics
SendMessageA
RegisterClassA
InvalidateRect
CreateWindowExA
LoadIconA
CharNextA
PostThreadMessageA
IsDialogMessageA
DestroyWindow
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueA
SymGetSymFromAddr
SymSetOptions
MiniDumpWriteDump
SymUnloadModule
SymGetLineFromAddr
SymGetOptions
SymCleanup
SymInitialize
SymLoadModule
SymSetSearchPath
CoTaskMemFree
Number of PE resources by type
RT_ICON 5
BINARY 2
RT_DIALOG 2
RT_STRING 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
JAPANESE DEFAULT 11
ENGLISH US 3
PE resources
Debug information
ExifTool file metadata
CodeSize
249344

SubsystemVersion
6.0

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
18.1.16.215

LanguageCode
Japanese

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Japan (Shift - JIS X-0208)

InitializedDataSize
65919488

EntryPoint
0xd2d9

OriginalFileName
RNSetup.DLL

MIMEType
application/octet-stream

LegalCopyright
Copyright RealNetworks, Inc. 1995-2017

FileVersion
18.1.16.215

TimeStamp
2019:02:21 04:22:53+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
RNSETUP

ProductVersion
18.1.16.215

UninitializedDataSize
0

OSVersion
6.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
RealNetworks, Inc.

LegalTrademarks
RealAudio(tm) is a trademark of RealNetworks, Inc.

ProductName
(32-bit)

ProductVersionNumber
18.1.16.215

FileTypeExtension
exe

ObjectFileType
Unknown

Execution parents
File identification
MD5 b3b87f773f13ca47e2eefa4b9ad47c00
SHA1 1d9222ad88b3fa7431d68f698e6c7e34e39d8c82
SHA256 feb1cea29faa1019fc9d7716bd366efbaae68fe776e794dbe43830db0f9894cb
ssdeep
1572864:mx1YyruigZ5jKMv5/VmuphYVQuD1MpzdRcHEZZqggN:mzuigOy/VmieVn1MpzrckZAg

authentihash 8e859c3585ded0422a3627e6467331c13de265768b4dfcfc0bcec642b0fb61e8
imphash 7b8cb9f445eb57774b4a5cd5ddbd00b5
File size 63.1 MB ( 66182552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID DirectShow filter (58.3%)
Windows ActiveX control (33.7%)
Microsoft Visual C++ compiled executable (generic) (4.7%)
Win32 Executable (generic) (1.3%)
OS/2 Executable (generic) (0.5%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2019-02-25 22:53:09 UTC (2 ヶ月, 3 週間前)
Last submission 2019-02-25 22:53:09 UTC (2 ヶ月, 3 週間前)
ファイル名 RNSETUP
realtimes-realplayer_ja[1].exe
RealTimes-RealPlayer_ja.exe
RNSetup.DLL
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。