× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: 511d1eb081aa19187424b4fab9138d855a3a566c817d24cd5f18a525cef3e87b
Nome do arquivo: cfw_installer.exe
Taxa de detecção: 1 / 45
Data da análise: 2013-08-25 04:45:34 UTC ( 5 anos, 9 meses atrás )
Antivírus Resultado Atualização
VBA32 Malware-Cryptor.Inject.gen.2 20130824
Yandex 20130824
AhnLab-V3 20130824
AntiVir 20130824
Antiy-AVL 20130825
Avast 20130825
AVG 20130824
BitDefender 20130825
ByteHero 20130814
CAT-QuickHeal 20130824
ClamAV 20130825
Commtouch 20130825
Comodo 20130825
DrWeb 20130825
Emsisoft 20130825
ESET-NOD32 20130824
F-Prot 20130825
Fortinet 20130825
GData 20130825
Ikarus 20130825
Jiangmin 20130825
K7AntiVirus 20130823
K7GW 20130823
Kaspersky 20130825
Kingsoft 20130723
Malwarebytes 20130825
McAfee 20130825
McAfee-GW-Edition 20130825
Microsoft 20130825
eScan 20130825
NANO-Antivirus 20130825
Norman 20130824
nProtect 20130823
Panda 20130824
PCTools 20130824
Rising 20130823
Sophos AV 20130825
SUPERAntiSpyware 20130824
Symantec 20130825
TheHacker 20130824
TotalDefense 20130823
TrendMicro 20130825
TrendMicro-HouseCall 20130824
VIPRE 20130825
ViRobot 20130825
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
2005-2013 COMODO. All rights reserved.

Publisher Comodo Security Solutions
Product COMODO Internet Security
Version 6, 2, 285401, 2860
File version 6, 2, 285401, 2860
Description COMODO Internet Security
Signature verification Signed file, verified signature
Signing date 1:49 PM 7/10/2013
Signers
[+] Comodo Security Solutions
Status Valid
Issuer None
Valid from 1:00 AM 4/8/2013
Valid to 12:59 AM 4/9/2014
Valid usage Code Signing
Algorithm SHA1
Thumbprint 39488FE6BE0D00E76D475BD2902442A541A0E1A3
Serial number 07 1A E4 A2 40 2B B0 AD 40 F3 FB D4 40 2B 92 90
[+] COMODO Code Signing CA 2
Status Valid
Issuer None
Valid from 1:00 AM 8/24/2011
Valid to 11:48 AM 5/30/2020
Valid usage Code Signing
Algorithm SHA1
Thumbprint B64771392538D1EB7A9281998791C14AFD0C5035
Serial number 10 70 9D 4F F5 54 08 D7 30 60 01 D8 EA 91 75 BB
[+] UTN-USERFirst-Object
Status Valid
Issuer None
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm SHA1
Thumbprint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] USERTrust
Status Valid
Issuer None
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm SHA1
Thumbprint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Counter signers
[+] COMODO Time Stamping Signer
Status Valid
Issuer None
Valid from 1:00 AM 5/10/2010
Valid to 12:59 AM 5/11/2015
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 3DBB6DB5085C6DD5A1CA7F9CF84ECB1A3910CAC8
Serial number 47 8A 8E FB 59 E1 D8 3F 0C E1 42 D2 A2 87 07 BE
[+] UTN-USERFirst-Object
Status Valid
Issuer None
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm SHA1
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] USERTrust
Status Valid
Issuer None
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm SHA1
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-04-28 11:38:20
Entry Point 0x000121CF
Number of sections 4
PE sections
PE imports
GetDeviceCaps
GetCurrentObject
DeleteDC
CreateFontIndirectW
SelectObject
StretchBlt
GetObjectW
SetStretchBltMode
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
GetUserDefaultUILanguage
SetThreadLocale
GetLastError
SetCurrentDirectoryW
GetStdHandle
EnterCriticalSection
TerminateThread
lstrlenA
GetModuleFileNameW
GlobalFree
WaitForSingleObject
GetVersionExW
SetEvent
MulDiv
FindNextFileW
SystemTimeToFileTime
FindResourceExA
ExpandEnvironmentStringsW
lstrlenW
GetLocalTime
DeleteCriticalSection
GetStartupInfoA
GetSystemDefaultUILanguage
GetDriveTypeW
SizeofResource
CompareFileTime
GetDiskFreeSpaceExW
GetFileSize
LockResource
SetFileTime
GetCommandLineW
CreateThread
GetSystemDefaultLCID
MultiByteToWideChar
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
GetLocaleInfoW
SuspendThread
RemoveDirectoryW
GetModuleHandleA
lstrcpyW
SetFileAttributesW
lstrcmpiA
WideCharToMultiByte
SetEnvironmentVariableW
SetFilePointer
GetSystemDirectoryW
ReadFile
GetTempPathW
ResetEvent
GetSystemTimeAsFileTime
FindFirstFileW
GlobalMemoryStatusEx
lstrcmpW
GetModuleHandleW
LoadLibraryA
LocalFree
FormatMessageW
ResumeThread
GetFileAttributesW
CreateEventW
GetExitCodeThread
lstrcmpiW
InitializeCriticalSection
LoadResource
WriteFile
CreateFileW
GlobalAlloc
VirtualFree
FindClose
lstrcatW
Sleep
IsBadReadPtr
SetEndOfFile
CloseHandle
ExitProcess
GetProcAddress
VirtualAlloc
GetEnvironmentVariableW
SetLastError
LeaveCriticalSection
_purecall
__p__fmode
malloc
??1type_info@@UAE@XZ
memset
_wcsnicmp
__dllonexit
_controlfp
_except_handler3
??2@YAPAXI@Z
strncmp
_onexit
_wtol
exit
_XcptFilter
memcmp
__setusermatherr
__p__commode
_acmdln
_CxxThrowException
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_adjust_fdiv
??3@YAXPAX@Z
free
__getmainargs
_initterm
memmove
memcpy
_beginthreadex
_exit
_EH_prolog
__set_app_type
Ord(418)
Ord(2)
Ord(9)
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
SHGetSpecialFolderPathW
SHGetMalloc
SetFocus
GetParent
EndDialog
DrawTextW
DefWindowProcW
KillTimer
GetMessageW
ShowWindow
MessageBeep
SetWindowPos
GetClassNameA
wvsprintfW
GetSystemMetrics
SetWindowLongW
IsWindow
SendMessageW
GetWindowRect
ClientToScreen
CharUpperW
MessageBoxA
GetSystemMenu
GetWindowDC
GetWindow
GetSysColor
DispatchMessageW
CopyImage
ReleaseDC
GetMenu
GetWindowLongW
DrawIconEx
SetWindowTextW
GetDlgItem
SystemParametersInfoW
LoadImageW
GetDC
ScreenToClient
wsprintfA
SetTimer
CallWindowProcW
DialogBoxIndirectParamW
EnableWindow
GetClientRect
GetWindowTextW
EnableMenuItem
LoadIconW
GetWindowTextLengthW
CreateWindowExW
wsprintfW
GetKeyState
DestroyWindow
CreateStreamOnHGlobal
CoCreateInstance
CoInitialize
Number of PE resources by type
RT_ICON 21
RT_GROUP_ICON 2
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
UKRAINIAN DEFAULT 21
ENGLISH US 3
NEUTRAL SYS DEFAULT 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.2.23257.2860

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
782336

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6, 2, 285401, 2860

TimeStamp
2011:04:28 12:38:20+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
6, 2, 285401, 2860

FileDescription
COMODO Internet Security

OSVersion
4.0

FileOS
Win32

LegalCopyright
2005-2013 COMODO. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
COMODO

CodeSize
71680

ProductName
COMODO Internet Security

ProductVersionNumber
6.2.23257.2860

EntryPoint
0x121cf

ObjectFileType
Executable application

File identification
MD5 12f97c92b0182562a631436b175dfc96
SHA1 64a12cb6007dd6faa6e6de157430a28464fdb43b
SHA256 511d1eb081aa19187424b4fab9138d855a3a566c817d24cd5f18a525cef3e87b
ssdeep
3145728:8cccFBTgRTVsHoaM5Lp5I1XVHSXsCwtJDa+Ko2xXZ:m8TgR+aXsX90sLDmo27

File size 143.6 MB ( 150622552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
Tags
peexe armadillo signed

VirusTotal metadata
First submission 2013-08-25 04:45:34 UTC ( 5 anos, 9 meses atrás )
Last submission 2013-08-25 04:45:34 UTC ( 5 anos, 9 meses atrás )
Nomes do arquivo cfw_installer.exe
Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!