× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 8aa892cd3c92184f9253c0dbb48f879dbc2a719d2efb12018f5bb36061329d5e
Имя файла: aimp_4.01.1703.exe
Показатель выявления: 0 / 55
Дата анализа: 2016-03-16 19:25:09 UTC (2 лет, 8 месяцев назад) Показать последний анализ
Антивирус Результат Дата обновления
Ad-Aware 20160316
AegisLab 20160316
Yandex 20160316
AhnLab-V3 20160316
Alibaba 20160316
ALYac 20160316
Antiy-AVL 20160316
Arcabit 20160316
Avast 20160316
AVG 20160316
Avira (no cloud) 20160316
AVware 20160316
Baidu 20160315
Baidu-International 20160316
BitDefender 20160316
Bkav 20160316
ByteHero 20160316
CAT-QuickHeal 20160316
CMC 20160316
Comodo 20160316
Cyren 20160316
DrWeb 20160316
Emsisoft 20160316
ESET-NOD32 20160316
F-Prot 20160316
F-Secure 20160316
Fortinet 20160316
GData 20160316
Ikarus 20160316
Jiangmin 20160316
K7AntiVirus 20160316
K7GW 20160316
Kaspersky 20160316
Malwarebytes 20160316
McAfee 20160316
McAfee-GW-Edition 20160316
Microsoft 20160316
eScan 20160316
NANO-Antivirus 20160316
nProtect 20160316
Panda 20160316
Qihoo-360 20160316
Rising 20160316
Sophos AV 20160316
SUPERAntiSpyware 20160316
Symantec 20160316
Tencent 20160316
TheHacker 20160315
TrendMicro 20160316
TrendMicro-HouseCall 20160316
VBA32 20160316
VIPRE 20160316
ViRobot 20160316
Zillya 20160316
Zoner 20160316
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Artem Izmaylov

Product AIMP
Original name 7zsd_LZMA2.sfx
Description AIMP Setup
Comments Based on 7z Setup SFX (x86) (© 2005-2012 Oleg N. Scherbakov)
Signature verification Signed file, verified signature
Signing date 6:14 PM 3/15/2016
Signers
[+] Artem Izmaylov
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer StartCom Class 2 Object CA
Valid from 12:49 PM 1/29/2016
Valid to 12:49 PM 1/29/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 97A54B58F8E3DF1F4AAD5A77E51CDECEB8B7FE8F
Serial number 2E 51 36 40 20 87 AD FC CD 89 77 96 7B 2F 00 B7
[+] StartCom Class 2 Object CA
Status Valid
Issuer StartCom Certification Authority
Valid from 2:00 AM 12/16/2015
Valid to 2:00 AM 12/16/2030
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 1F6421C176CF03ED52CC37F21B587F166CEB828B
Serial number 6C 3B D2 7E DD 3C 94 9E 95 8E 28 A9 B3 C7 57 A0
[+] StartCom Certification Authority
Status Valid
Issuer StartCom Certification Authority
Valid from 8:46 PM 9/17/2006
Valid to 8:46 PM 9/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbprint 3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F
Serial number 01
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT appended, 7Z
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-12-30 08:49:49
Entry Point 0x0001382F
Number of sections 4
PE sections
Overlays
MD5 2adf4000c7e0f5add31d466e657d2680
File type data
Offset 153088
Size 8575240
Entropy 8.00
PE imports
FreeSid
AllocateAndInitializeSid
CheckTokenMembership
GetDeviceCaps
GetCurrentObject
DeleteDC
CreateFontIndirectW
SelectObject
CreateCompatibleBitmap
GetObjectW
SetStretchBltMode
CreateCompatibleDC
DeleteObject
StretchBlt
SetThreadLocale
GetStdHandle
GetDriveTypeW
WaitForSingleObject
LockResource
CreateJobObjectW
GetFileAttributesW
SetInformationJobObject
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetSystemDirectoryW
lstrcatW
GetLocaleInfoW
FindResourceExA
WideCharToMultiByte
GetTempPathW
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
GetExitCodeProcess
LocalFree
FormatMessageW
ResumeThread
InitializeCriticalSection
LoadResource
FindClose
SetFileAttributesW
GetEnvironmentVariableW
SetLastError
GetUserDefaultUILanguage
GetModuleFileNameW
ExitProcess
lstrcmpiW
SetProcessWorkingSetSize
GetSystemDefaultLCID
MultiByteToWideChar
SetFilePointer
CreateThread
SetEnvironmentVariableW
GetSystemDefaultUILanguage
GetExitCodeThread
MulDiv
SetCurrentDirectoryW
GlobalAlloc
GetDiskFreeSpaceExW
SetEndOfFile
GetCurrentThreadId
EnterCriticalSection
TerminateThread
lstrcmpiA
GetVersionExW
SetEvent
LoadLibraryA
GetStartupInfoA
GetFileSize
GetStartupInfoW
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
AssignProcessToJobObject
lstrcpyW
RemoveDirectoryW
ExpandEnvironmentStringsW
FindNextFileW
ResetEvent
FindFirstFileW
lstrcmpW
GetProcAddress
CreateEventW
CreateFileW
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
lstrlenA
GlobalFree
lstrlenW
VirtualFree
GetQueuedCompletionStatus
SizeofResource
CompareFileTime
CreateIoCompletionPort
SetFileTime
GetCommandLineW
SuspendThread
GetModuleHandleA
ReadFile
CloseHandle
GetModuleHandleW
WriteFile
CreateProcessW
Sleep
IsBadReadPtr
VirtualAlloc
strncmp
__p__fmode
malloc
??1type_info@@UAE@XZ
memset
_wcsnicmp
__dllonexit
_controlfp
_except_handler3
??2@YAPAXI@Z
_onexit
_wtol
exit
_XcptFilter
memcmp
__setusermatherr
__p__commode
_acmdln
_CxxThrowException
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_adjust_fdiv
??3@YAXPAX@Z
free
wcsncmp
__getmainargs
_purecall
_initterm
memmove
memcpy
_beginthreadex
_exit
_EH_prolog
__set_app_type
OleLoadPicture
VariantClear
SysAllocString
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
SHGetSpecialFolderPathW
SHGetMalloc
SetFocus
GetParent
EndDialog
DrawTextW
DefWindowProcW
KillTimer
GetMessageW
ShowWindow
MessageBeep
SetWindowPos
wvsprintfW
GetSystemMetrics
SetWindowLongW
IsWindow
GetMenu
GetWindowRect
ClientToScreen
UnhookWindowsHookEx
CharUpperW
MessageBoxA
LoadIconW
GetWindowDC
GetWindow
GetSysColor
PtInRect
DispatchMessageW
CopyImage
ReleaseDC
SendMessageW
GetWindowLongW
DrawIconEx
SetWindowTextW
GetDlgItem
SystemParametersInfoW
LoadImageW
GetDC
ScreenToClient
CallNextHookEx
wsprintfA
SetTimer
CallWindowProcW
GetSystemMenu
DialogBoxIndirectParamW
EnableWindow
GetClientRect
GetWindowTextW
EnableMenuItem
SetWindowsHookExW
GetClassNameA
GetWindowTextLengthW
CreateWindowExW
wsprintfW
GetKeyState
DestroyWindow
CreateStreamOnHGlobal
CoCreateInstance
CoInitialize
Number of PE resources by type
RT_ICON 5
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
RUSSIAN 6
NEUTRAL 1
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
Based on 7z Setup SFX (x86) ( 2005-2012 Oleg N. Scherbakov)

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
AIMP Setup

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
74240

EntryPoint
0x1382f

OriginalFileName
7zsd_LZMA2.sfx

MIMEType
application/octet-stream

LegalCopyright
Artem Izmaylov

TimeStamp
2012:12:30 09:49:49+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
4.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
AIMP DevTeam

CodeSize
78336

ProductName
AIMP

ProductVersionNumber
4.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Execution parents
Compressed bundles
File identification
MD5 fbb5d9f64bd43286de8c99c5a46bdf3f
SHA1 e005156ff2beee4da12d2c7a2ef3822d03ff06d8
SHA256 8aa892cd3c92184f9253c0dbb48f879dbc2a719d2efb12018f5bb36061329d5e
ssdeep
196608:E+CqO/BUEfDT1Py7p9YOoYkInw2IhxJqiwqUsMZBm8:E+CVxsbYdV9xJqiwLs0J

authentihash 26af3215f79d50c7c8e7b326ccfe7e66ee31e012d868b0c7687462e0930aa4bc
imphash 1d1577d864d2da06952f7affd8635371
Размер файла 8.3 MБ ( 8728328 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2016-03-15 18:19:09 UTC (2 лет, 8 месяцев назад)
Last submission 2018-09-24 02:28:02 UTC (1 месяц, 3 недель назад)
Имена файлов target.exe
AIMP_Russian_Setup.exe
7186335346d375366d601009dcd5324fff6a3ad22a32ec9c542aca05684b6e0277141284e33ba76e2475df24c336887904bf69eeb2203cd92a8eb17c2de4988e
AIMP 4.01 Build 1703 Final Portable.exe
UpdateInstaller.exe
UpdateInstaller.exe
xetcom.com.aimp.setup.exe
aimp.setup.exe
AIMP_4.01.1703.exe
aimp_4 (1).exe
target.exe
7zsd_LZMA2.sfx
aimp4-01-build-1703.exe
target.exe
target.exe
target.exe
UpdateInstaller.exe
aimp_4.exe
target.exe
aimp_5.exe
UpdateInstaller.exe
aimp_4.01.1703.exe
UpdateInstaller.exe
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs
UDP communications