forked from Winetricks/winetricks
-
-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Experiment: Querry checksum of downloaded files in virustotal #55
Labels
help wanted
Extra attention is needed
P1 - Very important
The most important issues
PROJECT
SECURITY
Comments
Kreyren
added
help wanted
Extra attention is needed
P1 - Very important
The most important issues
PROJECT
labels
Nov 25, 2019
Works like a charm we even get a lots of helpful info about the file: kreyren@dreamon:~$ curl --request GET --url https://www.virustotal.com/api/v3/files/f0696bc98bf69a953554104b22e5a4d610dbfb344654c3e729a2851acc12c24e --header 'x-apikey: 2ad9c6c2d0dc50881aa6f08af9f74696ef1fe9a24ad16e7632a6c241d33d8d94'
{
"data": {
"attributes": {
"authentihash": "f520debee79ac2ebd7a128744fc02d8b5eaf64529477457886b0429f38adb2e9",
"creation_date": 1550185518,
"exiftool": {
"CharacterSet": "Unicode",
"CodeSize": 2916352,
"CompanyName": "Blizzard Entertainment",
"EntryPoint": "0x1385f3",
"FileDescription": "Battle.net Setup",
"FileFlagsMask": "0x003f",
"FileOS": "Win32",
"FileSubtype": 0,
"FileType": "Win32 EXE",
"FileTypeExtension": "exe",
"FileVersion": "1.16.3.2988",
"FileVersionNumber": "1.16.3.2988",
"ImageFileCharacteristics": "Executable, 32-bit",
"ImageVersion": 0.0,
"InitializedDataSize": 1975296,
"InternalName": "Battle.net Setup",
"LanguageCode": "Neutral",
"LegalCopyright": " 2005-2019 Blizzard Entertainment Inc.",
"LinkerVersion": 14.15,
"MIMEType": "application/octet-stream",
"MachineType": "Intel 386 or later, and compatibles",
"OSVersion": 6.0,
"ObjectFileType": "Executable application",
"OriginalFileName": "Battle.net-Setup.exe",
"PEType": "PE32",
"ProductName": "Battle.net Setup",
"ProductVersion": "1.16.3.2988",
"ProductVersionNumber": "1.16.3.2988",
"Subsystem": "Windows GUI",
"SubsystemVersion": 6.0,
"TimeStamp": "2019:02:15 00:05:18+01:00",
"UninitializedDataSize": 0
},
"first_submission_date": 1574705971,
"last_analysis_date": 1574705971,
"last_analysis_results": {
"ALYac": {
"category": "undetected",
"engine_name": "ALYac",
"engine_update": "20191125",
"engine_version": "1.1.1.5",
"method": "blacklist",
"result": null
},
"APEX": {
"category": "undetected",
"engine_name": "APEX",
"engine_update": "20191125",
"engine_version": "5.89",
"method": "blacklist",
"result": null
},
"AVG": {
"category": "undetected",
"engine_name": "AVG",
"engine_update": "20191125",
"engine_version": "18.4.3895.0",
"method": "blacklist",
"result": null
},
"Acronis": {
"category": "undetected",
"engine_name": "Acronis",
"engine_update": "20191122",
"engine_version": "1.1.1.58",
"method": "blacklist",
"result": null
},
"Ad-Aware": {
"category": "undetected",
"engine_name": "Ad-Aware",
"engine_update": "20191125",
"engine_version": "3.0.5.370",
"method": "blacklist",
"result": null
},
"AegisLab": {
"category": "undetected",
"engine_name": "AegisLab",
"engine_update": "20191125",
"engine_version": "4.2",
"method": "blacklist",
"result": null
},
"AhnLab-V3": {
"category": "undetected",
"engine_name": "AhnLab-V3",
"engine_update": "20191125",
"engine_version": "3.16.5.25880",
"method": "blacklist",
"result": null
},
"Alibaba": {
"category": "undetected",
"engine_name": "Alibaba",
"engine_update": "20190527",
"engine_version": "0.3.0.5",
"method": "blacklist",
"result": null
},
"Arcabit": {
"category": "undetected",
"engine_name": "Arcabit",
"engine_update": "20191125",
"engine_version": "1.0.0.865",
"method": "blacklist",
"result": null
},
"Avast": {
"category": "undetected",
"engine_name": "Avast",
"engine_update": "20191125",
"engine_version": "18.4.3895.0",
"method": "blacklist",
"result": null
},
"Avast-Mobile": {
"category": "undetected",
"engine_name": "Avast-Mobile",
"engine_update": "20191125",
"engine_version": "191125-00",
"method": "blacklist",
"result": null
},
"Avira": {
"category": "undetected",
"engine_name": "Avira",
"engine_update": "20191125",
"engine_version": "8.3.3.8",
"method": "blacklist",
"result": null
},
"Baidu": {
"category": "undetected",
"engine_name": "Baidu",
"engine_update": "20190318",
"engine_version": "1.0.0.2",
"method": "blacklist",
"result": null
},
"BitDefender": {
"category": "undetected",
"engine_name": "BitDefender",
"engine_update": "20191125",
"engine_version": "7.2",
"method": "blacklist",
"result": null
},
"BitDefenderTheta": {
"category": "undetected",
"engine_name": "BitDefenderTheta",
"engine_update": "20191125",
"engine_version": "7.2.37796.0",
"method": "blacklist",
"result": null
},
"Bkav": {
"category": "timeout",
"engine_name": "Bkav",
"engine_update": "20191125",
"engine_version": "1.3.0.9899",
"method": "blacklist",
"result": null
},
"CAT-QuickHeal": {
"category": "undetected",
"engine_name": "CAT-QuickHeal",
"engine_update": "20191125",
"engine_version": "14.00",
"method": "blacklist",
"result": null
},
"CMC": {
"category": "undetected",
"engine_name": "CMC",
"engine_update": "20190321",
"engine_version": "1.1.0.977",
"method": "blacklist",
"result": null
},
"ClamAV": {
"category": "undetected",
"engine_name": "ClamAV",
"engine_update": "20191125",
"engine_version": "0.102.1.0",
"method": "blacklist",
"result": null
},
"Comodo": {
"category": "undetected",
"engine_name": "Comodo",
"engine_update": "20191125",
"engine_version": "31765",
"method": "blacklist",
"result": null
},
"CrowdStrike": {
"category": "undetected",
"engine_name": "CrowdStrike",
"engine_update": "20190702",
"engine_version": "1.0",
"method": "blacklist",
"result": null
},
"Cybereason": {
"category": "undetected",
"engine_name": "Cybereason",
"engine_update": "20190616",
"engine_version": "1.2.449",
"method": "blacklist",
"result": null
},
"Cylance": {
"category": "undetected",
"engine_name": "Cylance",
"engine_update": "20191125",
"engine_version": "2.3.1.101",
"method": "blacklist",
"result": null
},
"Cyren": {
"category": "undetected",
"engine_name": "Cyren",
"engine_update": "20191125",
"engine_version": "6.2.2.2",
"method": "blacklist",
"result": null
},
"DrWeb": {
"category": "undetected",
"engine_name": "DrWeb",
"engine_update": "20191125",
"engine_version": "7.0.42.9300",
"method": "blacklist",
"result": null
},
"ESET-NOD32": {
"category": "undetected",
"engine_name": "ESET-NOD32",
"engine_update": "20191125",
"engine_version": "20406",
"method": "blacklist",
"result": null
},
"Emsisoft": {
"category": "undetected",
"engine_name": "Emsisoft",
"engine_update": "20191031",
"engine_version": "2018.12.0.1641",
"method": "blacklist",
"result": null
},
"Endgame": {
"category": "undetected",
"engine_name": "Endgame",
"engine_update": "20190918",
"engine_version": "3.0.15",
"method": "blacklist",
"result": null
},
"F-Prot": {
"category": "undetected",
"engine_name": "F-Prot",
"engine_update": "20191125",
"engine_version": "4.7.1.166",
"method": "blacklist",
"result": null
},
"F-Secure": {
"category": "undetected",
"engine_name": "F-Secure",
"engine_update": "20191125",
"engine_version": "12.0.86.52",
"method": "blacklist",
"result": null
},
"FireEye": {
"category": "undetected",
"engine_name": "FireEye",
"engine_update": "20191125",
"engine_version": "29.7.0.0",
"method": "blacklist",
"result": null
},
"Fortinet": {
"category": "undetected",
"engine_name": "Fortinet",
"engine_update": "20191125",
"engine_version": "6.2.137.0",
"method": "blacklist",
"result": null
},
"GData": {
"category": "undetected",
"engine_name": "GData",
"engine_update": "20191125",
"engine_version": "A:25.24095B:26.16774",
"method": "blacklist",
"result": null
},
"Ikarus": {
"category": "undetected",
"engine_name": "Ikarus",
"engine_update": "20191125",
"engine_version": "0.1.5.2",
"method": "blacklist",
"result": null
},
"Invincea": {
"category": "undetected",
"engine_name": "Invincea",
"engine_update": "20190904",
"engine_version": "6.3.6.26157",
"method": "blacklist",
"result": null
},
"Jiangmin": {
"category": "undetected",
"engine_name": "Jiangmin",
"engine_update": "20191125",
"engine_version": "16.0.100",
"method": "blacklist",
"result": null
},
"K7AntiVirus": {
"category": "undetected",
"engine_name": "K7AntiVirus",
"engine_update": "20191125",
"engine_version": "11.80.32635",
"method": "blacklist",
"result": null
},
"K7GW": {
"category": "undetected",
"engine_name": "K7GW",
"engine_update": "20191125",
"engine_version": "11.80.32636",
"method": "blacklist",
"result": null
},
"Kaspersky": {
"category": "undetected",
"engine_name": "Kaspersky",
"engine_update": "20191125",
"engine_version": "15.0.1.13",
"method": "blacklist",
"result": null
},
"Kingsoft": {
"category": "undetected",
"engine_name": "Kingsoft",
"engine_update": "20191125",
"engine_version": "2013.8.14.323",
"method": "blacklist",
"result": null
},
"MAX": {
"category": "undetected",
"engine_name": "MAX",
"engine_update": "20191125",
"engine_version": "2019.9.16.1",
"method": "blacklist",
"result": null
},
"Malwarebytes": {
"category": "undetected",
"engine_name": "Malwarebytes",
"engine_update": "20191125",
"engine_version": "2.1.1.1115",
"method": "blacklist",
"result": null
},
"MaxSecure": {
"category": "undetected",
"engine_name": "MaxSecure",
"engine_update": "20191123",
"engine_version": "1.0.0.1",
"method": "blacklist",
"result": null
},
"McAfee": {
"category": "undetected",
"engine_name": "McAfee",
"engine_update": "20191125",
"engine_version": "6.0.6.653",
"method": "blacklist",
"result": null
},
"McAfee-GW-Edition": {
"category": "undetected",
"engine_name": "McAfee-GW-Edition",
"engine_update": "20191125",
"engine_version": "v2017.3010",
"method": "blacklist",
"result": null
},
"MicroWorld-eScan": {
"category": "undetected",
"engine_name": "MicroWorld-eScan",
"engine_update": "20191125",
"engine_version": "14.0.297.0",
"method": "blacklist",
"result": null
},
"Microsoft": {
"category": "undetected",
"engine_name": "Microsoft",
"engine_update": "20191125",
"engine_version": "1.1.16500.1",
"method": "blacklist",
"result": null
},
"NANO-Antivirus": {
"category": "undetected",
"engine_name": "NANO-Antivirus",
"engine_update": "20191125",
"engine_version": "1.0.134.24859",
"method": "blacklist",
"result": null
},
"Paloalto": {
"category": "undetected",
"engine_name": "Paloalto",
"engine_update": "20191125",
"engine_version": "1.0",
"method": "blacklist",
"result": null
},
"Panda": {
"category": "undetected",
"engine_name": "Panda",
"engine_update": "20191125",
"engine_version": "4.6.4.2",
"method": "blacklist",
"result": null
},
"Qihoo-360": {
"category": "undetected",
"engine_name": "Qihoo-360",
"engine_update": "20191125",
"engine_version": "1.0.0.1120",
"method": "blacklist",
"result": null
},
"Rising": {
"category": "undetected",
"engine_name": "Rising",
"engine_update": "20191125",
"engine_version": "25.0.0.24",
"method": "blacklist",
"result": null
},
"SUPERAntiSpyware": {
"category": "undetected",
"engine_name": "SUPERAntiSpyware",
"engine_update": "20191122",
"engine_version": "5.6.0.1032",
"method": "blacklist",
"result": null
},
"SentinelOne": {
"category": "undetected",
"engine_name": "SentinelOne",
"engine_update": "20191118",
"engine_version": "1.11.0.53",
"method": "blacklist",
"result": null
},
"Sophos": {
"category": "undetected",
"engine_name": "Sophos",
"engine_update": "20191125",
"engine_version": "4.98.0",
"method": "blacklist",
"result": null
},
"Symantec": {
"category": "undetected",
"engine_name": "Symantec",
"engine_update": "20191125",
"engine_version": "1.11.0.0",
"method": "blacklist",
"result": null
},
"SymantecMobileInsight": {
"category": "type-unsupported",
"engine_name": "SymantecMobileInsight",
"engine_update": "20191030",
"engine_version": "2.0",
"method": "blacklist",
"result": null
},
"TACHYON": {
"category": "undetected",
"engine_name": "TACHYON",
"engine_update": "20191125",
"engine_version": "2019-11-25.02",
"method": "blacklist",
"result": null
},
"Tencent": {
"category": "undetected",
"engine_name": "Tencent",
"engine_update": "20191125",
"engine_version": "1.0.0.1",
"method": "blacklist",
"result": null
},
"Trapmine": {
"category": "undetected",
"engine_name": "Trapmine",
"engine_update": "20190826",
"engine_version": "3.1.81.800",
"method": "blacklist",
"result": null
},
"TrendMicro": {
"category": "undetected",
"engine_name": "TrendMicro",
"engine_update": "20191125",
"engine_version": "11.0.0.1006",
"method": "blacklist",
"result": null
},
"TrendMicro-HouseCall": {
"category": "undetected",
"engine_name": "TrendMicro-HouseCall",
"engine_update": "20191125",
"engine_version": "10.0.0.1040",
"method": "blacklist",
"result": null
},
"Trustlook": {
"category": "type-unsupported",
"engine_name": "Trustlook",
"engine_update": "20191125",
"engine_version": "1.0",
"method": "blacklist",
"result": null
},
"VBA32": {
"category": "undetected",
"engine_name": "VBA32",
"engine_update": "20191125",
"engine_version": "4.2.0",
"method": "blacklist",
"result": null
},
"VIPRE": {
"category": "undetected",
"engine_name": "VIPRE",
"engine_update": "20191125",
"engine_version": "79588",
"method": "blacklist",
"result": null
},
"ViRobot": {
"category": "undetected",
"engine_name": "ViRobot",
"engine_update": "20191125",
"engine_version": "2014.3.20.0",
"method": "blacklist",
"result": null
},
"Webroot": {
"category": "undetected",
"engine_name": "Webroot",
"engine_update": "20191125",
"engine_version": "1.0.0.403",
"method": "blacklist",
"result": null
},
"Yandex": {
"category": "undetected",
"engine_name": "Yandex",
"engine_update": "20191121",
"engine_version": "5.5.2.24",
"method": "blacklist",
"result": null
},
"Zillya": {
"category": "undetected",
"engine_name": "Zillya",
"engine_update": "20191125",
"engine_version": "2.0.0.3959",
"method": "blacklist",
"result": null
},
"ZoneAlarm": {
"category": "undetected",
"engine_name": "ZoneAlarm",
"engine_update": "20191125",
"engine_version": "1.0",
"method": "blacklist",
"result": null
},
"Zoner": {
"category": "undetected",
"engine_name": "Zoner",
"engine_update": "20191125",
"engine_version": "1.0.0.1",
"method": "blacklist",
"result": null
}
},
"last_analysis_stats": {
"failure": 0,
"harmless": 0,
"malicious": 0,
"suspicious": 0,
"timeout": 1,
"type-unsupported": 2,
"undetected": 68
},
"last_modification_date": 1574706128,
"last_submission_date": 1574705971,
"magic": "PE32 executable for MS Windows (GUI) Intel 80386 32-bit",
"md5": "03a751004c1952962ce8c0f38fb622c4",
"meaningful_name": "Battle.net-Setup.exe",
"names": [
"Battle.net-Setup.exe",
"Battle.net Setup"
],
"pe_info": {
"entry_point": 1279475,
"imphash": "f386848a3162c60899249477d9ce1222",
"imports": {
"ADVAPI32.dll": [
"CryptDestroyKey",
"RegCloseKey",
"DuplicateToken",
"RegQueryValueExA",
"AccessCheck",
"CryptSetHashParam",
"OpenServiceW",
"QueryServiceConfigW",
"CryptEncrypt",
"LookupPrivilegeValueW",
"RegCreateKeyExA",
"OpenThreadToken",
"CryptHashData",
"ConvertSidToStringSidA",
"RegQueryValueExW",
"CryptImportKey",
"CryptCreateHash",
"CloseServiceHandle",
"GetFileSecurityW",
"ConvertStringSecurityDescriptorToSecurityDescriptorW",
"OpenProcessToken",
"DeregisterEventSource",
"GetUserNameW",
"RegGetValueW",
"RegisterEventSourceA",
"RegOpenKeyExA",
"GetTokenInformation",
"DuplicateTokenEx",
"CryptReleaseContext",
"CryptAcquireContextA",
"GetNamedSecurityInfoW",
"CryptGenRandom",
"CryptAcquireContextW",
"CryptDecrypt",
"CryptGetProvParam",
"CryptDestroyHash",
"MapGenericMask",
"AdjustTokenPrivileges",
"CryptGetUserKey",
"SetEntriesInAclW",
"RegSetValueExW",
"ConvertSecurityDescriptorToStringSecurityDescriptorW",
"CryptGetHashParam",
"OpenSCManagerW",
"CryptExportKey",
"AllocateAndInitializeSid",
"RegSetValueExA",
"CryptEnumProvidersA",
"RegDeleteValueA",
"ReportEventA",
"SetNamedSecurityInfoW",
"CryptSignHashA",
"BuildTrusteeWithSidW"
],
"CRYPT32.dll": [
"CertEnumCertificatesInStore",
"CertGetNameStringA",
"CryptStringToBinaryA",
"CertGetCertificateContextProperty",
"CertFreeCertificateChainEngine",
"CertFreeCertificateContext",
"CertCloseStore",
"CryptQueryObject",
"CertDuplicateCertificateContext",
"CertAddCertificateContextToStore",
"CertFindCertificateInStore",
"CertFreeCertificateChain",
"CryptMsgClose",
"CertGetCertificateChain",
"CertCreateCertificateChainEngine",
"CertOpenStore",
"CertGetNameStringW",
"CryptMsgGetParam"
],
"GDI32.dll": [
"SetMapMode",
"DeleteDC",
"SelectObject",
"SetLayout",
"EnumFontFamiliesExW",
"AddFontMemResourceEx",
"SetTextAlign",
"GetObjectW",
"SetBkMode",
"SetBkColor",
"CreateDIBSection",
"CreateCompatibleDC",
"DeleteObject",
"CreateFontW",
"SetTextColor",
"GetLayout"
],
"KERNEL32.dll": [
"CreateFiberEx",
"GetStdHandle",
"GetDriveTypeW",
"TerminateProcess",
"VerifyVersionInfoA",
"InterlockedPopEntrySList",
"DeactivateActCtx",
"WaitForSingleObject",
"LockResource",
"Thread32Next",
"SignalObjectAndWait",
"ReleaseSRWLockExclusive",
"CreateTimerQueue",
"GetFileAttributesW",
"GetFileSize",
"SystemTimeToTzSpecificLocalTime",
"GetProcessId",
"DeleteCriticalSection",
"GetCurrentProcess",
"GetConsoleMode",
"LocalAlloc",
"UnhandledExceptionFilter",
"SetFilePointer",
"ExpandEnvironmentStringsA",
"ReleaseMutex",
"FreeEnvironmentStringsW",
"InitializeSListHead",
"GetThreadContext",
"GetLocaleInfoW",
"SetStdHandle",
"GetFileTime",
"GetTempPathA",
"GetCPInfo",
"GetDiskFreeSpaceW",
"WriteFile",
"DeleteFiber",
"GetSystemTimeAsFileTime",
"SetThreadAffinityMask",
"GetThreadTimes",
"Thread32First",
"HeapReAlloc",
"GetStringTypeW",
"GetThreadPriority",
"SetEvent",
"LocalFree",
"ResumeThread",
"FreeLibraryAndExitThread",
"InitializeCriticalSection",
"OutputDebugStringW",
"FindClose",
"TlsGetValue",
"FormatMessageA",
"GetFullPathNameW",
"EncodePointer",
"OutputDebugStringA",
"GetEnvironmentVariableW",
"SetLastError",
"PeekNamedPipe",
"DeviceIoControl",
"GetUserDefaultLangID",
"LoadResource",
"GetModuleFileNameW",
"TryEnterCriticalSection",
"IsDebuggerPresent",
"ExitProcess",
"GetModuleFileNameA",
"InitializeCriticalSectionEx",
"VerSetConditionMask",
"CreateActCtxW",
"SetConsoleCtrlHandler",
"ActivateActCtx",
"EnumSystemLocalesW",
"LoadLibraryExW",
"MultiByteToWideChar",
"VerifyVersionInfoW",
"SetFilePointerEx",
"DeleteTimerQueueTimer",
"SwitchToFiber",
"MoveFileW",
"CreateMutexA",
"RegisterWaitForSingleObject",
"SetFileAttributesW",
"CreateThread",
"MoveFileExW",
"InterlockedFlushSList",
"GetExitCodeThread",
"SetNamedPipeHandleState",
"SetUnhandledExceptionFilter",
"Module32NextW",
"IsProcessorFeaturePresent",
"GetSystemDirectoryA",
"DecodePointer",
"SetEnvironmentVariableA",
"ReadConsoleA",
"GlobalMemoryStatus",
"ConvertThreadToFiber",
"GetModuleHandleExW",
"SetCurrentDirectoryW",
"VirtualQuery",
"GetDiskFreeSpaceExW",
"CreateEventW",
"SetEndOfFile",
"SetWaitableTimer",
"GetProcAddress",
"SleepEx",
"WriteConsoleW",
"CreateToolhelp32Snapshot",
"AreFileApisANSI",
"InitializeCriticalSectionAndSpinCount",
"HeapFree",
"EnterCriticalSection",
"Process32First",
"LoadLibraryW",
"OpenThread",
"GetComputerNameW",
"GetVersionExW",
"GetExitCodeProcess",
"QueryPerformanceCounter",
"GetTickCount",
"IsBadWritePtr",
"TlsAlloc",
"VirtualProtect",
"FlushFileBuffers",
"LoadLibraryA",
"DeleteFileA",
"RtlUnwind",
"ExitThread",
"FreeLibrary",
"ConvertFiberToThread",
"AcquireSRWLockExclusive",
"OpenProcess",
"GetModuleHandleW",
"SetFileValidData",
"GetDateFormatW",
"GetStartupInfoW",
"CreateDirectoryW",
"DeleteFileW",
"GetUserDefaultLCID",
"GetProcessHeap",
"QueryDepthSList",
"GetTimeFormatW",
"GetFileSizeEx",
"RemoveDirectoryW",
"GetFileInformationByHandle",
"FindNextFileW",
"ResetEvent",
"CreateTimerQueueTimer",
"CreateWaitableTimerA",
"FindFirstFileW",
"IsValidLocale",
"DuplicateHandle",
"FindFirstFileExW",
"WaitForMultipleObjects",
"GetProcessAffinityMask",
"GetTimeZoneInformation",
"CreateFileW",
"CreateEventA",
"Process32Next",
"GetFileType",
"TlsSetValue",
"CreateFileA",
"HeapAlloc",
"LeaveCriticalSection",
"GetLastError",
"IsValidCodePage",
"InterlockedPushEntrySList",
"SystemTimeToFileTime",
"LCMapStringW",
"GetShortPathNameW",
"GetSystemInfo",
"GetCompressedFileSizeW",
"GlobalFree",
"GetConsoleCP",
"UnregisterWaitEx",
"CompareStringW",
"GetVolumeInformationW",
"GetEnvironmentStringsW",
"QueryPerformanceFrequency",
"WaitForSingleObjectEx",
"lstrlenW",
"CreateFiber",
"Module32FirstW",
"SwitchToThread",
"SizeofResource",
"GetCurrentDirectoryW",
"GetCurrentProcessId",
"WaitNamedPipeW",
"ChangeTimerQueueTimer",
"SetFileTime",
"GetCommandLineW",
"WideCharToMultiByte",
"HeapSize",
"RaiseException",
"GetCommandLineA",
"GetCurrentThread",
"GetTickCount64",
"SuspendThread",
"ReadConsoleW",
"ReleaseSemaphore",
"TlsFree",
"GetModuleHandleA",
"VirtualUnlock",
"FileTimeToSystemTime",
"ReadFile",
"RtlCaptureContext",
"CloseHandle",
"lstrcpynA",
"GetACP",
"GetCurrentThreadId",
"GetFileAttributesExW",
"GetLogicalProcessorInformation",
"GetNumaHighestNodeNumber",
"GetLocalTime",
"UnregisterWait",
"SetConsoleMode",
"FindResourceW",
"VirtualFree",
"Sleep",
"IsBadReadPtr",
"IsBadStringPtrA",
"SetThreadPriority",
"OpenEventA",
"VirtualAlloc",
"GetOEMCP"
],
"MSIMG32.dll": [
"AlphaBlend"
],
"OLEAUT32.dll": [
"VariantClear"
],
"RPCRT4.dll": [
"UuidToStringA",
"RpcStringFreeA",
"UuidCreate"
],
"SHELL32.dll": [
"SHGetFolderPathW",
"ShellExecuteExA",
"SHBrowseForFolderW",
"SHGetPathFromIDListW",
"ShellExecuteExW",
"SHGetMalloc",
"CommandLineToArgvW",
"FindExecutableA"
],
"USER32.dll": [
"GetUserObjectInformationW",
"EndPaint",
"IsIconic",
"BeginPaint",
"DefWindowProcW",
"TrackMouseEvent",
"PostQuitMessage",
"GetShellWindow",
"ShowWindow",
"SetWindowPos",
"GetWindowThreadProcessId",
"CharLowerA",
"SetWindowLongW",
"MessageBoxW",
"PeekMessageW",
"GetWindowRect",
"RegisterClassExW",
"SetCapture",
"ReleaseCapture",
"MessageBoxA",
"GetWindowDC",
"AdjustWindowRectEx",
"TranslateMessage",
"GetProcessWindowStation",
"DispatchMessageW",
"GetCursorPos",
"ReleaseDC",
"UpdateLayeredWindow",
"SendMessageW",
"GetSystemMetrics",
"GetForegroundWindow",
"SetWindowTextW",
"AllowSetForegroundWindow",
"DrawTextW",
"GetDC",
"InvalidateRect",
"SetTimer",
"GetActiveWindow",
"GetDesktopWindow",
"LoadCursorW",
"LoadIconW",
"CreateWindowExW",
"GetWindowLongW",
"DestroyWindow"
],
"VERSION.dll": [
"VerQueryValueW",
"GetFileVersionInfoW",
"GetFileVersionInfoSizeW"
],
"WINHTTP.dll": [
"WinHttpOpen",
"WinHttpGetIEProxyConfigForCurrentUser",
"WinHttpCloseHandle",
"WinHttpGetProxyForUrl"
],
"WININET.dll": [
"InternetConnectA",
"HttpSendRequestA",
"InternetReadFileExA",
"InternetSetOptionA",
"HttpOpenRequestA",
"InternetCloseHandle",
"InternetOpenA",
"InternetSetCookieW",
"InternetSetStatusCallbackA",
"HttpQueryInfoA",
"InternetCrackUrlA"
],
"WINTRUST.dll": [
"WinVerifyTrust"
],
"WS2_32.dll": [
"getaddrinfo",
"htonl",
"getsockname",
"accept",
"ioctlsocket",
"WSAStartup",
"freeaddrinfo",
"connect",
"shutdown",
"htons",
"WSASetLastError",
"select",
"gethostname",
"getsockopt",
"closesocket",
"ntohl",
"send",
"ntohs",
"WSAGetLastError",
"listen",
"__WSAFDIsSet",
"WSACleanup",
"getpeername",
"recv",
"WSAIoctl",
"setsockopt",
"socket",
"bind",
"recvfrom",
"sendto"
],
"ole32.dll": [
"CoTaskMemFree",
"CoCreateInstance"
]
},
"machine_type": 332,
"overlay": {
"chi2": 400545.46875,
"entropy": 5.426848411560059,
"filetype": "data",
"md5": "8b94c478dcb5bc068bb7d3497fa120e2",
"offset": 4892672,
"size": 10224
},
"resource_details": [
{
"chi2": 499077.46875,
"entropy": 6.821178436279297,
"filetype": "font/ttf",
"lang": "NEUTRAL",
"sha256": "2a00bef556be50a2d6aa77ad6a301068dad178e11237f90d1f26ca2d05f65746",
"type": "FONT"
},
{
"chi2": 9780.15625,
"entropy": 4.850625038146973,
"filetype": "ASCII text",
"lang": "NEUTRAL",
"sha256": "2075b7b30304308870c976231b17e73285ba43a47acd3d28a51481e3eb5d2832",
"type": "JSON"
},
{
"chi2": 16393.736328125,
"entropy": 4.974742412567139,
"filetype": "ASCII text",
"lang": "NEUTRAL",
"sha256": "350cf6ea1ab84cf8d55a7d72a83621a09f9010a1e4042fa44eb1c087a7f87d62",
"type": "JSON"
},
{
"chi2": 15070.0576171875,
"entropy": 4.976926326751709,
"filetype": "ASCII text",
"lang": "NEUTRAL",
"sha256": "c1351b0f1af3f07cdd92d5443f1490676e38973c480c09e704011858e59f3824",
"type": "JSON"
},
{
"chi2": 14118.9677734375,
"entropy": 4.86093807220459,
"filetype": "ASCII text",
"lang": "NEUTRAL",
"sha256": "9444283817d90e76c257b98af5b2dbcba5404c7a344ddba176171857282a0a97",
"type": "JSON"
},
{
"chi2": 28396.759765625,
"entropy": 4.97757625579834,
"filetype": "ASCII text",
"lang": "NEUTRAL",
"sha256": "62d5dcd1d961101e977342ec76edd6d6313fa70ae007ab10568b3a4fb34560f1",
"type": "JSON"
},
{
"chi2": 4454.36767578125,
"entropy": 4.897160053253174,
"filetype": "ASCII text",
"lang": "NEUTRAL",
"sha256": "9b89d541cb4df9f4589d9da03d2a146d6aafd7641bdc415f2007d919a32434c2",
"type": "JSON"
},
{
"chi2": 2576.44677734375,
"entropy": 7.959446907043457,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "6228da3e47704bf66e3d5d28601e0891b96049a913882447067bd9b0d0a52608",
"type": "PNG"
},
{
"chi2": 630.5415649414062,
"entropy": 7.982231616973877,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "ba3e3004449702b02e7a95abd7b0a20fc7e31f6cbf8739a8f40693e727e13384",
"type": "PNG"
},
{
"chi2": 1774.1646728515625,
"entropy": 7.993820667266846,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "56321daad1250d39226ecd46d5345b11e47f8fb6b9954c5b6cfe4ec93293bdc0",
"type": "PNG"
},
{
"chi2": 4042.30126953125,
"entropy": 6.163387775421143,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "05ea10194afdb38e028d8e835533ab12aa3d3efc9905d3043cc0aa6f13529642",
"type": "PNG"
},
{
"chi2": 3476.529052734375,
"entropy": 6.669460296630859,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "6ef744ed712e50d93f1f5a3a54dac24c4b0c90ab36bc0c70d291d19c37e560bf",
"type": "PNG"
},
{
"chi2": 3349.603759765625,
"entropy": 6.754802227020264,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "7bfb185f0eda3eabd466ee997acc43e5d498cb97533399ce63a8643ce3254f69",
"type": "PNG"
},
{
"chi2": 3101.17529296875,
"entropy": 6.887676239013672,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "a954f56a1e98be33cbc1aa353d8ae206310493e4e64c55eff9dd78115a0e338a",
"type": "PNG"
},
{
"chi2": 3125.84912109375,
"entropy": 6.895979881286621,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "33ca2b924d0258a01b018aa1326410481ffcd2692f766b8ec32244ef687feace",
"type": "PNG"
},
{
"chi2": 3249.62255859375,
"entropy": 6.883048057556152,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "fb122c6a5454eff35d566431d7d893d94406fc3efc4dd4bd1cd8aad97086360f",
"type": "PNG"
},
{
"chi2": 909.68359375,
"entropy": 6.634492874145508,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "6dfad246aa23ab0914cbd8c08bdeb5b393921c153608a5e2b25a83598088fa10",
"type": "PNG"
},
{
"chi2": 754.6452026367188,
"entropy": 7.002194404602051,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "42bd94d379e2a79a3b5a8b01ce0b0e834aeb7d5fa6a60b2ec581ce812df081f2",
"type": "PNG"
},
{
"chi2": 3925.111572265625,
"entropy": 6.301149368286133,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "f716394fb6e931823177a874de2ee3aa5d42fa24e5c5f0cade1ae39f3cf2ed18",
"type": "PNG"
},
{
"chi2": 4050.904541015625,
"entropy": 6.283083438873291,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "8f6661aa8d3c850431f863fca4d355ea32646ed0c6176f2ae92fd161b758fb8b",
"type": "PNG"
},
{
"chi2": 4064.69921875,
"entropy": 6.424304485321045,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "0f5b706d8e41b3e0c5840e3d33aa92489b1e1c92f5888a0bdae0f7d95d742ed4",
"type": "PNG"
},
{
"chi2": 4410.1923828125,
"entropy": 6.07090425491333,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "d27fc090d7200704e87d364fcb97578bdde414ca7291b5a24be23f363d75512b",
"type": "PNG"
},
{
"chi2": 4274.2197265625,
"entropy": 6.233514785766602,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "ffab18a851cc551c56f15b6e183a2439276d89c582d673cb87b271e6d8c0b3e4",
"type": "PNG"
},
{
"chi2": 4689.98828125,
"entropy": 5.911078453063965,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "f830d9cbb5290441203cfa19de16b5f6f502d1f04bda2e8e6486496d45a57ecf",
"type": "PNG"
},
{
"chi2": 3814.478515625,
"entropy": 6.435084342956543,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "39cf8017a27f526abee2c4e1d69a11b4da66b193444a8757f12bbf0f3cbdef9d",
"type": "PNG"
},
{
"chi2": 536.4672241210938,
"entropy": 7.610865116119385,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "2025eb111ef74c1810850206fa480cc7bff9c99ade04d9c70aaddee7ef9e7df2",
"type": "PNG"
},
{
"chi2": 4476.20947265625,
"entropy": 5.8463664054870605,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "ef51e04f312c10a800d3759f29f4e02bb0afdde2a7e747cd55c50c7eb6e06b5d",
"type": "PNG"
},
{
"chi2": 3474.26220703125,
"entropy": 6.657578468322754,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "3bbb7b60dd3abd625897c0981b544c7bf2548d4f18f6986df6a21c0864f58cef",
"type": "PNG"
},
{
"chi2": 1216.1697998046875,
"entropy": 7.851156234741211,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "7f5b6b5a7aa12b0041175d0aca9b7133c0df372577044ae8ccd780a913e7b62d",
"type": "PNG"
},
{
"chi2": 2053.398681640625,
"entropy": 7.535712718963623,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "41c6b6195b7842e0b22177f9e665551f92e156efd6bdbfc9c97c9f85de580bb8",
"type": "PNG"
},
{
"chi2": 2346.846923828125,
"entropy": 7.344842910766602,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "e2a78f400570065ce16769f9666794606e35e4f1b71f2704baf4b23dff19363a",
"type": "PNG"
},
{
"chi2": 981.5252685546875,
"entropy": 7.865232467651367,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "45d5d7ba31135659bbaf7f6f78cc5b2506b980eb2950e2477bea9fc6804e6973",
"type": "PNG"
},
{
"chi2": 1982.2357177734375,
"entropy": 7.523314476013184,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "9cc5eeb8fbfe19b516c273deeec28e787e42d525f0e011cb25fbabbdb527a968",
"type": "PNG"
},
{
"chi2": 3472.30810546875,
"entropy": 6.673733234405518,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "13d84af1627af54cdffecf34392d44f3c3d32493d8803199a276c2d68aa59ee1",
"type": "PNG"
},
{
"chi2": 2858.023193359375,
"entropy": 7.052192211151123,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "3b93b842b51aa0bc7163da55afd8ce63fc455c6a6d75242e14792118c5c488d6",
"type": "PNG"
},
{
"chi2": 84024.484375,
"entropy": 6.254825115203857,
"filetype": "data",
"lang": "NEUTRAL",
"sha256": "83fd6a0d795d27649f7ab4894f96d25b0e88cb425cbbc2024ae5ca646734c7f2",
"type": "STRINGS"
},
{
"chi2": 7617527.5,
"entropy": 2.4116599559783936,
"filetype": "data",
"lang": "NEUTRAL",
"sha256": "cced8681ccc95051d4cb873b2c58c69aee57cf9fb452a3a10118ec49b0bf2961",
"type": "RT_ICON"
},
{
"chi2": 84345.4140625,
"entropy": 3.4780242443084717,
"filetype": "data",
"lang": "NEUTRAL",
"sha256": "ba0bf3725fe6de9ad4cdfdfccbac91612ec022e1678e7e9d1a6caabc2bd12576",
"type": "RT_ICON"
},
{
"chi2": 170222.671875,
"entropy": 3.340118169784546,
"filetype": "data",
"lang": "NEUTRAL",
"sha256": "595f72f00d4d3b99f152293a05732b1756fc5f9968958e29bc5ad8f11f141cea",
"type": "RT_ICON"
},
{
"chi2": 933.6068115234375,
"entropy": 7.96925163269043,
"filetype": "image/x-png",
"lang": "NEUTRAL",
"sha256": "44af8a64f0745a00118f0f9e2d7ccfac8ab10a492e25b49beb47dad9e3e8f462",
"type": "RT_ICON"
},
{
"chi2": 326438.34375,
"entropy": 3.240429639816284,
"filetype": "data",
"lang": "NEUTRAL",
"sha256": "b05b142e244e8975698a97240431f8a5c0ff64f5df98eee2414bc71d739478bb",
"type": "RT_ICON"
},
{
"chi2": 878903.5,
"entropy": 2.9002370834350586,
"filetype": "data",
"lang": "NEUTRAL",
"sha256": "f6c8ebc2e1dedee1d9fda6ff4727a62d4b30f3eeace8a33eac379620a969bc4d",
"type": "RT_ICON"
},
{
"chi2": 1851371.625,
"entropy": 2.4544758796691895,
"filetype": "data",
"lang": "NEUTRAL",
"sha256": "8bd9b41951188ec0e1f9104fe3dc0fc96b8d5bb5ac824ae74d5959686c08fe22",
"type": "RT_ICON"
},
{
"chi2": 7649.84521484375,
"entropy": 2.919022560119629,
"filetype": "data",
"lang": "NEUTRAL",
"sha256": "c1bd526685b51753016929963a42624f5f04d3c8cb14f731c1695a0a44b3b703",
"type": "RT_GROUP_ICON"
},
{
"chi2": 65265.76171875,
"entropy": 3.4021029472351074,
"filetype": "data",
"lang": "NEUTRAL",
"sha256": "ebbfe0d4affcd9b04609cce6617aca2f7cf2cc81d1b9f158528456f9a6737629",
"type": "RT_VERSION"
},
{
"chi2": 11601.1318359375,
"entropy": 5.231886863708496,
"filetype": "ASCII text",
"lang": "ENGLISH US",
"sha256": "476c581e20a45055ac2da6dfa1d0bfc660e793295dc7b10b7a7b202c2882b73d",
"type": "RT_MANIFEST"
}
],
"resource_langs": {
"ENGLISH US": 1,
"NEUTRAL": 45
},
"resource_types": {
"FONT": 1,
"JSON": 6,
"PNG": 28,
"RT_GROUP_ICON": 1,
"RT_ICON": 7,
"RT_MANIFEST": 1,
"RT_VERSION": 1,
"STRINGS": 1
},
"sections": [
{
"entropy": 6.7,
"md5": "84645d32630567fd9815d6086df0c297",
"name": ".text",
"raw_size": 2916352,
"virtual_address": 4096,
"virtual_size": 2916172
},
{
"entropy": 6.07,
"md5": "36b0c153aabc4656bbcfafdea737a2b6",
"name": ".rdata",
"raw_size": 1166848,
"virtual_address": 2920448,
"virtual_size": 1166534
},
{
"entropy": 5.08,
"md5": "697e6958d228f505915a91a6fd11cf6d",
"name": ".data",
"raw_size": 108544,
"virtual_address": 4087808,
"virtual_size": 487796
},
{
"entropy": 7.22,
"md5": "5853e95bc7e6a73e24a63026f194fa0e",
"name": ".rsrc",
"raw_size": 540672,
"virtual_address": 4579328,
"virtual_size": 540264
},
{
"entropy": 6.62,
"md5": "07449426cd5c953ac9432745b7cba1c7",
"name": ".reloc",
"raw_size": 159232,
"virtual_address": 5120000,
"virtual_size": 158732
}
],
"timestamp": 1550185518
},
"reputation": 0,
"sha1": "ec59db5a866bf77662680f091979d1f60a8e960b",
"sha256": "f0696bc98bf69a953554104b22e5a4d610dbfb344654c3e729a2851acc12c24e",
"signature_info": {
"copyright": "\u00a9 2005-2019 Blizzard Entertainment Inc.",
"counter signers": "Symantec Time Stamping Services Signer - G4; Symantec Time Stamping Services CA - G2; Thawte Timestamping CA",
"counter signers details": [
{
"algorithm": "sha1RSA",
"cert issuer": "Symantec Time Stamping Services CA - G2",
"name": "Symantec Time Stamping Services Signer - G4",
"serial number": "0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50",
"status": "Valid",
"thumbprint": "65439929B67973EB192D6FF243E6767ADF0834E4",
"valid from": "12:00 AM 10/18/2012",
"valid to": "11:59 PM 12/29/2020",
"valid usage": "Timestamp Signing"
},
{
"algorithm": "sha1RSA",
"cert issuer": "Thawte Timestamping CA",
"name": "Symantec Time Stamping Services CA - G2",
"serial number": "7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B",
"status": "Valid",
"thumbprint": "6C07453FFDDA08B83707C09B82FB3D15F35336B1",
"valid from": "12:00 AM 12/21/2012",
"valid to": "11:59 PM 12/30/2020",
"valid usage": "Timestamp Signing"
},
{
"algorithm": "md5RSA",
"cert issuer": "Thawte Timestamping CA",
"name": "Thawte Timestamping CA",
"serial number": "00",
"status": "Valid",
"thumbprint": "BE36A4562FB2EE05DBB3D32323ADF445084ED656",
"valid from": "12:00 AM 01/01/1997",
"valid to": "11:59 PM 12/31/2020",
"valid usage": "Timestamp Signing"
}
],
"description": "Battle.net Setup",
"file version": "1.16.3.2988",
"internal name": "Battle.net Setup",
"original name": "Battle.net-Setup.exe",
"product": "Battle.net Setup",
"signers": "Blizzard Entertainment, Inc.; DigiCert SHA2 Assured ID Code Signing CA; DigiCert",
"signers details": [
{
"algorithm": "sha256RSA",
"cert issuer": "DigiCert SHA2 Assured ID Code Signing CA",
"name": "Blizzard Entertainment, Inc.",
"serial number": "04 43 B5 67 BF FB AA 3B C0 83 FE 45 A4 6D D0 41",
"status": "Valid",
"thumbprint": "D3722C638DB40E9045B4380348D6AE8AE0A417D8",
"valid from": "12:00 AM 01/18/2018",
"valid to": "12:00 PM 01/22/2021",
"valid usage": "Code Signing"
},
{
"algorithm": "sha256RSA",
"cert issuer": "DigiCert Assured ID Root CA",
"name": "DigiCert SHA2 Assured ID Code Signing CA",
"serial number": "04 09 18 1B 5F D5 BB 66 75 53 43 B5 6F 95 50 08",
"status": "Valid",
"thumbprint": "92C1588E85AF2201CE7915E8538B492F605B80C6",
"valid from": "12:00 PM 10/22/2013",
"valid to": "12:00 PM 10/22/2028",
"valid usage": "Code Signing"
},
{
"algorithm": "sha1RSA",
"cert issuer": "DigiCert Assured ID Root CA",
"name": "DigiCert",
"serial number": "0C E7 E0 E5 17 D8 46 FE 8F E5 60 FC 1B F0 30 39",
"status": "Valid",
"thumbprint": "0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43",
"valid from": "12:00 AM 11/10/2006",
"valid to": "12:00 AM 11/10/2031",
"valid usage": "Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing"
}
],
"signing date": "12:06 AM 2/15/2019",
"verified": "Signed",
"x509": [
{
"algorithm": "sha1RSA",
"cert issuer": "Thawte Timestamping CA",
"name": "Symantec Time Stamping Services CA - G2",
"serial number": "7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B",
"thumbprint": "6C07453FFDDA08B83707C09B82FB3D15F35336B1",
"valid from": "12:00 AM 12/21/2012",
"valid to": "11:59 PM 12/30/2020",
"valid_usage": "Timestamp Signing"
},
{
"algorithm": "sha1RSA",
"cert issuer": "Symantec Time Stamping Services CA - G2",
"name": "Symantec Time Stamping Services Signer - G4",
"serial number": "EC FF 43 8C 8F EB F3 56 E0 4D 86 A9 81 B1 A5 0",
"thumbprint": "65439929B67973EB192D6FF243E6767ADF0834E4",
"valid from": "12:00 AM 10/18/2012",
"valid to": "11:59 PM 12/29/2020",
"valid_usage": "ff"
},
{
"algorithm": "sha256RSA",
"cert issuer": "DigiCert Assured ID Root CA",
"name": "DigiCert SHA2 Assured ID Code Signing CA",
"serial number": "40 91 81 B5 FD 5B B6 67 55 34 3B 56 F9 55 00 8",
"thumbprint": "92C1588E85AF2201CE7915E8538B492F605B80C6",
"valid from": "12:00 PM 10/22/2013",
"valid to": "12:00 PM 10/22/2028",
"valid_usage": "Code Signing"
},
{
"algorithm": "sha256RSA",
"cert issuer": "DigiCert SHA2 Assured ID Code Signing CA",
"name": "Blizzard Entertainment, Inc.",
"serial number": "44 3B 56 7B FF BA A3 BC 08 3F E4 5A 46 DD 04 1",
"thumbprint": "D3722C638DB40E9045B4380348D6AE8AE0A417D8",
"valid from": "12:00 AM 1/18/2018",
"valid to": "12:00 PM 1/22/2021",
"valid_usage": "Code Signing"
}
]
},
"size": 4902896,
"ssdeep": "98304:zhd3ga/+fpF5bAeDlMcXVFmpJE5qZ03wRtX:zhdv+f5bRmP4q2wtX",
"tags": [
"peexe",
"signed",
"overlay",
"detect-debug-environment",
"runtime-modules"
],
"times_submitted": 1,
"total_votes": {
"harmless": 0,
"malicious": 0
},
"trid": [
{
"file_type": "Windows Control Panel Item (generic)",
"probability": 76.6
},
{
"file_type": "Win64 Executable (generic)",
"probability": 10.7
},
{
"file_type": "Obfuscated subsetted Font",
"probability": 8.5
},
{
"file_type": "Win32 Executable (generic)",
"probability": 1.7
},
{
"file_type": "OS/2 Executable (generic)",
"probability": 0.7
}
],
"type_description": "Win32 EXE",
"type_tag": "peexe",
"unique_sources": 1,
"vhash": "046056656d55756352z1211ze8z2011z31z82z2c030b001e7z"
},
"id": "f0696bc98bf69a953554104b22e5a4d610dbfb344654c3e729a2851acc12c24e",
"links": {
"self": "https://www.virustotal.com/api/v3/files/f0696bc98bf69a953554104b22e5a4d610dbfb344654c3e729a2851acc12c24e"
},
"type": "file"
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
help wanted
Extra attention is needed
P1 - Very important
The most important issues
PROJECT
SECURITY
Virustotal (https://www.virustotal.com/) has a database of checksums that we may be able to fetch in winetricks to check executables prior to invoking them.
So this basically implements a fast anti-virus in winetricks if it works.
The text was updated successfully, but these errors were encountered: