| File Path | Type and Hashes |
|---|
| Match Rules |
|---|
| File Name: | ccsetup551.exe |
| File Type: | PE32 executable (GUI) Intel 80386, for MS Windows |
| SHA1: | c710b0ef88029d2b9ec60f10b8d7c0817efa2cd8 |
| MD5: | 4eb748bc62b36cc2fb9988c670079b56 |
| First Seen Date: | 2018-12-13 17:29:31.075752 ( ) |
| Number of Clients Seen: | 34 |
| Last Analysis Date: | 2019-04-01 19:21:44.438451 ( ) |
| Human Expert Analysis Date: | 2018-12-13 21:16:39.414078 ( ) |
| Human Expert Analysis Result: | Clean |
| Property | Value |
|---|---|
| magic literal enum | 3 |
| file type enum | 6 |
| debug artifacts | [] |
| number of sections | 5 |
| trid | [[52.9, u'Win32 Executable (generic)'], [23.5, u'Generic Win/DOS Executable'], [23.5, u'DOS Executable Generic']] |
| compilation time stamp | 0x5682FC79 [Tue Dec 29 21:34:49 2015 UTC] |
| LegalCopyright | Copyright \xa9 2005-2018 Piriform Software Ltd |
| ProductName | CCleaner |
| FileDescription | CCleaner Installer |
| FileVersion | 5.51.0.6939 |
| CompanyName | Piriform Software Ltd |
| Translation | 0x0000 0x04b0 |
| entry point | 0x403a1c (.text) |
| machine type | Intel 386 or later - 32Bit |
| file size | 19299120 |
| ssdeep | 393216:y30Sa5YL2ZWidtEX8bphj3bgOpi10SVyjaW229SpnU3F194ETL:y30SIcXe1bg8ii2WaWF9SdUV4ETL |
| sha256 | 57c00353b459d6c164e32b1de48a7537dca2788c8d3eda29ba50734ffa800b07 |
| exifinfo | [{u'EXE:FileSubtype': 0, u'File:FilePermissions': u'rw-r--r--', u'SourceFile': u'/nfs/fvs/valkyrie_shared/core/valkyrie_files/c/7/1/0/c710b0ef88029d2b9ec60f10b8d7c0817efa2cd8', u'EXE:ProductName': u'CCleaner', u'File:MIMEType': u'application/octet-stream', u'File:FileAccessDate': u'2019:04:01 18:59:25+00:00', u'EXE:InitializedDataSize': 48128, u'File:FileModifyDate': u'2019:04:01 18:59:25+00:00', u'EXE:FileVersionNumber': u'5.51.0.6939', u'EXE:FileVersion': u'5.51.0.6939', u'File:FileSize': u'18 MB', u'EXE:CharacterSet': u'Unicode', u'EXE:MachineType': u'Intel 386 or later, and compatibles', u'EXE:FileOS': u'Win32', u'EXE:ObjectFileType': u'Executable application', u'File:FileType': u'Win32 EXE', u'EXE:CompanyName': u'Piriform Software Ltd', u'File:FileName': u'c710b0ef88029d2b9ec60f10b8d7c0817efa2cd8', u'EXE:ImageVersion': 6.0, u'File:FileTypeExtension': u'exe', u'EXE:OSVersion': 5.0, u'EXE:PEType': u'PE32', u'EXE:TimeStamp': u'2015:12:29 21:34:49+00:00', u'EXE:FileFlagsMask': u'0x0000', u'EXE:LegalCopyright': u'Copyright \xa9 2005-2018 Piriform Software Ltd', u'EXE:LinkerVersion': 9.0, u'EXE:FileFlags': u'(none)', u'EXE:Subsystem': u'Windows GUI', u'File:Directory': u'/nfs/fvs/valkyrie_shared/core/valkyrie_files/c/7/1/0', u'EXE:FileDescription': u'CCleaner Installer', u'EXE:EntryPoint': u'0x3a1c', u'EXE:SubsystemVersion': 5.0, u'EXE:CodeSize': 29696, u'File:FileInodeChangeDate': u'2019:04:01 18:59:25+00:00', u'EXE:UninitializedDataSize': 16896, u'EXE:LanguageCode': u'Neutral', u'ExifTool:ExifToolVersion': 10.1, u'EXE:ProductVersionNumber': u'5.51.0.6939'}] |
| mime type | application/x-dosexec |
| imphash | 377a97652fdf5740d8cc11d5ce124fed |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|---|---|---|---|---|
| .text | 0x1000 | 0x7250 | 0x7400 | 6.46491468355 | 2cf4cea611906abda27f6bec5b76ffbd |
| .rdata | 0x9000 | 0x2b38 | 0x2c00 | 4.41938697887 | 5275f8cae603f81939930ac752de3d01 |
| .data | 0xc000 | 0x67edc | 0x200 | 1.89688793125 | 3096d49b7b4c3de8338c4639cbb79a13 |
| .ndata | 0x74000 | 0x3a1000 | 0x0 | 0.0 | d41d8cd98f00b204e9800998ecf8427e |
| .rsrc | 0x415000 | 0x8d58 | 0x8e00 | 4.95715411355 | 13df946310c4e4c48c2072a597df03b7 |
-
KERNEL32.dll
- CompareFileTime
- SearchPathW
- GetShortPathNameW
- GetFullPathNameW
- MoveFileW
- SetCurrentDirectoryW
- GetFileAttributesW
- GetLastError
- CreateDirectoryW
- SetFileAttributesW
- Sleep
- GetTickCount
- CreateFileW
- GetFileSize
- GetModuleFileNameW
- GetCurrentProcess
- ExitProcess
- CopyFileW
- GetWindowsDirectoryW
- GetTempPathW
- GetCommandLineW
- GetVersion
- SetFileTime
- lstrcpynA
- lstrlenW
- lstrcpynW
- GetDiskFreeSpaceW
- GlobalUnlock
- GlobalLock
- CreateThread
- CreateProcessW
- lstrcmpiA
- GetTempFileNameW
- lstrcatW
- LoadLibraryW
- GetSystemDirectoryW
- GetProcAddress
- OpenProcess
- lstrcpyW
- LoadLibraryA
- GetVersionExW
- lstrcpyA
- RemoveDirectoryW
- lstrcmpA
- CloseHandle
- lstrcmpiW
- lstrcmpW
- ExpandEnvironmentStringsW
- GlobalAlloc
- WaitForSingleObject
- GetExitCodeProcess
- GlobalFree
- GetModuleHandleW
- LoadLibraryExW
- FreeLibrary
- WritePrivateProfileStringW
- GetPrivateProfileStringW
- WideCharToMultiByte
- lstrlenA
- MulDiv
- WriteFile
- ReadFile
- MultiByteToWideChar
- SetFilePointer
- FindClose
- FindNextFileW
- FindFirstFileW
- DeleteFileW
- SetErrorMode
-
USER32.dll
- IsDlgButtonChecked
- ScreenToClient
- GetMessagePos
- CallWindowProcW
- IsWindowVisible
- LoadBitmapW
- CloseClipboard
- SetClipboardData
- EmptyClipboard
- OpenClipboard
- TrackPopupMenu
- GetWindowRect
- AppendMenuW
- CreatePopupMenu
- GetSystemMetrics
- EndDialog
- EnableMenuItem
- GetSystemMenu
- SetClassLongW
- IsWindowEnabled
- SetWindowPos
- DialogBoxParamW
- GetAsyncKeyState
- CreateWindowExW
- SystemParametersInfoW
- RegisterClassW
- SetDlgItemTextW
- GetDlgItemTextW
- MessageBoxIndirectW
- CharNextA
- CharUpperW
- CharPrevW
- DispatchMessageW
- PeekMessageW
- wvsprintfW
- wsprintfA
- ExitWindowsEx
- DestroyWindow
- CreateDialogParamW
- SetTimer
- SetWindowTextW
- PostQuitMessage
- SetForegroundWindow
- ShowWindow
- wsprintfW
- CheckDlgButton
- LoadCursorW
- SetCursor
- GetWindowLongW
- GetSysColor
- GetClassInfoW
- CharNextW
- FindWindowExW
- IsWindow
- GetDlgItem
- SetWindowLongW
- LoadImageW
- GetDC
- EnableWindow
- InvalidateRect
- SendMessageW
- DefWindowProcW
- BeginPaint
- GetClientRect
- FillRect
- DrawTextW
- EndPaint
- SendMessageTimeoutW
-
GDI32.dll
- SetBkColor
- GetDeviceCaps
- DeleteObject
- CreateBrushIndirect
- CreateFontIndirectW
- SetBkMode
- SetTextColor
- SelectObject
-
SHELL32.dll
- SHBrowseForFolderW
- SHGetPathFromIDListW
- SHGetFileInfoW
- ShellExecuteW
- SHFileOperationW
- SHGetSpecialFolderLocation
-
ADVAPI32.dll
- RegOpenKeyExW
- RegEnumValueW
- RegEnumKeyW
- RegCloseKey
- SetFileSecurityW
- RegDeleteValueW
- RegCreateKeyExW
- RegSetValueExW
- RegDeleteKeyW
- RegQueryValueExW
-
COMCTL32.dll
- ImageList_AddMasked
- ImageList_Destroy
- None
- ImageList_Create
-
ole32.dll
- OleUninitialize
- OleInitialize
- CoTaskMemFree
- CoCreateInstance
{u'lang': u'LANG_ENGLISH', u'name': u'RT_ICON', u'offset': 4282616, u'sha256': u'311239219a488bcbd1998d2aad0ed581a7ea7ea14fd5192fbad11d91368d1e2a', u'type': u'data', u'size': 9640}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_ICON', u'offset': 4292256, u'sha256': u'9bbcc7469ac02148cd0276a994244de64deffea6242722c2d045377f00d51643', u'type': u'data', u'size': 4264}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_ICON', u'offset': 4296520, u'sha256': u'37fa4afffa7d70f0d9ed27b9ee8b39b9c841f71f1ef12d1ccc0035ce4a16872d', u'type': u'dBase IV DBT of @.DBF, block length 1024, next free block index 40, next free block 16776176, next used block 10526884', u'size': 2216}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_ICON', u'offset': 4298736, u'sha256': u'fe475f530de8cd49cbd45bd4a1a463a5f89d5cdf04c789726e23c9813f5f7d4a', u'type': u'GLS_BINARY_LSB_FIRST', u'size': 1384}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_ICON', u'offset': 4300120, u'sha256': u'34cb09fb06cb348710051f0157c23f9a06323c24d0f15def76dc1740d76ba6ab', u'type': u'GLS_BINARY_LSB_FIRST', u'size': 1128}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_ICON', u'offset': 4301248, u'sha256': u'e8f7e1743c045949fd2be45255f6589214eececdb4920e97933dd787ea85eac6', u'type': u'dBase IV DBT of @.DBF, block length 512, next free block index 40, next free block 1887930488, next used block 0', u'size': 744}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4301992, u'sha256': u'15dbd935c3bd14b500c9b7ee334bbb260c9ab44150189707c5305f82a928e1fa', u'type': u'data', u'size': 688}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4302680, u'sha256': u'4fd5c5f2e12c36fa9cc8a43508f770183230907b24040afc6d48ec9cd2a0e984', u'type': u'data', u'size': 344}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4303024, u'sha256': u'a7e5ea849cb343e9b58de221aeb25c9dd4a3748070bfba879a30c4265fc39023', u'type': u'data', u'size': 160}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4303184, u'sha256': u'18466509968c3c0bf92ba410fea075def2b257a5a799a113cbc60f13e75f4b01', u'type': u'data', u'size': 238}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4303424, u'sha256': u'0b9b920401157c3c7b94b19f3a4c26ecdd5004fdc416da4ec2102455bb38a09d', u'type': u'data', u'size': 688}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4304112, u'sha256': u'8e9e4e68c0c0230fec3fa0cb9e335f56dae7f280cc4db5be8808ac5d58570cda', u'type': u'data', u'size': 344}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4304456, u'sha256': u'e705e251daa451ade5cc3f36278401ce4eb8b3e32ca0a7d5b7e03f525934d770', u'type': u'data', u'size': 160}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4304616, u'sha256': u'0fd40b240b9df8f2dece8947dabbebce898f12becca8e196136e4231efba2dc1', u'type': u'data', u'size': 238}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4304856, u'sha256': u'0b9b920401157c3c7b94b19f3a4c26ecdd5004fdc416da4ec2102455bb38a09d', u'type': u'data', u'size': 688}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4305544, u'sha256': u'8e9e4e68c0c0230fec3fa0cb9e335f56dae7f280cc4db5be8808ac5d58570cda', u'type': u'data', u'size': 344}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4305888, u'sha256': u'e705e251daa451ade5cc3f36278401ce4eb8b3e32ca0a7d5b7e03f525934d770', u'type': u'data', u'size': 160}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4306048, u'sha256': u'0fd40b240b9df8f2dece8947dabbebce898f12becca8e196136e4231efba2dc1', u'type': u'data', u'size': 238}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4306288, u'sha256': u'3d8c7d20aba3555ebf801818f206f61d97bfa2af6693c100d61c9af4ecfeadef', u'type': u'data', u'size': 680}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4306968, u'sha256': u'c121038eac92a51c7c0b40d457d271334f4413e33247683d976e889e2e67fff0', u'type': u'data', u'size': 336}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4307304, u'sha256': u'fac1657ebf59503492e63acd008993e2f4e99eeea783438c2bc439d5ec61d061', u'type': u'data', u'size': 152}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4307456, u'sha256': u'8c64a2341dc473a7d8ab4956af589e9a7257c4f05a8dc229f862c16d49ba37e5', u'type': u'data', u'size': 230}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4307688, u'sha256': u'4bc404cfa184c62ad901e62ddb504fbcdf1d3a6d4a491016fb7e3ec55651ba2b', u'type': u'data', u'size': 672}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4308360, u'sha256': u'e773d32e78f58818db3059628a3e2bad9501a7eef9e7077a044efd654060f6b5', u'type': u'data', u'size': 328}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4308688, u'sha256': u'35a4541f6a8d718c035768b617d0f2f59e7b57653058ad2cc0e7ddb77d9513e6', u'type': u'data', u'size': 144}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4308832, u'sha256': u'65fb71b054977a55435f45bbcddddedaa1e1cf43fdd9fc230938d625c3f7edcd', u'type': u'data', u'size': 222}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4309056, u'sha256': u'ec9424bc731e1cee5f5de91ce8cedb1c1f482ea2e7a1fb1dcd93d3440c1f74f8', u'type': u'data', u'size': 668}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4309724, u'sha256': u'a8146a45b453e2b0d3a3760819e0e9f67b0980ce2b06663249fd9551640cfc51', u'type': u'data', u'size': 324}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4310048, u'sha256': u'8ec647f9650b79179d5afc3e2bd8ecaa4b4617ada8c69c22382321a16f2153e0', u'type': u'data', u'size': 140}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4310188, u'sha256': u'a10617b39293152a65ad5c91ca4f35135845c7b785e3a582e58f6c8229045b85', u'type': u'data', u'size': 218}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4310408, u'sha256': u'bf086bbccd6d7e86e2fdf6a579ee8968041e89f7a73d2d988171fc113c49b797', u'type': u'data', u'size': 668}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4311076, u'sha256': u'2a7ad9d0be0cd33ef956e02f9b2fedb4a464bfd1dbafce965a01312b02757cdd', u'type': u'data', u'size': 324}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4311400, u'sha256': u'4d809a7f62bab96e41b9d541bf9326843e646b24d3d6dd621e2f543d79b6db0b', u'type': u'data', u'size': 140}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4311540, u'sha256': u'4677979c1665998318fcb65b9a0c0b3dd9204c12dbddbd5e76df8822ed6e347a', u'type': u'data', u'size': 218}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4311760, u'sha256': u'0b9b920401157c3c7b94b19f3a4c26ecdd5004fdc416da4ec2102455bb38a09d', u'type': u'data', u'size': 688}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4312448, u'sha256': u'8e9e4e68c0c0230fec3fa0cb9e335f56dae7f280cc4db5be8808ac5d58570cda', u'type': u'data', u'size': 344}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4312792, u'sha256': u'e705e251daa451ade5cc3f36278401ce4eb8b3e32ca0a7d5b7e03f525934d770', u'type': u'data', u'size': 160}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4312952, u'sha256': u'0fd40b240b9df8f2dece8947dabbebce898f12becca8e196136e4231efba2dc1', u'type': u'data', u'size': 238}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4313192, u'sha256': u'c86641d9176b611fb6ae3821ac11ed95a95bdf170a365032c7e251f92573f574', u'type': u'data', u'size': 680}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4313872, u'sha256': u'bf56173804100d1ea7135e7926aadca6123ff1dba898d6d1e167ad57a2015199', u'type': u'data', u'size': 336}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4314208, u'sha256': u'b986a2271925e158672715fd4d3f8eb256ed0d3fa58bd5f2dcf1139f2c2e7e26', u'type': u'data', u'size': 152}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_DIALOG', u'offset': 4314360, u'sha256': u'185c7a44f096355b66df20dc2956d57535df4efa96bf52617ee4483c18d07e07', u'type': u'data', u'size': 230}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_GROUP_ICON', u'offset': 4314592, u'sha256': u'4d1c3c68231dea20837695d14d1b1bea4decc056ed7ab93f4ccfb54db096220c', u'type': u'MS Windows icon resource - 6 icons, 32x32, 16 colors', u'size': 90}
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_VERSION', u'offset': 4314684, u'sha256': u'67e525e8e829590b29d9630ca7e14d931bfeb1d483181fdf97fd38e9d489d881', u'type': u'data', u'size': 608}
{u'lang': u'LANG_ENGLISH', u'name': u'RT_MANIFEST', u'offset': 4315292, u'sha256': u'a0fe200e82a36021fd4edd08a36d9780235d2cb4c392a4a92dd2945a323a4b7e', u'type': u'ASCII text, with very long lines, with no line terminators', u'size': 1212}