Architecture |
IMAGE_FILE_MACHINE_I386
|
---|---|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
Compilation Date | 2022-May-09 17:51:06 |
Detected languages |
English - United States
French - France Portuguese - Brazil Russian - Russia Spanish - Spain (International sort) |
Debug artifacts |
D:\work\8b0ebd312dc47f30\projects\avast\microstub\x86\Release\microstub.pdb
|
CompanyName | AVAST Software |
Edition | 22 |
FileDescription | Avast Installer |
FileVersion | 2.1.78.0 |
InternalName | microstub |
LegalCopyright | Copyright (c) 2022 AVAST Software |
OriginalFilename | microstub.exe |
ProductName | Avast |
ProductVersion | 2.1.78.0 |
Info | Matching compiler(s): | Microsoft Visual C++ 6.0 - 8.0 |
Info | Interesting strings found in the binary: |
Contains domain names:
|
Info | Libraries used to perform cryptographic operations: | Microsoft's Cryptography API |
Malicious | The PE contains functions mostly used by malware. |
[!] The program may be hiding some of its imports:
|
Info | The PE is digitally signed. |
Signer: Avast Software s.r.o.
Issuer: DigiCert SHA2 Assured ID Code Signing CA |
Suspicious | No VirusTotal score. | This file has never been scanned on VirusTotal. |
e_magic | MZ |
---|---|
e_cblp | 0x90 |
e_cp | 0x3 |
e_crlc | 0 |
e_cparhdr | 0x4 |
e_minalloc | 0 |
e_maxalloc | 0xffff |
e_ss | 0 |
e_sp | 0xb8 |
e_csum | 0 |
e_ip | 0 |
e_cs | 0 |
e_ovno | 0 |
e_oemid | 0 |
e_oeminfo | 0 |
e_lfanew | 0x118 |
Signature | PE |
---|---|
Machine |
IMAGE_FILE_MACHINE_I386
|
NumberofSections | 6 |
TimeDateStamp | 2022-May-09 17:51:06 |
PointerToSymbolTable | 0 |
NumberOfSymbols | 0 |
SizeOfOptionalHeader | 0xe0 |
Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
Magic | PE32 |
---|---|
LinkerVersion | 14.0 |
SizeOfCode | 0x21200 |
SizeOfInitializedData | 0x1ea00 |
SizeOfUninitializedData | 0 |
AddressOfEntryPoint | 0x00001020 (Section: .text) |
BaseOfCode | 0x1000 |
BaseOfData | 0x23000 |
ImageBase | 0x400000 |
SectionAlignment | 0x1000 |
FileAlignment | 0x200 |
OperatingSystemVersion | 5.1 |
ImageVersion | 0.0 |
SubsystemVersion | 5.1 |
Win32VersionValue | 0 |
SizeOfImage | 0x44000 |
SizeOfHeaders | 0x400 |
Checksum | 0x455bc |
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
SizeofStackReserve | 0x100000 |
SizeofStackCommit | 0x1000 |
SizeofHeapReserve | 0x100000 |
SizeofHeapCommit | 0x1000 |
LoaderFlags | 0 |
NumberOfRvaAndSizes | 16 |
WindowsCodecs.dll |
WICConvertBitmapSource
|
---|---|
KERNEL32.dll |
SetLastError
Sleep GetFileSizeEx WriteFile SetEndOfFile SetFilePointerEx LocalFree CloseHandle MapViewOfFile UnmapViewOfFile CreateFileMappingW EnumResourceNamesW GetWindowsDirectoryW CreateDirectoryW CreateFileW CreateThread GetSystemTimeAsFileTime GetNativeSystemInfo lstrcatA lstrlenA GetVersionExA GetCurrentProcess GetExitCodeProcess ResumeThread ReleaseMutex WaitForSingleObject CreateMutexW CreateProcessW GetPrivateProfileIntW GetPrivateProfileStringW GetDiskFreeSpaceExW CopyFileW MoveFileExW CreateHardLinkW GetProcAddress HeapAlloc GetProcessHeap HeapSetInformation ExitProcess IsProcessorFeaturePresent lstrcpyW GetModuleHandleW GetSystemDirectoryW SetDllDirectoryW WriteConsoleW FlushFileBuffers GetConsoleMode GetConsoleCP SetStdHandle LCMapStringW FreeEnvironmentStringsW GetEnvironmentStringsW GetCPInfo GetOEMCP IsValidCodePage FindNextFileW FindFirstFileExW GetLastError HeapFree InterlockedExchangeAdd GetVersionExW FindResourceW LoadLibraryW SizeofResource LoadResource GlobalFree GlobalUnlock GlobalLock FindClose GetFileType GlobalAlloc FreeLibrary LockResource InterlockedExchange RaiseException GetSystemInfo VirtualProtect VirtualQuery LoadLibraryExA DecodePointer GetVersion HeapDestroy HeapReAlloc HeapSize InitializeCriticalSectionAndSpinCount DeleteCriticalSection DeviceIoControl GetVolumeNameForVolumeMountPointW GetVolumePathNameW MultiByteToWideChar WideCharToMultiByte EnterCriticalSection LeaveCriticalSection SetEvent ResetEvent WaitForSingleObjectEx CreateEventW QueryPerformanceCounter GetCurrentProcessId GetCurrentThreadId InitializeSListHead IsDebuggerPresent UnhandledExceptionFilter SetUnhandledExceptionFilter GetStartupInfoW TerminateProcess OutputDebugStringW RtlUnwind EncodePointer TlsAlloc TlsGetValue TlsSetValue TlsFree LoadLibraryExW GetCommandLineA GetCommandLineW GetStdHandle GetModuleFileNameW GetModuleHandleExW GetACP GetStringTypeW |
USER32.dll |
ReleaseDC
GetMessageW TranslateMessage SendMessageW AllowSetForegroundWindow PostMessageW wsprintfA LoadStringW MessageBoxExW wsprintfW SystemParametersInfoW IsDialogMessageW LoadImageW DestroyIcon FindWindowW FillRect InvalidateRect EndPaint BeginPaint DefWindowProcW GetDC SetForegroundWindow GetSystemMetrics KillTimer SetTimer SetFocus SetWindowPos DestroyWindow CreateWindowExW RegisterClassExW PostQuitMessage DispatchMessageW |
GDI32.dll |
CreatePatternBrush
GetObjectW CreateDIBSection SelectObject GetTextExtentPoint32W DeleteObject CreateSolidBrush CreateFontIndirectW |
ADVAPI32.dll |
CryptDestroyHash
CryptHashData CryptCreateHash CryptGenRandom CryptGetHashParam CryptReleaseContext CryptAcquireContextA GetSidSubAuthorityCount GetSidSubAuthority IsValidSid GetTokenInformation OpenProcessToken ConvertStringSecurityDescriptorToSecurityDescriptorA |
ole32.dll |
CreateStreamOnHGlobal
CoCreateInstance CoInitializeEx |
COMCTL32.dll |
#17
|
CRYPT32.dll |
CryptStringToBinaryW
|
SHELL32.dll (delay-loaded) |
SHGetFolderPathW
|
Attributes | 0x1 |
---|---|
Name | SHELL32.dll |
ModuleHandle | 0x2d9b8 |
DelayImportAddressTable | 0x2f000 |
DelayImportNameTable | 0x2bd2c |
BoundDelayImportTable | 0x2be60 |
UnloadDelayImportTable | 0 |
TimeStamp | 1970-Jan-01 00:00:00 |
Avast Antivirus |
Avast Antivirus Installer |
Global\{32B25EF2-80FD-4C66-97E1-0890D9E9F87B} |
{08CF729B-3FA8-477D-B80C-42CA25A49937} |
avastSfxProgressClass |
UA-58120669-3 |
{08CF729B-3FA8-477D-B80C-42CA25A49938} |
Avast Microstub/2.1 |
iavs9x.u.avast.com |
iavs9x.u.avast.com |
iavs9x-xp/avast_free_antivirus_setup_online.exe |
iavs9x-xp/avast_pro_antivirus_setup_online.exe |
iavs9x-xp/avast_internet_security_setup_online.exe |
/iavs9x-xp/avast_premier_antivirus_setup_online.exe |
iavs9x/avast_free_antivirus_setup_online.exe |
/iavs9x/avast_pro_antivirus_setup_online.exe |
/iavs9x/avast_internet_security_setup_online.exe |
iavs9x/avast_premium_security_setup_online.exe |
iavs9x/avast_omni_setup_online.exe |
iavs9x/avast_one_essential_setup_online.exe |
iavs9x/avast_one_setup_online.exe |
iavs9x/avast_free_antivirus_setup_online_x64.exe |
/iavs9x/avast_pro_antivirus_setup_online_x64.exe |
/iavs9x/avast_internet_security_setup_online_x64.exe |
iavs9x/avast_premium_security_setup_online_x64.exe |
iavs9x/avast_omni_setup_online_x64.exe |
iavs9x/avast_one_essential_setup_online_x64.exe |
iavs9x/avast_one_setup_online_x64.exe |
avast_free_antivirus_setup_online.exe |
avast_pro_antivirus_setup_online.exe |
avast_internet_security_setup_online.exe |
avast_premium_security_setup_online.exe |
avast_business_antivirus_setup_online.exe |
avast_business_antivirus_setup_online.exe |
avast_omni_setup_online.exe |
avast_one_essential_setup_online.exe |
avast_one_setup_online.exe |
avast_free_antivirus_setup_online_x64.exe |
avast_pro_antivirus_setup_online_x64.exe |
avast_internet_security_setup_online_x64.exe |
avast_premium_security_setup_online_x64.exe |
avast_business_antivirus_setup_online_x64.exe |
avast_business_antivirus_setup_online_x64.exe |
avast_omni_setup_online_x64.exe |
avast_one_essential_setup_online_x64.exe |
avast_one_setup_online_x64.exe |
Avast Free Antivirus |
Avast Antivirus Gratuit |
Avast Free Antivirus |
Avast Free Antivirus |
Avast Free Antivirus |
Avast One Essential |
Avast One Essentiel |
Avast One Essential |
Avast One Essential |
Avast One Essential |
Avast One |
Ready to install Avast Free Antivirus? |
Avast One |
Avast Antivirus Gratuit |
Avast One |
Avast Free Antivirus |
Avast One |
Avast Free Antivirus |
Avast One |
Avast Free Antivirus |
Ready to install Avast One Essential? |
Ready to install Avast One? |
Avast One Essentiel |
Avast One |
Avast One Essential |
Avast One |
Avast One Essential |
Avast One |
Avast One Essential |
Avast One |
Feel free to surf the web or grab a coffee. |
We'll let you know when we're done. |
Avast Antivirus Gratuit |
Avast Free Antivirus |
Avast Free Antivirus |
Avast Free Antivirus |
Feel free to surf the web or grab a coffee. |
We'll let you know when we're done. |
Feel free to surf the web or grab a coffee. |
We'll let you know when we're done. |
Avast One Essentiel |
Avast One |
Avast One Essential |
Avast One |
Avast One Essential |
Avast One |
Avast One Essential |
Avast One |
Install |
Cancel |
Connect to the internet to install %s |
You need an active internet connection to install %s. Please connect to your network and try again. |
Avast is being installed. Do not shutdown. |
We are sorry but Avast Antivirus cannot run on your computer because your processor does not support SSE2 instruction set. |
We are sorry but Avast Antivirus requires at least Windows XP SP3. |
We are sorry but there is not enough free space available! Free some space and run the installer again. |
We are sorry but there seems to be a problem connecting to Avast servers! Check your Internet connection and run the installer again. |
We are sorry but the installer must be run at high integrity level! |
Tip: Do not run under built-in Administrator user or use different browser to dowload an installer. |
We are sorry but the Avast Antivirus installer cannot run on arm64 devices. |
Tip: Check our website if there is a supported version. |
Installer |
Annuler |
Pour installer %s, vous devez vous connecter à Internet |
Pour installer %s, vous devez disposer d'une connexion Internet active. Veuillez vous connecter à votre réseau et réessayer. |
Avast est en cours d'installation. N'éteignez pas l'ordinateur. |
Malheureusement, votre ordinateur ne peut pas exécuter Avast Antivirus car son processeur ne prend pas en charge le jeu d'instructions SSE2. |
Malheureusement, Avast Antivirus requiert au moins Windows XP SP3. |
Malheureusement, vous n'avez pas assez d'espace libre ! Libérez de l'espace et relancez le programme d'installation. |
Il semble y avoir un problème de connexion avec les serveurs d'Avast. Vérifiez votre connexion Internet et relancez le programme d'installation. |
Malheureusement, le programme d'installation doit être exécuté à un niveau d'intégrité élevé. |
Conseil : Ne pas l'exécuter sous l'utilisateur Administrateur intégré ou utiliser un autre navigateur pour télécharger le programme d'installation. |
Nous sommes désolés mais le programme d'installation d'Avast Antivirus ne peut pas fonctionner sur les appareils ARM64. |
Astuce : Vérifiez sur notre site web s'il existe une version compatible. |
Instalar |
Cancelar |
Conecte-se à internet para instalar o %s |
Você precisa de uma conexão de internet ativa para instalar o %s. Conecte-se à sua rede e tente de novo. |
O Avast está sendo instalado. Não desligue. |
Infelizmente seu computador não pode executar o Avast Antivirus porque seu processador não é compatível com o conjunto de instruções SSE2. |
Lamentamos, mas o Avast Antivirus necessita pelo menos do Windows XP SP3. |
Infelizmente não há espaço em disco suficiente! Libere espaço para executar o programa de instalação novamente. |
Lamentamos, mas parece que há um problema para conectar os servidores Avast! Verifique sua conexão de internet e execute o programa de instalação novamente. |
Lamentamos, mas o programa de instalação deve ser executado em um alto nível de integridade! |
Dica: Não o execute sob um usuário Administrador integrado e nem use um navegador diferente para baixar o programa de instalação. |
Lamentamos, mas o instalador do Avast Antivirus não pode ser executado em dispositivos arm64. |
Dica: Veja se há uma versão compatível em nosso site. |
Установить |
Отменить |
Подключитесь к Интернету, чтобы установить %s |
Чтобы установить %s, требуется исправное подключение к Интернету. Подключитесь к своей сети и повторите попытку. |
Устанавливается антивирус Avast. Не выключайте систему. |
К сожалению, невозможно запустить Avast Antivirus на вашем компьютере, поскольку ваш процессор не поддерживает набор инструкций SSE2. |
К сожалению, для работы Avast Antivirus требуется как минимум Windows XP SP3. |
К сожалению, недостаточно свободного места! Освободите место и снова запустите установщик. |
К сожалению, похоже, возникла проблема с подключением к серверам Avast! Проверьте подключение к Интернету и снова запустите установщик. |
К сожалению, установщик нужно запускать с высоким уровнем целостности! |
Совет: не запускайте его из встроенной учётной записи администратора или используйте другой браузер для загрузки установщика. |
К сожалению, установщик Avast Antivirus не работает на устройствах arm64. |
Совет: проверьте на нашем сайте, есть ли поддерживаемая версия. |
Instalar |
Cancelar |
Conéctese a Internet para instalar %s |
Necesita una conexión a Internet activa para instalar %s. Por favor, conéctese a su red e inténtelo de nuevo. |
Avast se está instalando. No apague. |
Lo sentimos, Avast Antivirus no se puede ejecutar en su equipo porque su procesador no es compatible con el conjunto de instrucciones SSE2. |
Lo sentimos, Avast Antivirus requiere al menos Windows XP SP3. |
Lo sentimos, no queda espacio disponible suficiente. Libere algo de espacio y vuelva a ejecutar el programa de instalación. |
Lo sentimos, parece que hay un problema para conectar a los servidores de Avast. Compruebe su conexión a Internet y vuelva a ejecutar el programa de instalación. |
Lo sentimos, el programa de instalación debe ejecutarse con nivel de integridad elevado. |
Consejo: no lo ejecute bajo el usuario Administrador integrado ni utilice un navegador diferente para descargar el programa de instalación. |
Lo sentimos, el programa de instalación de Avast Antivirus no se puede ejecutar en dispositivos arm64. |
Consejo: compruebe en nuestro sitio web si existe una versión compatible. |
Signature | 0xfeef04bd |
---|---|
StructVersion | 0x10000 |
FileVersion | 2.1.78.0 |
ProductVersion | 2.1.78.0 |
FileFlags | (EMPTY) |
FileOs |
VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
|
FileType |
VFT_APP
|
Language | English - United States |
CompanyName | AVAST Software |
Edition | 22 |
FileDescription | Avast Installer |
FileVersion (#2) | 2.1.78.0 |
InternalName | microstub |
LegalCopyright | Copyright (c) 2022 AVAST Software |
OriginalFilename | microstub.exe |
ProductName | Avast |
ProductVersion (#2) | 2.1.78.0 |
Resource LangID | English - United States |
---|
Characteristics |
0
|
---|---|
TimeDateStamp | 2022-May-09 17:51:06 |
Version | 0.0 |
SizeofData | 100 |
AddressOfRawData | 0x2a9a8 |
PointerToRawData | 0x28fa8 |
Referenced File | D:\work\8b0ebd312dc47f30\projects\avast\microstub\x86\Release\microstub.pdb |
Characteristics |
0
|
---|---|
TimeDateStamp | 2022-May-09 17:51:06 |
Version | 0.0 |
SizeofData | 20 |
AddressOfRawData | 0x2aa0c |
PointerToRawData | 0x2900c |
Characteristics |
0
|
---|---|
TimeDateStamp | 2022-May-09 17:51:06 |
Version | 0.0 |
SizeofData | 1016 |
AddressOfRawData | 0x2aa20 |
PointerToRawData | 0x29020 |
Characteristics |
0
|
---|---|
TimeDateStamp | 2022-May-09 17:51:06 |
Version | 0.0 |
SizeofData | 0 |
AddressOfRawData | 0 |
PointerToRawData | 0 |
StartAddressOfRawData | 0x42ae28 |
---|---|
EndAddressOfRawData | 0x42ae30 |
AddressOfIndex | 0x42da54 |
AddressOfCallbacks | 0x423328 |
SizeOfZeroFill | 0 |
Characteristics |
IMAGE_SCN_ALIGN_4BYTES
|
Callbacks | (EMPTY) |
Size | 0xa0 |
---|---|
TimeDateStamp | 1970-Jan-01 00:00:00 |
Version | 0.0 |
GlobalFlagsClear | (EMPTY) |
GlobalFlagsSet | (EMPTY) |
CriticalSectionDefaultTimeout | 0 |
DeCommitFreeBlockThreshold | 0 |
DeCommitTotalFreeThreshold | 0 |
LockPrefixTable | 0 |
MaximumAllocationSize | 0 |
VirtualMemoryThreshold | 0 |
ProcessAffinityMask | 0 |
ProcessHeapFlags | (EMPTY) |
CSDVersion | 0 |
Reserved1 | 0 |
EditList | 0 |
SecurityCookie | 0x42d008 |
SEHandlerTable | 0x42a920 |
SEHandlerCount | 34 |
GuardCFCheckFunctionPointer | 4338416 |
GuardCFDispatchFunctionPointer | 0 |
GuardCFFunctionTable | 0 |
GuardCFFunctionCount | 0 |
GuardFlags | (EMPTY) |
CodeIntegrity.Flags | 0 |
CodeIntegrity.Catalog | 0 |
CodeIntegrity.CatalogOffset | 0 |
CodeIntegrity.Reserved | 0 |
GuardAddressTakenIatEntryTable | 0 |
GuardAddressTakenIatEntryCount | 0 |
GuardLongJumpTargetTable | 0 |
GuardLongJumpTargetCount | 0 |
XOR Key | 0x860db1f8 |
---|---|
Unmarked objects | 0 |
241 (40116) | 11 |
243 (40116) | 126 |
242 (40116) | 24 |
C objects (VS 2015/2017 runtime 26706) | 18 |
ASM objects (VS 2015/2017 runtime 26706) | 21 |
C objects (27045) | 2 |
C++ objects (VS 2015/2017 runtime 26706) | 48 |
Total imports | 210 |
Imports (VS2008 SP1 build 30729) | 17 |
C++ objects (VS2008 SP1 build 30729) | 1 |
C++ objects (27045) | 13 |
Resource objects (27045) | 1 |
151 | 2 |
Linker (27045) | 1 |