91f7.tmp.exe

Ferunkimagnetos

Daniel Atallah

Publisher:
Daniel Atallah  (signed and verified)

Product:
Ferunkimagnetos

Version:
4.03.0009

MD5:
373d901f0544d248f4bfff6a3bbbfb36

SHA-1:
00ae29cc3f7aba4c2fbf3882ec42a8ee590c89d0

SHA-256:
e4706d1ca296f6192b2facc9f7f76e419a563d2c71071998dba12b84d689e448

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/25/2024 5:27:44 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Evo-gen [Susp]
160216-0

File size:
653.8 KB (669,496 bytes)

Product version:
4.03.0009

Original file name:
fsefesf.exe

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\users\{user}\appdata\local\temp\91f7.tmp.exe

Digital Signature
Signed by:

Authority:
StartCom Ltd.

Valid from:
9/19/2012 12:48:58 PM

Valid to:
9/21/2014 2:56:51 AM

Subject:
E=datallah@pidgin.im, CN=Daniel Atallah, L=Holland, S=Michigan, C=US, Description=FWg32Q3ZaA4V01lM

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
075E

File PE Metadata
Compilation timestamp:
3/2/2016 10:15:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:0b7Aepewe8ObfXh8Nob8NfW9t7ewiWX45DGa91oG4PtfkmPfPE:0SfXh8LRYt7di9ll994F8OPE

Entry address:
0x1778

Entry point:
68, A8, 19, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 80, 33, 5D, D8, 47, 97, D9, 40, 93, CF, FB, 46, 00, FD, FA, AB, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, F0, 21, 36, 03, 46, 65, 72, 75, 6E, 6B, 69, 6D, 61, 67, 6E, 65, 74, 6F, 73, 00, 00, 00, 00, 00, FF, CC, 31, 00, 00, 38, 65, 18, 8F, 6D, DF, D6, 4A, 9D, E2, 74, E5, D1, 6D, 2A, FB, BC, CF, DB, 11, A6, E5, 25, 42, 98, 3F, CF, 74, 73, 13, E9, 30, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
4.6311

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
632 KB (647,168 bytes)

Scan 91f7.tmp.exe - Powered by Reason Core Security