cardworkssetup_v1.14.exe

CardWorks

NCH Software

This is a setup program which is used to install the application. This is installed with CardWorks Business Card Software. The file has been seen being downloaded from www.arxeiorama.gr and multiple other hosts.
Publisher:
NCH Software  (signed and verified)

Product:
CardWorks

Description:
CardWorks Business Card Software

Version:
1.14

MD5:
e6453fe44aa5bb9e6cd570dfc38df312

SHA-1:
86d921fae19422a89d0bdb42f336b73ba2e84653

SHA-256:
4d13e15d881ffc0f838d1487fe50cc58544639665776035113e913ddee121175

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 6:45:26 PM UTC  (today)

File size:
853.6 KB (874,056 bytes)

Copyright:
NCH Software

File type:
Executable application (Win32 EXE)

Language:
English (Australia)

Common path:
C:\Program Files\nch software\cardworks\cardworkssetup_v1.14.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
5/19/2013 8:00:00 PM

Valid to:
8/7/2015 7:59:59 PM

Subject:
CN=NCH Software, O=NCH Software, L=Canberra, S=Australian Capital Territory, C=AU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
6A560820FA3E9AD8E5411734B1D40AD5

File PE Metadata
Compilation timestamp:
12/10/2013 12:05:55 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:NdR3n0hsUIHi/+bWrRr6KH8UXn/b7u1rQBsbP0AnK932+FuGxnUSd0q9OjHwHtJP:J30KUuu+atBj/vbIQRFZFgjHwNAWnF

Entry address:
0x21D8

Entry point:
55, 8B, EC, 83, E4, F8, 81, EC, FC, 16, 00, 00, 53, 56, 57, E8, 03, FF, FF, FF, 33, DB, 3B, C3, 89, 44, 24, 14, 0F, 85, DF, 03, 00, 00, 6A, 06, 53, FF, 15, 88, 10, 40, 00, FF, 15, 4C, 10, 40, 00, 68, 6C, 14, 40, 00, 8B, F0, E8, CB, 03, 00, 00, 85, C0, 74, 10, 68, 7C, 14, 40, 00, 68, 80, 14, 40, 00, FF, 15, 00, 10, 40, 00, 68, 90, 14, 40, 00, 8B, C6, E8, AB, 03, 00, 00, 3B, C3, 74, 49, 83, C0, 0E, EB, 08, 66, 83, F9, 20, 75, 0A, 40, 40, 0F, B7, 08, 66, 3B, CB, 75, F0, 0F, B7, 08, 33, F6, 66, 3B, CB, 74, 20...
 
[+]

Entropy:
7.9946

Developed / compiled with:
Microsoft Visual C++

The file cardworkssetup_v1.14.exe has been discovered within the following program.

During installation the program will offer the user to install the NCH Toolbar, an ad-supported web browser toolbar.
www.nch.com.au/index.html
18% remove it
 
Powered by Should I Remove It?

The file cardworkssetup_v1.14.exe has been seen being distributed by the following 8 URLs.

http://www.arxeiorama.gr/files/.../cardworkssetup.exe

http://cardworks-free-business-card-software.soft32.com/get/file/id/.../?no_download_manager=true

Scan cardworkssetup_v1.14.exe - Powered by Reason Core Security