cold_turkey_removal_tool.exe

CTRemoval

Felix Belzile

This is a setup program which is used to install the application. The file has been seen being downloaded from getcoldturkey.com.
Publisher:
Felix Logic  (signed by Felix Belzile)

Product:
CTRemoval

Version:
1.0.0.0

MD5:
6d5bdeb1c748205f0458d61415cc6451

SHA-1:
87faee687325b31c1cf7aa696eec78411a268533

SHA-256:
7379b8a22ef5039198225a0a5796321b496d4a1fe476c09e4f8ea0c96cccda12

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/16/2024 11:25:46 PM UTC  (a few moments ago)

File size:
123.2 KB (126,152 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Felix Logic 2016

Original file name:
CTRemoval.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\cold_turkey_removal_tool.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
3/6/2016 9:00:00 PM

Valid to:
3/7/2019 8:59:59 PM

Subject:
CN=Felix Belzile, O=Felix Belzile, STREET=530 Laurier Ave W, L=Ottawa, S=Ontario, PostalCode=K1R 7T1, C=CA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F2D8FD16E5806A3F0A8BBEBB5233B422

File PE Metadata
Compilation timestamp:
3/31/2016 11:51:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:xTwbqbFxDOue4Wrr+4vs9ed0Qa9f01iGikosI7Sk++qiD:xTu+FNSkfviosI7H++B

Entry address:
0x557E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
13.5 KB (13,824 bytes)

The file cold_turkey_removal_tool.exe has been seen being distributed by the following URL.

http://getcoldturkey.com/.../Cold_Turkey_Removal_Tool.exe

Scan cold_turkey_removal_tool.exe - Powered by Reason Core Security