home

CryptoPreventFilterMod.exe

CryptoPrevent

Foolish IT LLC

Publisher:
Foolish IT LLC  (signed and verified)

Product:
CryptoPrevent

Version:
1.00

MD5:
9f001c33419ebac5ab9f148a398e6da2

SHA-1:
b0bd492f881a080f28bfbdb862028b17a483f8e5

SHA-256:
465bf96d68dd15992c4d2fa9cca52855bf86800d2cf63ec2028dbd1207769125

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 2:55:02 AM UTC  (today)

File size:
383.1 KB (392,336 bytes)

Product version:
1.00

Original file name:
CryptoPreventFilterMod.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\danpc inc\cryptolocker prevention\cryptopreventfiltermod.exe

Digital Signature
Signed by:
Foolish IT LLC

Authority:
StartCom Ltd.

Valid from:
5/10/2014 2:38:40 AM

Valid to:
5/9/2016 10:34:08 PM

Subject:
E=foolishtech@foolishit.com, CN=Foolish IT LLC, O=Foolish IT LLC, L=Manteo, S=North Carolina, C=US, Description=D9J0KaT9DvjE2CWD

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
0E63

File PE Metadata
Compilation timestamp:
6/14/2014 7:47:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:MQGJUuxzP0fa/wO+SOfoHoxFWulyCLCSL5E0Z+wStmLqw62Aq52iYDI5H:MhauxzZYOWMyFO0Z+w8OxbAq52iYDeH

Entry address:
0x4BC4

Entry point:
68, C0, 50, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 48, 00, 00, 00, 00, 00, 00, 00, EF, 75, 3B, 7C, A6, 3F, 47, 48, BC, 0F, 7D, 31, 43, 24, C9, 5D, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 43, 72, 79, 70, 74, 6F, 50, 72, 65, 76, 65, 6E, 74, 46, 69, 6C, 74, 65, 72, 4D, 6F, 64, 00, 00, 00, 00, 00, 00, 01, 00, 0D, 00, 34, 6A, 40, 00, 00, 00, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, 00, 00, 00, 00, F8, 6C, 40, 00, 9C, B1, 44, 00, 00, 00, 00, 00, 48, 3A, 1B, 00...
 
[+]

Entropy:
6.0461

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
296 KB (303,104 bytes)

Scan CryptoPreventFilterMod.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.