CwUpdate.exe

CwUpdate

eClinicalWorks LLC

Publisher:
eclinicalworks  (signed by eClinicalWorks LLC)

Product:
CwUpdate

Version:
4.00.0008

MD5:
0c8ef1e29aafcd2890edb2ef52f5fb8b

SHA-1:
9403c3d1465e5352b4d0e56062916323085cc6f8

SHA-256:
35cfae80d2887caa7bdb92a5af201a845e3fef8e25e4a5c25e563897a106e0d7

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/22/2024 11:47:32 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Dropper.Gen
7.11.5.5

IKARUS anti.virus
Trojan-Dropper
t3scan.1.1.97.0

File size:
157.8 KB (161,624 bytes)

Product version:
4.00.0008

Original file name:
CwUpdate.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\eclinicalworks\cwupdate.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
1/26/2011 6:00:00 PM

Valid to:
1/27/2012 5:59:59 PM

Subject:
CN=eClinicalWorks LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=eClinicalWorks LLC, L=Westborough, S=Massachusetts, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
73484DE74054DEE8BF33CADB9177F622

File PE Metadata
Compilation timestamp:
1/20/2011 5:46:03 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:t/RBjx4BW3eP26HQOLdEfCiqSBR8RD0DroaeRZMK07UMl4MFGhxC:t/ZtZOLdEfrqSBRYD0DroaeRZMK07UMA

Entry address:
0x25E4

Entry point:
68, 88, 2A, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 5D, A0, C2, 46, 33, 0E, 85, 4B, B5, 1C, B7, 5C, 54, 0F, CA, 34, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 20, 20, 20, 3D, 20, 20, 43, 77, 55, 70, 64, 61, 74, 65, 00, 20, 20, 20, 20, 54, 61, 62, 00, 00, 00, 00, FF, CC, 31, 00, 08, 93, 74, D2, 64, 59, 95, 7F, 41, 8F, 61, 2F, 33, 0A, 4C, C9, CF, B5, 70, 1D, F9, 6A, 24, BC, 4C, 82, 42, 09, 2C, AF, AB, E8, AE, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
5.6936

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
140 KB (143,360 bytes)

Scan CwUpdate.exe - Powered by Reason Core Security