ddc5e0f0-5ccc-48b6-a4e5-848f83316b06.exe

PC Reviver

Corel Corporation

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is installed with PC Reviver. The file has been seen being downloaded from www.reviversoft.com and multiple other hosts.
Publisher:
ReviverSoft LLC  (signed by Corel Corporation)

Product:
PC Reviver

Description:
PC Reviver installer

Version:
2.6.1.8

MD5:
e046eb8f251b9d6a40fe1d5560b91742

SHA-1:
1fcafbbd18f3ff7ec1553499fca896119c9f6734

SHA-256:
2af89ce38cb7681324ff25bb83cf8e5de9d75e017fe2888df32829426d929414

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 1:38:18 AM UTC  (today)

File size:
25.4 MB (26,658,904 bytes)

Product version:
2.6.1.8

Copyright:
Copyright (c) 2016 ReviverSoft LLC. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Digital Signature
Authority:
Symantec Corporation

Valid from:
7/31/2015 7:00:00 PM

Valid to:
7/31/2016 6:59:59 PM

Subject:
CN=Corel Corporation, O=Corel Corporation, L=Ottawa, S=Ontario, C=CA

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
4A1405278B355E198E080E13B0A8E885

File PE Metadata
Compilation timestamp:
4/10/2010 7:19:31 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
786432:/skEYH2tXih65UPjIxjuCzHzftmHlF5vGV8:/H2mxj0juCPqX5z

Entry address:
0x354B

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 84, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 98, 06, 47, 00, E8, 67, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, 05, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 86, 40, 00, FF, 15, 80, 81, 40, 00, 68, 04, 86, 40, 00, 68, A0, 85, 46, 00, E8, 35, 26, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 10, 4C, 00, 57, E8, 23, 26, 00, 00...
 
[+]

Entropy:
7.9999

Packer / compiler:
Nullsoft install system v2.x

Code size:
25 KB (25,600 bytes)

The file ddc5e0f0-5ccc-48b6-a4e5-848f83316b06.exe has been discovered within the following program.

PC Reviver  by ReviverSoft LLC
39% remove it
 
Powered by Should I Remove It?

The file ddc5e0f0-5ccc-48b6-a4e5-848f83316b06.exe has been seen being distributed by the following 3 URLs.