home

diagnostic.exe

IL Diagnostic

Image-Line bvba

Publisher:
Image-Line bvba

Product:
IL Diagnostic

Version:
1.3.6.2

MD5:
5721c74295885452adf90eb43e8742f1

SHA-1:
3fb061c27341053e46a5b6b183b64c89365a6f79

SHA-256:
04cf2f8b87206df09dc944f28ea643f67a24ce08f68c4cc9a5aa263f05ca8c84

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/5/2024 3:46:12 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
23.00.65.151222

File size:
3.1 MB (3,266,048 bytes)

Product version:
1.3

Copyright:
Copyright (c) 2003-2015 Image-Line. All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\diagnostic.exe

File PE Metadata
Compilation timestamp:
12/17/2015 5:54:29 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:FNNeqMxGSnHgc7Hi7xeQzvBt+wkZTX5f13gu+nrWRx:FyLAAE8QzvBt+6brG

Entry address:
0x2AAC64

Entry point:
55, 8B, EC, 83, C4, E0, 53, 56, 57, 33, C0, 89, 45, E0, 89, 45, E4, 89, 45, EC, 89, 45, E8, B8, 94, DA, 69, 00, E8, 53, 37, D6, FF, 33, C0, 55, 68, 5B, AE, 6A, 00, 64, FF, 30, 64, 89, 20, A1, 78, 46, 6B, 00, 8B, 00, E8, 29, 39, F5, FF, 68, F4, E1, 6C, 00, 68, FF, 03, 00, 00, E8, 12, 76, D6, FF, 8D, 45, EC, BA, F4, E1, 6C, 00, B9, 00, 02, 00, 00, E8, C8, F5, D5, FF, FF, 75, EC, 68, 78, AE, 6A, 00, B8, F3, 05, 00, 00, E8, 62, BF, D5, FF, 99, 52, 50, E8, F6, 66, F6, FF, 33, D2, 03, 04, 24, 13, 54, 24, 04, 83...
 
[+]

Entropy:
6.6783

Developed / compiled with:
Microsoft Visual C++

Code size:
2.7 MB (2,790,912 bytes)

The file diagnostic.exe has been seen being distributed by the following 3 URLs.

http://www.flstudio.com/diagnostic

http://flstudio.image-line.com/.../

http://downloads.image-line.com/.../diagnostic.exe

Scan diagnostic.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.