» Drev313w.exe
Overview
Analysis
File Details

Drev313w.exe

DRevitalize

Piotr Ułaszewski

File name:

Drev313w.exe

Publisher:

Piotr Ulaszewski (signed by Piotr Ułaszewski)

Product:

DRevitalize

Description:

DRevitalize 3.13

Version:

1, 0, 0, 0

MD5:

2912ffd06d2317f92790e279250a70f8

SHA-1:

9473939de7b3836bffabbcec07cf3b5e272fc77c

SHA-256:

cc8d2e1904eec09c67ce289ab3f711d1b83672524784752c6d328c2abf9adbdc

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

1/1/2025 3:48:16 AM UTC (today)

Scan engine

Detection

Engine version

Qihoo 360 Security

HEUR/QVM20.1.Malware.Gen

1.0.0.1120

Zillya! Antivirus

Trojan.RazyCRTD.Win32.31

2.0.0.2918

File size:

483.8 KB (495,400 bytes)

Product version:

3, 1, 3, 0

Original file name:

Drev313w.exe

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

Piotr Ułaszewski

Authority:

COMODO CA Limited

Valid from:

12/31/2015 9:00:00 AM

Valid to:

12/31/2016 8:59:59 AM

Subject:

CN=Piotr Ułaszewski, O=Piotr Ułaszewski, STREET=Agrestowa 11, L=Suchy Dwór, S=Dolnośląskie, PostalCode=52-271, C=PL

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

008EDC28755CAAE41FA19435513A5036CE

File PE Metadata

Compilation timestamp:

3/2/2016 9:57:13 AM

OS version:

1.11

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.18

CTPH (ssdeep):

3072:zDbookN75y0qxPDrW+sKZibBLkTJgDJr+gPuwYEfwCHPS0BhHhkIOTwBkWw9Awuv:zDkbl5JqxPDS+PZiSTsrZGyfTLoI+ePj

Entry address:

0x28DA2

Entry point:

E9, 79, 1B, 00, 00, 03, 10, 40, 00, 4F, 70, 65, 6E, 20, 57, 61, 74, 63, 6F, 6D, 20, 43, 2F, 43, 2B, 2B, 33, 32, 20, 52, 75, 6E, 2D, 54, 69, 6D, 65, 20, 73, 79, 73, 74, 65, 6D, 2E, 20, 50, 6F, 72, 74, 69, 6F, 6E, 73, 20, 43, 6F, 70, 79, 72, 69, 67, 68, 74, 20, 28, 43, 29, 20, 53, 79, 62, 61, 73, 65, 2C, 20, 49, 6E, 63, 2E, 20, 31, 39, 38, 38, 2D, 32, 30, 30, 32, 2E, 00, 00, C3, C3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 51, 56, 57, 83, EC, 08, 89, C6, 89, D7, 31, D2, 89, C1, 40, 80, 39, 00... 
[+]

Entropy:

4.5232

Packer / compiler:

Xtreme-Protector v1.05

Code size:

193.5 KB (198,144 bytes)

Scan Drev313w.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.