home

ecolotofoot-3.70.exe

CELLARD

Publisher:
CELLARD  (signed and verified)

MD5:
def0698168745b417ebfe35e89401432

SHA-1:
b4afba0b28708a526b766307b55d47ffbd7c9b21

SHA-256:
254758e7268f5b1619d3510edab1e1ea446af0f89efe548a88c3fc3ee256b535

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/16/2024 2:39:31 PM UTC  (today)

Scan engine
Detection
Engine version

Quick Heal
(Suspicious) - DNAScan
5.16.14.00

File size:
1.3 MB (1,344,232 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\ecolotofoot-3.70.exe

Digital Signature
Signed by:
CELLARD

Authority:
The USERTRUST Network

Valid from:
9/4/2006 7:00:00 PM

Valid to:
9/5/2007 6:59:59 PM

Subject:
CN=CELLARD, O=CELLARD, STREET=9 les loggias du colombier, L=Villieu, S=Rhone Alpes, PostalCode=01800, C=FR

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00B81C2DD7E9DFB5FB10088827219B049B

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:iUv2I50XnRy7pK0BNWTfIB33rKqxRFCU5s2CRmp5xphJSWo+5:iUv27hy700BNxvj53+w5xfJSN+5

Entry address:
0xC60C

Entry point:
55, 8B, EC, 83, C4, C0, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, C4, 89, 45, C0, E8, 9B, 6A, FF, FF, E8, 7E, 7F, FF, FF, E8, F9, A1, FF, FF, E8, 40, A2, FF, FF, E8, 2F, A3, FF, FF, E8, 12, F6, FF, FF, BE, 28, 00, 41, 00, 33, C0, 55, 68, 13, CD, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, A3, CC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, F0, 40, 00, E8, E7, FE, FF, FF, E8, AA, F9, FF, FF, 8D, 55, F0, 33, C0, E8, A4, ED, FF, FF, 8B, 55, F0, B8, 8C, FD, 40, 00, E8, 47, 6B, FF, FF, 8B, 15, 8C, FD, 40, 00, B8...
 
[+]

Entropy:
7.9826

Developed / compiled with:
Microsoft Visual C++

Code size:
47.5 KB (48,640 bytes)

Scan ecolotofoot-3.70.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.