ekfvpninstaller.exe

Eszterhazy Karoly College

This is a self-extracting archive and installer. The file has been seen being downloaded from io.ektf.hu.
Publisher:
Eszterhazy Karoly College  (signed and verified)

MD5:
624a742024697d0f08fd281dc1ba0f37

SHA-1:
471273608527c6fee7cda7e22a743f45874818fa

SHA-256:
ef1c60181556ccd66b676b0a8ecefb787d47920f8278f1affea5db855570f661

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/15/2024 6:14:42 AM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/Graftor.BK.gen
v6.4.7.1.166

Rising Antivirus
PE:Spyware.Gen2!6.10EE
23.00.65.16306

File size:
952.7 KB (975,553 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\ekfvpninstaller.exe

Digital Signature
Authority:
Eszterhazy Karoly College

Valid from:
2/26/2008 7:24:55 PM

Valid to:
2/25/2018 7:24:55 PM

Subject:
E=root@ektf.hu, CN=Local Root CA, OU=RIK, O=Eszterhazy Karoly College, L=Eger, S=Heves, C=HU

Issuer:
E=root@ektf.hu, CN=Local Root CA, OU=RIK, O=Eszterhazy Karoly College, L=Eger, S=Heves, C=HU

Serial number:
00830D558E1F574C4F

File PE Metadata
Compilation timestamp:
4/19/2014 7:45:30 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.22

CTPH (ssdeep):
12288:6tITO7iDiuQAcfu9jNdkdEpqk2aumHfsCQKxYhRfc8EccL4Y6jJWNHPxzc4IVY3D:S6wkinAcm9jNdk+ppHJ3Avi

Entry address:
0x1280

Entry point:
83, EC, 1C, C7, 04, 24, 01, 00, 00, 00, FF, 15, B0, E2, 47, 00, E8, 6B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, 83, EC, 1C, C7, 04, 24, 02, 00, 00, 00, FF, 15, B0, E2, 47, 00, E8, 4B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, A1, E8, E2, 47, 00, FF, E0, 89, F6, 8D, BC, 27, 00, 00, 00, 00, A1, DC, E2, 47, 00, FF, E0, 90, 90, 90, 90, 90, 90, 90, 90, 90, 8B, 0D, 54, D2, 46, 00, 85, C9, 74, 38, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, E0, 46, 00, E8, E8, F3, 01, 00, 52, 85, C0, 74...
 
[+]

Code size:
431 KB (441,344 bytes)

The file ekfvpninstaller.exe has been seen being distributed by the following URL.

Scan ekfvpninstaller.exe - Powered by Reason Core Security