eventlog_dump.exe

ScanTool

中華電信股份有限公司

Publisher:
Chunghwa Telecom Laboratories  (signed by 中華電信股份有限公司)

Product:
ScanTool

Description:
EventLog.exe

Version:
1, 0, 0, 1

MD5:
434e81980d67533fdba17b9e1a559820

SHA-1:
a5be037207351ff6df42eb7113a315b6276597ea

SHA-256:
f8a0b6fd7a21215c5b9396e35e0eea7ab849e3a2d9b6cebec5899195fc56447c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 12:58:22 PM UTC  (today)

File size:
269.2 KB (275,656 bytes)

Product version:
1.0.0.1

Copyright:
(c) Chunghwa Telecom Laboratories. All rights reserved.

Original file name:
EventLog.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\hecheck\apps\malwaredetect\eventlog_dump.exe

Digital Signature
Authority:
Chunghwa Telecom Co., Ltd.

Valid from:
1/4/2016 4:15:48 PM

Valid to:
1/4/2021 4:15:48 PM

Subject:
SERIALNUMBER=0002150305009982, CN=電信研究院資通安全研究所, OU=電信研究院資通安全研究所, O=中華電信股份有限公司, C=TW

Issuer:
OU=Public Certification Authority - G2, O="Chunghwa Telecom Co., Ltd.", C=TW

Serial number:
2ADAFF953665210E55EAD967FE443791

File PE Metadata
Compilation timestamp:
8/25/2016 9:29:16 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
6144:lntPl9GslR/G0BYAT1NaXQqHI/W5fQL+7f2R8XVzpZ:ltP3HYAT1NarHJ5fQif2W5pZ

Entry address:
0x177C0

Entry point:
E8, D4, BD, 00, 00, E9, A5, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 60, 00, 43, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 30, E1, 42, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63...
 
[+]

Entropy:
6.2724

Code size:
178.5 KB (182,784 bytes)

Scan eventlog_dump.exe - Powered by Reason Core Security