EverSyncIE.exe

Eversync IE

Kuzma Safonov

The application EverSyncIE.exe by Kuzma Safonov has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
FVD Media INC  (signed by Kuzma Safonov)

Product:
Eversync IE

Version:
1.0.0.68

MD5:
16630ffc85b2dd8e462e0914ea36cc6b

SHA-1:
fbe82465276202c44d020270496a6f21314314e9

SHA-256:
ef6eff606db3e4d3da4071d561ec22cff2eef5114cb5bce10ca3485d8b45504e

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 12:40:21 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.KuzmaSaf (M)
16.7.14.12

File size:
246.6 KB (252,488 bytes)

Product version:
1.0.0.68

Copyright:
Copyright © 2013

Original file name:
EverSyncIE.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\apps\2.0\vxcqvk3t.hyx\ny7bcnjg.5k7\ever..tion_03b4ed52e034855b_0001.0000_54d3ef27c86451dc\eversyncie.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
3/6/2013 1:00:00 AM

Valid to:
3/7/2014 12:59:59 AM

Subject:
CN=Kuzma Safonov, O=Kuzma Safonov, STREET=Yunis-Abad 15-43-18, L=Tashkent, S=TO, PostalCode=700180, C=UZ

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
3D3E9E49F69694F758C95CA1A2192AF2

File PE Metadata
Compilation timestamp:
1/8/2014 5:51:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:ACWaEk2ipxgU06r5YBPyeb2rWSz3ixU0Gu6sYGBkubTfPR0uHYeZ66eKfI81tZOZ:AdF7KxBCPcD6/7iB

Entry address:
0x247DE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 03, 00, 03, 00, 00, 00, 28, 00, 00, 80, 0E, 00, 00, 00, 68, 00, 00, 80, 10, 00, 00, 00, 80, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 06, 00, 02, 00, 00, 00, 98, 00, 00, 80, 03, 00, 00, 00, B0, 00, 00, 80, 04, 00, 00, 00, C8, 00, 00, 80, 05, 00, 00, 00, E0, 00, 00, 80, 06, 00, 00, 00, F8, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
138 KB (141,312 bytes)

Remove EverSyncIE.exe - Powered by Reason Core Security