family_tree_builder_7101.exe

MyHeritage Ltd.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is installed with multiple programs including MyHeritage Family Tree Builder. The file has been seen being downloaded from a.netdna.mhcache.com and multiple other hosts.
Publisher:
MyHeritage Ltd.  (signed and verified)

MD5:
7ba66ef17dc48f626f8a2da75e94be55

SHA-1:
02b0c540a8ab0bdadd021139609e6ecfd9542e98

SHA-256:
d58e204f8fca06aa78dd76175d351b9e68a1444a112b05d7d745c3c44599191c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/2/2024 5:32:35 PM UTC  (today)

File size:
35.2 MB (36,910,896 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\family_tree_builder_7101.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
4/24/2012 2:00:00 AM

Valid to:
3/26/2014 12:59:59 AM

Subject:
CN=MyHeritage Ltd., OU=GENEALOGY RESEARCH, O=MyHeritage Ltd., L=Bnei Atarot, S=Bnei Atarot, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
06EC6BC2F2460615FF9E384A419CF9B5

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:o9FFVc7/twFTw9gLt5/GGprqNnMPBAPQLcNg9A2kYXIznxjKX/5KL5D0vI3i:o9F/c7/E7t5OAyMHF90MIzxePUL5DCu

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file family_tree_builder_7101.exe has been discovered within the following programs.

MyHeritage Family Tree Builder  by MyHeritage.com
Family Tree Builder (FTB) is genealogy software to create family trees. The free download version is distributed as freeware, with no restrictions, although registration is required to run the software.
www.myheritage.com/family-tree-builder
About 2% of users remove it
PrintEco Office  by PrintEco
Some version of the PrintEco web browser extension use the OpenCandy monetization platform to bundle it with 3rd party installers.
57% remove it
 
Powered by Should I Remove It?

The file family_tree_builder_7101.exe has been seen being distributed by the following 4 URLs.

Scan family_tree_builder_7101.exe - Powered by Reason Core Security