family_tree_builder_7105.exe

MyHeritage Ltd.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is installed with MyHeritage Family Tree Builder. The file has been seen being downloaded from a.netdna.mhcache.com.
Publisher:
MyHeritage Ltd.  (signed and verified)

MD5:
3a8f31fd47e13712ff3e99b0ab425edb

SHA-1:
f5405de9d046eb5456505d18c7e2289b56481b09

SHA-256:
a4a25f5319ee244a5e074cefc72ce8e44fd19c613176f2329f9b3ec53bdff5ca

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 7:37:30 PM UTC  (today)

File size:
35.2 MB (36,875,344 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\family_tree_builder_7105.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
4/24/2012 2:00:00 AM

Valid to:
3/26/2014 12:59:59 AM

Subject:
CN=MyHeritage Ltd., OU=GENEALOGY RESEARCH, O=MyHeritage Ltd., L=Bnei Atarot, S=Bnei Atarot, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
06EC6BC2F2460615FF9E384A419CF9B5

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:y+vVc7/t+DFTw9gjt5gGGfrqNnUsMY+902kYXQPLX2UZecKCWveizvI3i:yic7/4BTt5HAyFJ+9gMti3Cveibu

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file family_tree_builder_7105.exe has been discovered within the following program.

MyHeritage Family Tree Builder  by MyHeritage.com
Family Tree Builder (FTB) is genealogy software to create family trees. The free download version is distributed as freeware, with no restrictions, although registration is required to run the software.
www.myheritage.com/family-tree-builder
About 2% of users remove it
 
Powered by Should I Remove It?

The file family_tree_builder_7105.exe has been seen being distributed by the following URL.

Scan family_tree_builder_7105.exe - Powered by Reason Core Security