FamilyTreePublisher.exe

MyHeritage Family Tree Publisher

MyHeritage Ltd.

The application FamilyTreePublisher.exe, “MyHeritage Family Tree Publisher Software” by MyHeritage has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program MyHeritage Family Tree Builder by MyHeritage.com.
Publisher:
MyHeritage  (signed by MyHeritage Ltd.)

Product:
MyHeritage Family Tree Publisher

Description:
MyHeritage Family Tree Publisher Software

Version:
3, 0, 0, 805

MD5:
e8bb516281ce0851b4b34bb24151ee10

SHA-1:
95bd4026897518caf1263bda07a74f11eded335d

SHA-256:
dc2ef2b190e77bf99939d224746f28a0a5fd39d77cddf0eb921c6c70d227f349

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 10:53:22 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Bundler (M)
16.8.1.13

File size:
747.5 KB (765,456 bytes)

Product version:
3, 0, 0, 805

Copyright:
Copyright (C) 2008 MyHeritage.com

Original file name:
FamilyTreePublisher.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\myheritage\bin\familytreepublisher.exe

Digital Signature
Signed by:

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
2/21/2008 2:00:00 AM

Valid to:
3/24/2010 1:59:59 AM

Subject:
CN=MyHeritage Ltd., OU=GENEALOGY RESEARCH, O=MyHeritage Ltd., L=Bnei Atarot, S=Bnei Atarot, C=IL

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
75549F68705A5EE7233D6E7F90A8D4AF

File PE Metadata
Compilation timestamp:
1/31/2010 12:32:11 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:6VAYVqQrzfcvkM8y9xAyx89125mQJ+FC0rzl+1Q2m/l:6OkqQvakJ8Wy6G5mQJ+gIzlX2kl

Entry address:
0x242E20

Entry point:
60, BE, 00, 30, 59, 00, 8D, BE, 00, E0, E6, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
7.8813

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
704 KB (720,896 bytes)

The file FamilyTreePublisher.exe has been discovered within the following program.

MyHeritage Family Tree Builder  by MyHeritage.com
Family Tree Builder (FTB) is genealogy software to create family trees. The free download version is distributed as freeware, with no restrictions, although registration is required to run the software.
www.myheritage.com/family-tree-builder
About 2% of users remove it
 
Powered by Should I Remove It?

Remove FamilyTreePublisher.exe - Powered by Reason Core Security