home

finddevgenius.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s3.amazonaws.com and multiple other hosts.
Version:
2.53.31.6

MD5:
52b36459e581120748320994a15a4525

SHA-1:
77740c4add853fc582d0e403223d88d7d595a7be

SHA-256:
d16e2cf2d6ad956b546d2bcb4428e336f544bff10d3c4ae9fd02f6967f06e7ac

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 3:53:24 PM UTC  (today)

File size:
4.9 MB (5,087,232 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
8/14/2013 3:50:23 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:0Sd9E6EtQSBYvIdh3BH00scnMnyDC6ymnOW8ZC4fTHjtrk7VdMJXN66zZPY3bgw5:3E/Q0scnMnv6ymngCGrkCN66zRcfgB2

Entry address:
0x269094

Entry point:
55, 8B, EC, 83, C4, F0, B8, 94, D0, 65, 00, E8, 48, 1E, DA, FF, A1, C8, 64, 67, 00, 8B, 00, E8, 20, BB, ED, FF, 68, 38, 91, 66, 00, 6A, 00, 6A, 00, E8, DA, 54, DA, FF, E8, E5, 55, DA, FF, 3D, B7, 00, 00, 00, 74, 45, A1, C8, 64, 67, 00, 8B, 00, B2, 01, E8, F8, D7, ED, FF, A1, C8, 64, 67, 00, 8B, 00, BA, 4C, 91, 66, 00, E8, 1F, B5, ED, FF, 8B, 0D, 50, 69, 67, 00, A1, C8, 64, 67, 00, 8B, 00, 8B, 15, 80, C8, 61, 00, E8, E7, BA, ED, FF, A1, C8, 64, 67, 00, 8B, 00, E8, 33, BC, ED, FF, EB, 24, 6A, 30, B9, 60, 91...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
2.4 MB (2,520,064 bytes)

The file finddevgenius.exe has been seen being distributed by the following 4 URLs.

https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/17227052/.../FindDevGenius.exe

https://easyn.freshdesk.com/helpdesk/.../17227052

https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/17241558/.../FindDevGenius.exe

https://easyn.freshdesk.com/helpdesk/.../17241558

Scan finddevgenius.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.