home

fixit_14021824116411249254176_1180.exe

Fixico

Cloud IT-All Ltd.

Publisher:
ClouditAll ltd.  (signed by Cloud IT-All Ltd.)

Product:
Fixico

Description:
Fixico is like having a mini IT guy in your computer that works 24/7, never eats, never sleeps, and is always making sure that your computers are running smoothly, efficiently and safely - without bot

Version:
1.7.7.0

MD5:
07b299be4072d31e793f530c2aa024b5

SHA-1:
46f4274023066be1cca5d03a9631bf70e98f224f

SHA-256:
8d6ead0235b1b487b59aa720c113b036727203d17c7d36654ce6b7439405e4f3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 4:28:45 AM UTC  (today)

File size:
327.9 KB (335,752 bytes)

Product version:
1.7.7.0

Copyright:
Copyright (C) 2016

Original file name:
Fixico.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Cloud IT-All Ltd.

Authority:
GoDaddy.com, Inc.

Valid from:
2/10/2016 4:42:38 PM

Valid to:
2/10/2017 4:42:38 PM

Subject:
CN=Cloud IT-All Ltd., O=Cloud IT-All Ltd., L=Kfar Shmaryahu, C=IL

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00F74E1147B4CC555B

File PE Metadata
Compilation timestamp:
6/9/2016 5:06:46 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:3FNPpveNSxU9KxPI/vNzUsG/CS5/lBiohvPPGXlUCw2ZY:9MSWgxPIQ/D7RJGlCAY

Entry address:
0xDFB3

Entry point:
E8, BB, 63, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, C8, E4, 41, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, D0, E1, 41, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, A8, 50, 42, 00, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, AC...
 
[+]

Entropy:
6.9987

Code size:
112.5 KB (115,200 bytes)

The file fixit_14021824116411249254176_1180.exe has been seen being distributed by the following URL.

https://web-fixit.bezeqint.net/.../DownloadWindowsInstaller

Scan fixit_14021824116411249254176_1180.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.