home

fixit_299514457247897110_949.exe

Fixico

Cloud IT-All Ltd.

Publisher:
ClouditAll ltd.  (signed by Cloud IT-All Ltd.)

Product:
Fixico

Description:
Fixico is like having a mini IT guy in your computer that works 24/7, never eats, never sleeps, and is always making sure that your computers are running smoothly, efficiently and safely - without bot

Version:
1.8.6.1

MD5:
0b150b8b87c8b06a4b682ae31e8e65ed

SHA-1:
edcc706251566b0e29063e9c8423c58bee0ff3ee

SHA-256:
1357d934ab13537f7688ff1d35f9494473461ad3384a69993857358bddf9df9d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 9:38:57 AM UTC  (today)

File size:
331.4 KB (339,312 bytes)

Product version:
1.8.6.1

Copyright:
Copyright (C) 2016

Original file name:
Fixico.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\fixit_299514457247897110_949.exe

Digital Signature
Signed by:
Cloud IT-All Ltd.

Authority:
GoDaddy.com, Inc.

Valid from:
2/10/2016 4:42:38 PM

Valid to:
2/10/2017 4:42:38 PM

Subject:
CN=Cloud IT-All Ltd., O=Cloud IT-All Ltd., L=Kfar Shmaryahu, C=IL

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00F74E1147B4CC555B

File PE Metadata
Compilation timestamp:
10/31/2016 4:03:42 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:mhUV3a/yS73Nd14Hl+Cy6ASJxdyCIi7fq8iBSulUCwK5T:38/j9d14F++xu6fqjBSulCgT

Entry address:
0xE523

Entry point:
E8, AB, 63, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, D8, E4, 41, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, DC, E1, 41, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, A8, 50, 42, 00, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, AC...
 
[+]

Entropy:
7.0045

Code size:
114 KB (116,736 bytes)

The file fixit_299514457247897110_949.exe has been seen being distributed by the following URL.

https://web-fixit.bezeqint.net/.../DownloadWindowsInstaller

Scan fixit_299514457247897110_949.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.