home

FixitSetupTMP.exe

Fixit

Cloud IT-All Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from web-fixit.bezeqint.net.
Publisher:
Fixico  (signed by Cloud IT-All Ltd.)

Product:
Fixit

Version:
1.2.0.1

MD5:
0a4a6fb5093e2b34363c527f24fd267e

SHA-1:
efe5aee99c492feacdd3366770ad3ff428379430

SHA-256:
210581c506f7c0dfbde23669dd95f7219ea7ad6eef51fbd846014fa7c1d51212

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 4:43:23 AM UTC  (today)

File size:
26.6 MB (27,868,976 bytes)

Product version:
1.2.0.1

Copyright:
Copyright © 2016 Fixico

Original file name:
FixitSetupTMP.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\fixitsetuptmp.exe

Digital Signature
Signed by:
Cloud IT-All Ltd.

Authority:
GoDaddy.com, Inc.

Valid from:
2/10/2016 4:42:38 PM

Valid to:
2/10/2017 4:42:38 PM

Subject:
CN=Cloud IT-All Ltd., O=Cloud IT-All Ltd., L=Kfar Shmaryahu, C=IL

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00F74E1147B4CC555B

File PE Metadata
Compilation timestamp:
1/19/2016 11:57:59 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.22

CTPH (ssdeep):
393216:cdLzsFfoeniwUgxE8cJ3ejd6dRN01NDgzuyKlQdXzYIPDFY9v/LEoE/2YooS:8LgFAeiwvbcI0NODgyyKlWxRgv/J0oj

Entry address:
0x12A0

Entry point:
83, EC, 1C, C7, 04, 24, 02, 00, 00, 00, FF, 15, 00, 1E, 68, 00, E8, 4B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, A1, 5C, 1E, 68, 00, FF, E0, 89, F6, 8D, BC, 27, 00, 00, 00, 00, A1, 24, 1E, 68, 00, FF, E0, 90, 90, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, 90, 5E, 00, E8, 1E, CB, 1C, 00, 52, 85, C0, 74, 65, C7, 44, 24, 04, 13, 90, 5E, 00, 89, 04, 24, E8, 11, CB, 1C, 00, 83, EC, 08, 85, C0, 74, 11, C7, 44, 24, 04, 08, E0, 67, 00, C7, 04, 24, B8, C0, 62, 00, FF, D0, 8B...
 
[+]

Entropy:
7.9526  (probably packed)

Code size:
1.8 MB (1,911,808 bytes)

The file FixitSetupTMP.exe has been seen being distributed by the following URL.

https://web-fixit.bezeqint.net/.../FixitSetupTMP.exe

Scan FixitSetupTMP.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.