home

forexcashflowmethodtradeexecutorver2.exe

Forex CashFlow Method TRADE EXECUTOR

Forex CashFlow Method

This is a setup program which is used to install the application. The file has been seen being downloaded from forexcashflow.yourforexmentor.com.
Publisher:
Forex CashFlow Method

Product:
Forex CashFlow Method TRADE EXECUTOR

Description:
n/a

Version:
2,1,0,0

MD5:
64c3a791228672a8e812824a30e3d87e

SHA-1:
5c13d33446864713c234cad783fe1ec97d456735

SHA-256:
f626696818dcd08cc3db0e9c27a4bfb070b834a88992e011210e4e3bef1c3206

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/26/2024 1:18:30 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsOval
1.3.0.4924

File size:
1.5 MB (1,526,082 bytes)

Product version:
2.1

Copyright:
n/a

Original file name:
n/a

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\forexcashflowmethodtradeexecutorver2.exe

File PE Metadata
Compilation timestamp:
1/9/2013 3:52:29 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
24576:w8kftHYV8HFyBaw4avJv28SaRFHuUZzcIVIdzKJkaugtCRZho+MDKhO://qly/UJEZtZAIEa1CHhjwKhO

Entry address:
0x1000

Entry point:
68, 10, 05, 00, 00, 68, 00, 00, 00, 00, 68, 68, 19, 47, 00, E8, 66, 62, 04, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, 5F, 62, 04, 00, A3, 6C, 19, 47, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, 4C, 62, 04, 00, A3, 68, 19, 47, 00, B8, DC, 6F, 46, 00, A3, 90, 19, 47, 00, E8, 52, 7E, 05, 00, E8, 75, 73, 05, 00, E8, FA, 65, 05, 00, E8, 0D, 58, 05, 00, E8, BB, 55, 05, 00, E8, A9, 53, 05, 00, E8, C4, 39, 05, 00, E8, A0, 2E, 05, 00, E8, 63, 2D, 05, 00, E8, E2, 13, 05, 00, E8, 71, C1, 04, 00...
 
[+]

Entropy:
7.6844

Packer / compiler:
PKLITE32, 0x1.1

Code size:
386 KB (395,264 bytes)

The file forexcashflowmethodtradeexecutorver2.exe has been seen being distributed by the following URL.

http://forexcashflow.yourforexmentor.com/.../ForexCashFlowMethodTRADEEXECUTORver2.exe

Scan forexcashflowmethodtradeexecutorver2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.