home

ftool.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from onedrive.live.com and multiple other hosts.
MD5:
ec5a48c7e662287efc648b0ab2783df3

SHA-1:
619240d29e831bf2f60a187e8f19482a64bc5dc9

SHA-256:
01ef590d5f2ff3f9fcbbe6db67255482546932cb4bfa44155c4bcef9294db0cd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/9/2024 12:54:03 AM UTC  (today)

File size:
3.6 MB (3,752,960 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
9/19/2012 6:41:32 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:V5Oe9SKOzse4AN8h6kNylvrK6UZjFX7P9RVht:g4AN8h6kNylvxUZjZ7LD

Entry address:
0x25041B

Entry point:
E8, A9, DD, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 51, 8D, 4C, 24, 04, 2B, C8, 1B, C0, F7, D0, 23, C8, 8B, C4, 25, 00, F0, FF, FF, 3B, C8, 72, 0A, 8B, C1, 59, 94, 8B, 00, 89, 04, 24, C3, 2D, 00, 10, 00, 00, 85, 00, EB, E9, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 00, 01, 00, 00, 72, 0E, 83, 3D, 64, 68, 93, 00, 00, 74, 05, E9, 2A, DE, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C...
 
[+]

Code size:
2.4 MB (2,544,640 bytes)

The file ftool.exe has been seen being distributed by the following 3 URLs.

https://onedrive.live.com/download.aspx?cid=CDDF0141137B0AA3&authKey=!AE9E7XqWjDC_qhM&resid=CDDF0141137B0AA3!41522

https://uol.unifor.br/.../conteudo?cdConteudo=6743565

http://atenea.upc.edu/moodle/pluginfile.php/1122788/mod_folder/content/.../Ftool.exe

Scan ftool.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.