» ftrcheck_setup.exe
Overview
Analysis
File Details

ftrcheck_setup.exe

FileThreat Check

Agics V.O.F.

This is a setup and installation application.

File name:

ftrcheck_setup.exe

Publisher:

Agics (signed by Agics V.O.F.)

Product:

FileThreat Check

Description:

FileThreat Check Installation

Version:

1.5.4.1

MD5:

a78edc9bac25ce5c48d0922f4966f8ca

SHA-1:

a6ac0575369b2cb7167d109ec5048a6979c39489

SHA-256:

7f27a6f79d4781531406ec696ebaf0f2cb601553ded38f09f88f71ee8a806fa8

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

11/16/2024 6:07:37 PM UTC (today)

Scan engine

Detection

Engine version

IKARUS anti.virus

Trojan-Downloader

t3scan.2.1.6.0

Qihoo 360 Security

HEUR/QVM41.2.Malware.Gen

1.0.0.1120

File size:

5.3 MB (5,506,072 bytes)

Product version:

1.5.4.1

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\ftrcheck_setup.exe

Digital Signature

Signed by:

Agics V.O.F.

Authority:

COMODO CA Limited

Valid from:

6/24/2015 5:30:00 AM

Valid to:

6/24/2016 5:29:59 AM

Subject:

CN=Agics V.O.F., O=Agics V.O.F., STREET=Kerkpad 11, L=Breda, S=NB, PostalCode=4818PK, C=NL

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00EF14B0886E6F01CEA129354A2103A017

File PE Metadata

Compilation timestamp:

8/26/2015 5:31:27 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:52yR0cSCQvfLrHNEalRXKaHX93TDvJJ7dLlHc3I:550cpCTHX93TDRJ7dwI

Entry address:

0x2646DC

Entry point:

55, 8B, EC, 83, C4, F0, B8, 54, BF, 65, 00, E8, B8, 9B, DA, FF, A1, 74, E3, 66, 00, 8B, 00, E8, BC, 14, FB, FF, A1, 74, E3, 66, 00, 8B, 00, BA, 40, 47, 66, 00, E8, DB, 0E, FB, FF, 8B, 0D, 4C, E5, 66, 00, A1, 74, E3, 66, 00, 8B, 00, 8B, 15, F8, D7, 63, 00, E8, AB, 14, FB, FF, A1, 74, E3, 66, 00, 8B, 00, E8, FB, 15, FB, FF, E8, 62, 4B, DA, FF, 00, 00, B0, 04, 02, 00, FF, FF, FF, FF, 05, 00, 00, 00, 53, 00, 65, 00, 74, 00, 75, 00, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.3769

Developed / compiled with:

Microsoft Visual C++

Code size:

2.4 MB (2,503,168 bytes)

Scan ftrcheck_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.