» ftrdriversetup_winxp_vista_win7_whql_2307.exe
Overview
Analysis
File Details
Downloads (3)

ftrdriversetup_winxp_vista_win7_whql_2307.exe

Futronic Driver Installer

Futronic Technology Co. Ltd.

This is a self-extracting archive and installer. The file has been seen being downloaded from www.dropbox.com and multiple other hosts.

File name:

Publisher:

Futronic Technology Company Ltd. (signed by Futronic Technology Co. Ltd.)

Product:

Futronic Driver Installer

Version:

8.0.2307.473

MD5:

2998188fb7f95afd7753239739163f9d

SHA-1:

212af59b5f40106a1613ee21dcbad6d6f4b48d28

SHA-256:

b2cd1c3ebfb47dff5f491c0d4cabe309415f2fb56b728e8bd16ab71174dcd524

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

1/6/2025 10:47:23 AM UTC (today)

Scan engine

Detection

Engine version

Qihoo 360 Security

Trojan.Generic

1.0.0.1015

File size:

10.5 MB (11,000,184 bytes)

Product version:

8.0.2307.473

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Digital Signature

Signed by:

Futronic Technology Co. Ltd.

Authority:

VeriSign, Inc.

Valid from:

2/4/2014 12:00:00 AM

Valid to:

4/5/2016 12:59:59 AM

Subject:

CN=Futronic Technology Co. Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Futronic Technology Co. Ltd., L=Hong Kong, S=Hong Kong, C=HK

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

5D1042744298CB6D106A9354D163DCD8

File PE Metadata

Compilation timestamp:

7/4/2015 6:10:29 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

196608:mMNElsGIdC4mghqneepO/UGPRSlOlHL2tm+CukOh7OE82CdZqxvzXp1EIa:gTI0Pgh66cslr2m+sOhqe8cxvzfa

Entry address:

0x31A80

Entry point:

E8, 1A, 43, 00, 00, E9, 17, FE, FF, FF, 55, 8B, EC, 8B, 45, 14, 56, 57, 33, FF, 3B, C7, 74, 47, 39, 7D, 08, 75, 1B, E8, C6, 1A, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 0B, 06, 00, 00, 83, C4, 14, 8B, C6, EB, 29, 39, 7D, 10, 74, E0, 39, 45, 0C, 73, 0E, E8, A1, 1A, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, D7, 50, FF, 75, 10, FF, 75, 08, E8, 64, 43, 00, 00, 83, C4, 0C, 33, C0, 5F, 5E, 5D, C3, 55, 8B, EC, 83, EC, 20, 56, 33, F6, 39, 75, 0C, 75, 1D, E8, 70, 1A, 00, 00, 56, 56, 56, 56, 56, C7, 00, 16... 
[+]

Entropy:

7.9144 (probably packed)

Code size:

292 KB (299,008 bytes)

The file ftrdriversetup_winxp_vista_win7_whql_2307.exe has been seen being distributed by the following 3 URLs.

https://www.dropbox.com/s/.../ftrDriverSetup_winxp_vista_win7_whql_2307.exe

http://corporativo.odontoartonline.com.br/SYS/.../EnvioArquivo.aspx?Baixar=31

https://site.solutinet.com.br/2015/.../ftrDriverSetup_winxp_vista_win7_whql_2307.exe

Scan ftrdriversetup_winxp_vista_win7_whql_2307.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.