home

heidisql64.r4690.exe

MD5:
c449f60c84c4c65a8d405864524a9970

SHA-1:
0a12a144c8eeeb3082c61319c5b5bcb8de513846

SHA-256:
afba315dbf62cf05d04f21060f513f4549270aecb79459111d24d0d63ba9d9e1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 10:55:32 AM UTC  (today)

File size:
3.8 MB (3,976,247 bytes)

File type:
Executable application (Win64 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
12/25/2013 10:46:11 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:S+G7XO3gkDUcD2XKkLfwJzXWohJeHuqZpsdKRbsA/ZHA2FJK:nG7ewMGJ8oQeFs4nFK

Entry address:
0xA3F030

Entry point:
53, 56, 57, 55, 48, 8D, 35, C5, 1F, DB, FF, 48, 8D, BE, 00, 00, 81, FF, 48, 8D, 87, 8C, 9A, 83, 00, FF, 30, C7, 00, 57, A7, 43, 8E, 50, 57, B8, 48, D5, A3, 00, 50, 48, 89, E1, 48, 89, FA, 48, 89, F7, BE, 26, E0, 24, 00, 55, 48, 89, E5, 44, 8B, 09, 49, 89, D0, 48, 89, F2, 48, 8D, 77, 02, 56, 8A, 07, FF, CA, 88, C1, 24, 07, C0, E9, 03, 48, C7, C3, 00, FD, FF, FF, 48, D3, E3, 88, C1, 48, 8D, 9C, 5C, 88, F1, FF, FF, 48, 83, E3, C0, 6A, 00, 48, 39, DC, 75, F9, 53, 48, 8D, 7B, 08, 8A, 4E, FF, FF, CA, 88, 47, 02...
 
[+]

Entropy:
7.4795

Code size:
2.3 MB (2,424,832 bytes)

The file heidisql64.r4690.exe has been seen being distributed by the following URL.

http://www.heidisql.com/.../heidisql64.r4690.exe

Scan heidisql64.r4690.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.