home

keyfinder.exe

ONE UP LTD.

The executable keyfinder.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
ONE UP LTD.  (signed and verified)

MD5:
d5e06010bee22a5cb7e432fe805fca69

SHA-1:
cdd38f29abda66947c02fa8e9f59cfe06eed100e

SHA-256:
ebc75e263c61d6d02e979fb1d62d6a6501a65613c6f67514a0430e25e316025d

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/26/2024 10:03:39 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.10.14.8

File size:
799.3 KB (818,488 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\magical jelly bean\keyfinder.exe

Digital Signature
Signed by:
ONE UP LTD.

Authority:
Starfield Technologies, Inc.

Valid from:
2/16/2016 5:34:38 AM

Valid to:
4/25/2019 9:33:03 AM

Subject:
CN=ONE UP LTD., O=ONE UP LTD., L=LIMASSOL, C=CY

Issuer:
SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
66BBF05193DB18D4

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:ptfrC6W++C9Gw7Ec/UJdFUCfXO3Uybm57MRc67mlshbkVAR3cVPgb:TzD+CuJHr+kyqp8mlwXb

Entry address:
0x95434

Entry point:
80, 56, 56, 48, 21, 80, 55, 55, 48, 21, B8, FF, C0, B3, 54, 54, 48, 21, B8, FF, C0, 40, 22, 53, 53, 48, 21, 40, 51, 51, 48, 21, 40, 50, 50, 48, 21, 40, 4F, 4F, 48, 21, 40, 4E, 4E, 48, 21, 80, 4D, 4D, 48, 21, 80, 4C, 4C, 48, 21, B8, FF, C0, B3, 4B, 4B, 48, 21, B8, FF, 40, B3, 46, 46, 48, 21, B8, FF, 40, B3, 45, 45, 48, 21, B8, FF, 80, B3, 44, 44, 48, 21, B8, FF, 40, B3, 43, 43, 48, 21, B8, FF, 40, B3, 42, 42, 48, 21, B8, FF, 00, B3, 41, 41, 48, 21, B8, FE, C0, B3, 40, 40, 48, 21, B8, FF, 00, B3, 3F, 3F, 48...
 
[+]

Entropy:
7.0839

Code size:
594 KB (608,256 bytes)

Remove keyfinder.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.