home

paretologic pc health advisor_fr.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.openfilesnow.com.
MD5:
ddb40758e594d3671337e83f3b3f80fa

SHA-1:
338ceae319fb081a8989eefe0c59307178597aa1

SHA-256:
1f6b7361c5cc815fe06816a089b752d416fe2292059704651ea4e494cebda985

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 12:51:29 AM UTC  (today)

File size:
5.6 MB (5,898,240 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\paretologic pc health advisor_fr.exe

File PE Metadata
Compilation timestamp:
2/24/2012 8:19:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:ofScmA27r/Q3wvJB1bYL1qAeuyg9Plk+eZrMSVxa271POK/HLheIugAbZJ9s5uDg:bcu7U34swSXPbeZrrVxa2PHLheI7Ab7U

Entry address:
0x39E3

Entry point:
88, E1, 68, 76, 96, A1, 00, 89, D1, FE, C0, 0F, C8, C6, C3, CB, FF, C6, 51, C6, C7, 3F, 59, 8A, D2, 81, FF, 85, CE, 00, 00, 76, 02, FE, CE, 8D, 01, 74, 0A, 84, CF, 45, F7, D9, 0F, B7, F0, 1B, DA, 00, E5, 2B, F8, 69, C6, DF, 1B, 57, 82, FE, C3, EB, 06, B6, 3E, 8B, D3, 2B, FA, 0F, B6, E9, E8, 3B, 00, 00, 00, F7, C7, 13, DE, 9E, E8, 69, FF, 20, D5, A2, CD, 81, FF, 3A, 13, 00, 00, 78, 02, F6, D7, EB, 06, 21, FA, 87, CA, 14, DC, 68, 3E, CA, 00, 00, 81, E6, 72, A6, 81, 46, 5E, FF, CB, 81, C6, D5, 03, 00, 00, F7...
 
[+]

Code size:
28 KB (28,672 bytes)

The file paretologic pc health advisor_fr.exe has been seen being distributed by the following URL.

http://www.openfilesnow.com/.../download_PCHA_fr.php

Scan paretologic pc health advisor_fr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.