home

PaymentBuddy.exe

Payment Buddy 2.1

VsiSystems.com

Publisher:
VsiSystems.com  (signed and verified)

Product:
Payment Buddy 2.1

Version:
1.00

MD5:
882f80a8eb82bb56197bb29c78072bc0

SHA-1:
c58d8f4e4ccf8911a97c415f2e95673027877c5d

SHA-256:
6957b83bd8bafd9e4014bf368a37f1695fa7d518836ef3b62a11525f256e49bf

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 3:54:40 AM UTC  (today)

File size:
46 KB (47,064 bytes)

Product version:
1.00

Original file name:
PaymentBuddy.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\paymentbuddy.exe

Digital Signature
Signed by:
VsiSystems.com

Authority:
GoDaddy.com, Inc.

Valid from:
11/24/2011 7:07:13 PM

Valid to:
11/24/2013 6:48:20 PM

Subject:
CN=VsiSystems.com, O=VsiSystems.com, L=San Diego, S=CA, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
047F72D4CFEE30

File PE Metadata
Compilation timestamp:
3/9/2013 8:43:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
384:29t/KAOl/YpDMsPXwOdMZzzIqPjgXnk/5M25Tn00IkHFoaMCUZaAywe8NlQD24W1:ORDMKiZzzIqPjgXkr8eFUQAyXLWfQGr

Entry address:
0x1558

Entry point:
68, 5C, 20, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, A7, 4D, 9B, 53, A3, 0B, 98, 46, 97, FA, 27, 16, 0C, 2F, AE, 10, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 61, 79, 6D, 65, 6E, 74, 42, 75, 64, 64, 79, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 10, 20, 86, F5, 5D, 42, 22, 80, 4C, B7, A9, 57, EF, C2, B7, 80, 27, 8A, 72, 3E, EF, 22, 89, 8A, 48, AD, 2B, 35, 42, 79, 47, 16, 32, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
4.7874

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
28 KB (28,672 bytes)

The file PaymentBuddy.exe has been seen being distributed by the following URL.

http://www.vsisystems.com/.../PaymentBuddy.exe

Scan PaymentBuddy.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.