rfwipeout.exe

RoboForm

Siber Systems Inc

This is a self-extracting archive and installer. The file has been seen being downloaded from www.goodsync.com and multiple other hosts.
Publisher:
Siber Systems  (signed by Siber Systems Inc)

Product:
RoboForm

Description:
RoboForm Installer and Uninstaller

Version:
7-9-0-0

MD5:
46f67aafbce5506418c1cb59cdae5730

SHA-1:
a3332246e1fd96810ec1fac78dab7ec3f56fdba6

SHA-256:
a8d5a77c63c1e93adc7a73084b730fcc21e43616fb8a6ceac231377e42d889f7

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/26/2024 9:18:34 PM UTC  (today)

File size:
12.8 MB (13,391,216 bytes)

Product version:
7-9-0-0

Copyright:
Copyright (C) 1999-2013 Siber Systems Inc.

Original file name:
rfwipeout.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\rfwipeout.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
2/12/2012 7:00:00 PM

Valid to:
2/12/2017 6:59:59 PM

Subject:
CN=Siber Systems Inc, OU=RoboForm GoodSync, O=Siber Systems Inc, STREET=11781 Lee Jackson Hwy, STREET=Suite 380, L=Fairfax, S=VA, PostalCode=22033, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00EE721E6F485BBE355E57D2A4AA24D7C2

File PE Metadata
Compilation timestamp:
6/26/2013 12:06:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
393216:+Zaz6EDqbtphA/3V6y3tRi4Zx2+D2VDk9u21IJ5:iEDqbtp43ky3t84ZxLD2CUJ

Entry address:
0x2920E

Entry point:
E8, 98, 7F, 00, 00, E9, 17, FE, FF, FF, 55, 8B, EC, 8B, 45, 14, 56, 57, 33, FF, 3B, C7, 74, 47, 39, 7D, 08, 75, 1B, E8, 76, 10, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 12, 74, 00, 00, 83, C4, 14, 8B, C6, EB, 29, 39, 7D, 10, 74, E0, 39, 45, 0C, 73, 0E, E8, 51, 10, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, D7, 50, FF, 75, 10, FF, 75, 08, E8, 76, 01, 00, 00, 83, C4, 0C, 33, C0, 5F, 5E, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 0F, 03, C1, 1B, C9...
 
[+]

Entropy:
7.9928  (probably packed)

Code size:
251 KB (257,024 bytes)

The file rfwipeout.exe has been seen being distributed by the following 3 URLs.

Scan rfwipeout.exe - Powered by Reason Core Security