home

setup_10.99.exe

Abwor

ICOFX SOFTWARE SRL

Publisher:
KlreVonu   (signed by ICOFX SOFTWARE SRL)

Product:
Abwor

Description:
KlreVonu

Version:
1.01.0008

MD5:
3fec0eaaa47119762a9c31d763bf6a79

SHA-1:
0810f5ca72102606e1a7cd07b44f69a1481176c6

SHA-256:
867df2acca70c2a7967782e23e9aa288f83abe523170a452404e72b3dfd04b89

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/14/2025 10:27:52 AM UTC  (today)

File size:
9.3 MB (9,800,720 bytes)

Product version:
1.01.0008

Original file name:
Ectophyte.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\setup_10.99.exe

Digital Signature
Signed by:
ICOFX SOFTWARE SRL

Authority:
COMODO CA Limited

Valid from:
3/20/2016 9:00:00 PM

Valid to:
3/18/2021 8:59:59 PM

Subject:
CN=ICOFX SOFTWARE SRL, O=ICOFX SOFTWARE SRL, STREET=Str. Teilor Nr 10 Scara 2 Apartament 24, L=Floresti, S=Cluj, PostalCode=407280, C=RO

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
21ACDD0E97DE1A28AF8908237D276DAD

File PE Metadata
Compilation timestamp:
11/24/2016 6:36:57 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:5QrFq67PAvFVVtGoa8drapYXmD+cECHt75:iBq67PwFVVtDdGpYXhE

Entry address:
0x1114

Entry point:
68, 2C, 07, D4, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 1A, E3, 98, 8C, 6C, 66, BB, 43, BB, AC, C4, 45, 12, 0A, BE, A8, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 69, 6D, 70, 69, 73, 68, 37, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 32, 9F, 7E, D9, 78, 41, 56, C9, 4B, 80, 5C, CA, B9, C1, 2A, 11, 84, 90, 05, 2D, FB, 72, FA, 32, 4A, AD, F4, 83, 5E, BF, E1, 33, 47, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
9.3 MB (9,748,480 bytes)

Scan setup_10.99.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.