home

smartvs36_x64.exe

Manutius.com MicroSetup for WinImage

Gilles Vollant

This is a self-extracting archive and installer. The file has been seen being downloaded from www.smartversion.com.
Publisher:
WinImage  (signed by Gilles Vollant)

Product:
Manutius.com MicroSetup for WinImage

Description:
WinImage MicroSetup

Version:
1, 0, 0, 1

MD5:
6aeab738385a772476010e0dda06c710

SHA-1:
cbb909e8d59ea04ed39fbc16c22ae51e148d30b0

SHA-256:
74ff3f4179a416261b29be33ac30345095fb77f31db425a3c21ca7dfa63e81a4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/4/2025 7:24:13 AM UTC  (today)

File size:
1.4 MB (1,420,880 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright © 2001 François Liger for WinImage

Original file name:
MicroSetup.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Gilles Vollant

Authority:
thawte, Inc.

Subject:
CN=Gilles Vollant, OU=Individual Developer, O=No Organization Affiliation, L=Savigny sur Orge, S=Savigny sur Orge, C=FR

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
016F7A0156C1BE8B91F0344B20B213FC

File PE Metadata
Compilation timestamp:
4/5/2016 3:36:37 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
24576:9mt0lTVr4NfkHYVDk8sqt33mQiRgISf3K6KD6CmRMo/RFZ0SSefxgpEeB12ae/Xr:guOsmjiyISf3KbsMoJFZdGLa7PzOfGZ

Entry address:
0xA2A4

Entry point:
48, 83, EC, 28, E8, 77, 07, 00, 00, 48, 83, C4, 28, E9, 22, FE, FF, FF, CC, CC, 33, C0, 48, 89, 41, 10, 48, 8D, 05, D3, 6F, 04, 00, 48, 89, 01, 48, 8B, C1, 48, 89, 51, 08, C3, 40, 53, 48, 83, EC, 20, 48, 8B, D9, 48, 8B, C2, 48, 8D, 0D, 85, 6F, 04, 00, 48, 89, 0B, 48, 8D, 53, 08, 33, C9, 48, 89, 0A, 48, 89, 4A, 08, 48, 8D, 48, 08, E8, 90, 18, 00, 00, 48, 8D, 05, 95, 6F, 04, 00, 48, 89, 03, 48, 8B, C3, 48, 83, C4, 20, 5B, C3, CC, 33, C0, 48, 89, 41, 10, 48, 8D, 05, 8B, 6F, 04, 00, 48, 89, 41, 08, 48, 8D, 05...
 
[+]

Code size:
306 KB (313,344 bytes)

The file smartvs36_x64.exe has been seen being distributed by the following URL.

http://www.smartversion.com/smartvs36_x64.exe

Scan smartvs36_x64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.