» SNP Prophet Online.exe
Overview
Analysis
File Details
Downloads (1)

SNP Prophet Online.exe

SNP Prophet Online

Felix CHANDRAKUMAR

This is a setup program which is used to install the application. The file has been seen being downloaded from doc-08-8c-docs.googleusercontent.com.

File name:

Publisher:

Genetic Genealogy Tools (signed by Felix CHANDRAKUMAR)

Product:

SNP Prophet Online

Version:

1.0.0.0

MD5:

d21aef6c02d3f67afa29c06908c1ed04

SHA-1:

49a1dd3549be4d5fb5b4b8c89ac81de5527a3811

SHA-256:

4b8881508ea623d9d256e3b8acc9bd33e3fdb2c84c982b3586e2d9d389fa90fd

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/24/2024 10:10:53 AM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

W32.HfsAdware

1.3.0.6379

File size:

9.1 MB (9,534,480 bytes)

Product version:

1.0.0.0

Original file name:

SNP Prophet Online.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\snp prophet online.exe

Digital Signature

Signed by:

Felix CHANDRAKUMAR

Authority:

Unizeto Technologies S.A.

Valid from:

8/26/2014 11:48:45 PM

Valid to:

8/26/2015 11:48:45 PM

Subject:

E=i@fc.id.au, CN="Open Source Developer, Felix CHANDRAKUMAR", O=Felix CHANDRAKUMAR, C=AU

Issuer:

CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:

24CFAA920DFC035197485C2B5BA6B30D

File PE Metadata

Compilation timestamp:

1/20/2015 2:33:53 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

196608:qVDXRR7pS2mRdfy8OAmBL3M9YWAOXwBHMMKN+R+wtTR9SmBXWZR:qVzRRlYbnkL39bOiHxc+R+oTSGWb

Entry address:

0x8FC6AE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.9320

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

9 MB (9,414,656 bytes)

The file SNP Prophet Online.exe has been seen being distributed by the following URL.

https://doc-08-8c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lmgbflmlckuk2p8r9p71tkg21lvfr2qn/1464091200000/11229582234064686044/.../0B5Y7JiyCFxhcTGVxUXg2TlhKbkE?e=download

Scan SNP Prophet Online.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.