home

_start.exe

_geolib

Eversim

Publisher:
Eversim  (signed and verified)

Product:
_geolib

Description:
_geolib

Version:
1, 0, 0, 1

MD5:
6786b55f90634f63d0c7e0d72518d49a

SHA-1:
367b258eee20421d9a4ecf60193d1783be26fd6a

SHA-256:
830023d39bd991290f738f228b2471b13a742e7b585d31225e3cda87ae6c9f15

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/16/2024 8:55:23 AM UTC  (today)

File size:
6.3 MB (6,597,096 bytes)

Product version:
6, 24, 0, 0

Copyright:
Eversim copyright (C) 2016

Original file name:
_geolib.rc

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\power & revolution (р рѕсѓсѓрёс)\_start.exe

Digital Signature
Signed by:
Eversim

Authority:
COMODO CA Limited

Valid from:
2/17/2015 7:00:00 AM

Valid to:
2/17/2017 6:59:59 AM

Subject:
CN=Eversim, O=Eversim, STREET="13 Place des Libertés Publiques,LE MANDINET 2 BATIMENT B", L=Lognes, S=Seine et Marne, PostalCode=77185, C=FR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CC1C7706C9968DF4F52751EABF10C66D

File PE Metadata
Compilation timestamp:
9/28/2016 11:21:23 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x6109A000

Entry point:
EB, 04, 00, 8D, 65, 1F, 50, EB, 05, 83, 8D, DE, 2E, C0, E8, 14, 00, 00, 00, EB, 03, BC, 77, 5C, EB, 03, A0, A5, 67, 33, C0, 7B, D5, 71, 59, EB, 02, 0F, 17, EB, 05, F1, 26, 6F, 0C, 92, B8, 07, 48, 0D, F7, EB, 02, 66, CD, EB, 01, 86, 05, F9, B7, F2, 08, EB, 05, 2E, D8, BB, CC, 4A, 75, 34, EB, 01, 67, 64, FF, 30, EB, 02, A1, A7, 64, 89, 20, EB, 05, 8C, A0, 42, 28, 5F, EB, 02, 13, 62, 8B, 10, EB, 01, 7B, 64, 8F, 00, EB, 02, 28, 47, 83, C4, 04, EB, 01, 3D, 58, EB, 02, DB, E0, C3, EB, 02, 68, 58, EB, 03, 0F, BD...
 
[+]

Entropy:
7.9999  (probably packed)

Code size:
13 MB (13,634,048 bytes)

Scan _start.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.