home

stopresettingmyapps.exe

Stop resetting default apps

Alfredo Anibal Santos Silva

Publisher:
Carifred  (signed by Alfredo Anibal Santos Silva)

Product:
Stop resetting default apps

Version:
1.0.2.0

MD5:
50b69016765568bb634ba20a08fdc800

SHA-1:
bf4a4b03db941bdb5c0a2ae99f75c0d38488ee3d

SHA-256:
9e0708aec294856556d8dba5a1e086a6a473290d44ba140ccbfd2480ec8d91f7

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 7:36:39 PM UTC  (today)

File size:
321.8 KB (329,504 bytes)

Product version:
1.0.2.0

Copyright:
Carifred © 2010 - 2016

Trademarks:
Carifred.com

Original file name:
StopResettingDefaultApps.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Alfredo Anibal Santos Silva

Authority:
COMODO CA Limited

Valid from:
1/25/2016 3:00:00 AM

Valid to:
3/10/2019 2:59:59 AM

Subject:
CN=Alfredo Anibal Santos Silva, O=Alfredo Anibal Santos Silva, STREET=Résidence les angéliques, STREET=Rue du grand large, L=Port vendres, S=Languedoc - Roussillon, PostalCode=66660, C=FR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D028A36BBE4EC1B7FBF80D517A1B56C6

File PE Metadata
Compilation timestamp:
6/6/2016 9:27:07 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
6144:NXNMx0H1uI6cdcsPAOWz+CP0maEDqVz2F:NWDwdcsPotB+B2F

Entry address:
0xB1E7

Entry point:
E8, 37, 05, 00, 00, E9, 80, FE, FF, FF, 55, 8B, EC, 6A, 00, FF, 15, B0, D1, 41, 00, FF, 75, 08, FF, 15, 2C, D1, 41, 00, 68, 09, 04, 00, C0, FF, 15, D0, D1, 41, 00, 50, FF, 15, 34, D1, 41, 00, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 83, F7, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 48, EB, 43, 00, 89, 0D, 44, EB, 43, 00, 89, 15, 40, EB, 43, 00, 89, 1D, 3C, EB, 43, 00, 89, 35, 38, EB, 43, 00, 89, 3D, 34, EB, 43, 00, 66, 8C, 15, 60, EB, 43, 00, 66, 8C, 0D, 54, EB, 43, 00, 66, 8C, 1D, 30...
 
[+]

Entropy:
6.6340

Code size:
112 KB (114,688 bytes)

The file stopresettingmyapps.exe has been seen being distributed by the following URL.

http://www.carifred.com/.../StopResettingMyApps.exe

Scan stopresettingmyapps.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.