tinyumbrella-7.00.00a.exe

tinyumbrella-7.00.00

This is a setup program which is used to install the application. The file has been seen being downloaded from f2h.nana10.co.il and multiple other hosts.
Product:
tinyumbrella-7.00.00

Description:
TinyUmbrella - Save your SHSH!

Version:
7.00.00

MD5:
7a3ef8993e4f7637fcec7741b695b18b

SHA-1:
8787fe26cdbdb4ef849a6d6c487a37a2f6c2faf0

SHA-256:
30ed57d9a3624f11efbf4c7579ccbb1e66a2e199596abf9856589424cc261715

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/26/2024 5:12:08 PM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0922
7.2.36

File size:
2.8 MB (2,891,776 bytes)

Product version:
7.00.00

Original file name:
tinyumbrella-7.00.00.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
3/16/2011 7:29:26 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
49152:QRbxtJAoSnHgJf2ZLxoPcGuBig03KS3DNeuxCerZUcFXTuF:otGHG2ZLaUJbGNeux7rZU/

Entry address:
0x11D8

Entry point:
4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
129 KB (132,096 bytes)

The file tinyumbrella-7.00.00a.exe has been discovered within the following program.

Apple Application Support  by Apple Inc.
Apple Application Support is required to run iTunes, QuickTime and other Apple installed products (do not remove this if you use any of these programs). If you remove this program you will need to reinstall it in order for iTunes to load.
www.apple.com
6% remove it
 
Powered by Should I Remove It?

The file tinyumbrella-7.00.00a.exe has been seen being distributed by the following 3 URLs.

http://f2h.nana10.co.il/.../zd9kmbmpsvs5|61c7adddbff2ba725dec83969cc110d3|.exe

Scan tinyumbrella-7.00.00a.exe - Powered by Reason Core Security