twittertime.exe

The Foundation

The application twittertime.exe by The Foundation has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
The Foundation  (signed and verified)

MD5:
9a81b526470b28a97bf493c75ee3c10b

SHA-1:
1a0637a020f72c2679573553e6188adf3b2a2211

SHA-256:
e66fd2eceff1f9b8d09b7631a4d147e2e660944d07277d9ea7b9af33478e8f41

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 6:08:52 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.TrailerTime (M)
16.10.9.22

File size:
45.6 MB (47,771,056 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\twittertime\twittertime.exe

Digital Signature
Signed by:

Authority:
The Foundation

Valid from:
6/15/2015 4:54:30 AM

Valid to:
6/12/2025 4:54:30 AM

Subject:
CN=The Foundation, O=The Foundation, S=Some-State, C=US

Issuer:
CN=The Foundation, O=The Foundation, S=Some-State, C=US

Serial number:
00BFDA29BD9F457AD4

File PE Metadata
Compilation timestamp:
3/5/2015 10:51:42 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
786432:eLJmRGIXff9keaayimwJZHM3SD3K4JNCesWePrumsEUF0pfUUQgaE:etmRGIXff923imwJZMCDVSesWewF3UQ8

Entry address:
0x1C996D1

Entry point:
E8, 9A, 3A, 01, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 55, 0C, A1, 20, 38, EC, 02, F7, D2, 8B, 4D, 08, 23, D0, 23, 4D, 0C, 0B, D1, 89, 15, 20, 38, EC, 02, 5D, C3, E8, 09, 21, 00, 00, 85, C0, 74, 08, 6A, 16, E8, CC, 21, 00, 00, 59, F6, 05, 20, 38, EC, 02, 02, 74, 21, 6A, 17, E8, A9, 21, 60, 00, 85, C0, 74, 05, 6A, 07, 59, CD, 29, 6A, 01, 68, 15, 00, 00, 40, 6A, 03, E8, A9, F8, FF, FF, 83, C4, 0C, 6A, 03, E8, 16, FC, FF, FF, CC, 55, 8B, EC, 8D, 45, 18, 50, 6A, 00, FF, 75, 14, FF, 75, 10, FF, 75, 0C, FF, 75...
 
[+]

Code size:
34.9 MB (36,634,112 bytes)

Remove twittertime.exe - Powered by Reason Core Security