home

va_x_setup2114.exe

Visual Assist

Whole Tomato Software, Inc.

This is a setup and installation application. The file has been seen being downloaded from www.wholetomato.com and multiple other hosts.
Publisher:
Whole Tomato Software, Inc.  (signed and verified)

Product:
Visual Assist

Description:
Visual Assist Installer

Version:
10, 9, 2114, 0

MD5:
be35202a061319dda05235113c6331ca

SHA-1:
338e441af47073582764bc5a2876aa92c90dd116

SHA-256:
728100551b90559850a59e65fce2cac8e54d6565533b77533eef52744c656ac2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 8:37:37 AM UTC  (today)

File size:
22.4 MB (23,534,408 bytes)

Product version:
10, 9, 2114, 0

Copyright:
Copyright© 1999-2016 Whole Tomato Software, Inc.

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\va_x_setup2114.exe

Digital Signature
Signed by:
Whole Tomato Software, Inc.

Authority:
thawte, Inc.

Valid from:
5/18/2015 9:00:00 AM

Valid to:
8/7/2017 8:59:59 AM

Subject:
CN="Whole Tomato Software, Inc.", OU=Secure Application Development, O="Whole Tomato Software, Inc.", L=Englewood, S=Florida, C=US

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
51F6066269CB336D1EC5A687D8EE99E9

File PE Metadata
Compilation timestamp:
10/16/2016 7:12:54 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
393216:mJoCUXzfNMVJU7ml07X2xaecicFo6uOmZKJO05T6auxJvkalyut8b+gGvUi3:6ozzFMX07reHcFoFZo5T61s3ut8b3mD3

Entry address:
0x6354

Entry point:
E8, BB, 05, 00, 00, E9, 80, FE, FF, FF, 55, 8B, EC, 6A, 00, FF, 15, DC, 80, 41, 00, FF, 75, 08, FF, 15, D8, 80, 41, 00, 68, 09, 04, 00, C0, FF, 15, 5C, 81, 41, 00, 50, FF, 15, E4, 80, 41, 00, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, EC, 04, 01, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, B8, 2A, 42, 00, 89, 0D, B4, 2A, 42, 00, 89, 15, B0, 2A, 42, 00, 89, 1D, AC, 2A, 42, 00, 89, 35, A8, 2A, 42, 00, 89, 3D, A4, 2A, 42, 00, 66, 8C, 15, D0, 2A, 42, 00, 66, 8C, 0D, C4, 2A, 42, 00, 66, 8C, 1D, A0...
 
[+]

Entropy:
7.9920  (probably packed)

Code size:
91.5 KB (93,696 bytes)

The file va_x_setup2114.exe has been seen being distributed by the following 2 URLs.

http://www.wholetomato.com/.../VA_X_Setup2114.exe

http://www.wholetomato.com/.../getBuild.asp?2114

Scan va_x_setup2114.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.