home

ventofix.bin

MD5:
1b1c75b9d0355c76c871a99f18af4cc8

SHA-1:
e5e4d0c3fd65b72d8a4ded6ef481ae11fc1fb618

SHA-256:
c6fa9063ad2b47134cbeea211fd0a0f3ea448abe815500e3e98c48a530b5337c

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/1/2025 7:20:07 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Toolbar.Linkury.AV potentially unwanted application
6.3.12010.0

File size:
1.8 MB (1,895,384 bytes)

Common path:
C:\users\{user}\appdata\roaming\ventofix.bin

File PE Metadata
Compilation timestamp:
8/15/2016 2:15:54 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0xFCE7

Entry point:
E8, 09, 05, 00, 00, E9, 80, FE, FF, FF, 3B, 0D, A8, B0, 42, 00, F2, 75, 02, F2, C3, F2, E9, 7E, 06, 00, 00, E9, 89, 4C, 00, 00, 55, 8B, EC, 83, 25, 60, 79, 45, 00, 00, 83, EC, 2C, 53, 33, DB, 43, 09, 1D, AC, B0, 42, 00, 6A, 0A, E8, BD, 1B, 01, 00, 85, C0, 0F, 84, 74, 01, 00, 00, 83, 65, EC, 00, 33, C0, 83, 0D, AC, B0, 42, 00, 02, 33, C9, 56, 57, 89, 1D, 60, 79, 45, 00, 8D, 7D, D4, 53, 0F, A2, 8B, F3, 5B, 89, 07, 89, 77, 04, 89, 4F, 08, 89, 57, 0C, 8B, 45, D4, 8B, 4D, E0, 89, 45, F4, 81, F1, 69, 6E, 65, 49...
 
[+]

Entropy:
7.9537  (probably packed)

Code size:
132 KB (135,168 bytes)

Scan ventofix.bin - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.