» writer's block pro.exe
Overview
Analysis
File Details
Downloads (2)

writer's block pro.exe

Writer's Block

Felix Belzile

File name:

Publisher:

Felix Logic (signed by Felix Belzile)

Product:

Writer's Block

Version:

1.1.0.0

MD5:

6ca832846840a546ac9bded1d7ae35e5

SHA-1:

7c5db4afa71f0328f7afb014d6215dc2e81360ab

SHA-256:

f3b81e024a1ab0d0fcfd56f527e037608758e1bf75178ea1cef7ff227e92e9ed

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/16/2024 7:47:25 PM UTC (today)

File size:

958.2 KB (981,192 bytes)

Product version:

1.1.0.0

Original file name:

WritersBlock.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\writer's block pro.exe

Digital Signature

Signed by:

Felix Belzile

Authority:

COMODO CA Limited

Valid from:

3/6/2016 4:00:00 PM

Valid to:

3/7/2019 3:59:59 PM

Subject:

CN=Felix Belzile, O=Felix Belzile, STREET=530 Laurier Ave W, L=Ottawa, S=Ontario, PostalCode=K1R 7T1, C=CA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00F2D8FD16E5806A3F0A8BBEBB5233B422

File PE Metadata

Compilation timestamp:

2/23/2016 3:57:03 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:2bIe6V+qfdSc+3ZbPXX44444Q8H64XI4f44T7f444TALwy6V+qfdSc+3ZbPXX44F:2bgNNENNzHiM0qyG/xil

Entry address:

0x94CEE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

3.4017

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

587.5 KB (601,600 bytes)

The file writer's block pro.exe has been seen being distributed by the following 2 URLs.

https://felixlogic.dpdcart.com/.../download?fulfillment_id=10652104&fulfillment_file_id=7690598&filename=Writer's Block Pro.exe&purchase_id=8067744&salt=dc1d558009454257f4bf984ac96967229a40cf47

https://felixlogic.dpdcart.com/.../download?fulfillment_id=10639345&fulfillment_file_id=7681245&filename=Writer's Block Pro.exe&purchase_id=8060514&salt=e15ba622e3924cc160b5f42e5528f19a9730123c

Scan writer's block pro.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.