» 8_+xevbh.exe
Overview
Analysis
File Details
Downloads (2)

8_+xevbh.exe

PCSpeedUp

Auslogics Labs Pty Ltd

File name:

8_+xevbh.exe

Publisher:

TweakBit (signed by Auslogics Labs Pty Ltd)

Product:

PCSpeedUp

Description:

PCSpeedUp Setup

Version:

1.6.9.7

MD5:

c035c45e0f910accf303e67cc8f14e22

SHA-1:

767ea1e57ceffedda6b614e129ae83303ab2dda2

SHA-256:

f368a9430f2eadf7b3723975dd89fccd056b7663570f1bfea7f84eb664019208

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 4:28:36 AM UTC (today)

File size:

401.6 KB (411,280 bytes)

Product version:

1.x

Trademarks:

Original file name:

pcspeedup_stub_installer.exe

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\8_+xevbh.exe.part

Digital Signature

Signed by:

Auslogics Labs Pty Ltd

Authority:

COMODO CA Limited

Valid from:

5/14/2014 8:00:00 PM

Valid to:

5/14/2017 7:59:59 PM

Subject:

CN=Auslogics Labs Pty Ltd, O=Auslogics Labs Pty Ltd, STREET=L 7 222 CLARENCE ST, L=Sydney, S=NSW, PostalCode=2000, C=AU

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

3D697A20890658526AB2F4CE3926AB80

File PE Metadata

Compilation timestamp:

8/11/2015 9:54:18 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6144:cWYCcoVN+Y3ucI0ybxnoQSjm3PZhaSysDa+D:creL3gbxoQn/pysRD

Entry address:

0x2A46C

Entry point:

55, 8B, EC, 83, C4, F0, B8, 2C, 75, 42, 00, E8, 60, E5, FD, FF, E8, 27, F7, FD, FF, 85, C0, 75, 0A, B8, 01, 00, 00, 00, E8, 3D, B7, FD, FF, A1, 80, D6, 41, 00, E8, 23, 33, FF, FF, A1, A8, E2, 41, 00, E8, 05, 3F, FF, FF, A1, 5C, 12, 42, 00, E8, CB, 6E, FF, FF, 33, C0, 55, 68, DD, A4, 42, 00, 64, FF, 30, 64, 89, 20, A1, 5C, 12, 42, 00, E8, 7B, 6F, FF, FF, 33, C0, 5A, 59, 59, 64, 89, 10, 68, E4, A4, 42, 00, A1, 5C, 12, 42, 00, E8, 74, 70, FF, FF, C3, E9, E2, AE, FD, FF, EB, EE, E8, B7, B5, FD, FF, 8D, 40, 00... 
[+]

Entropy:

6.6225

Developed / compiled with:

Microsoft Visual C++

Code size:

165.5 KB (169,472 bytes)

The file 8_+xevbh.exe has been seen being distributed by the following 2 URLs.

http://link.tweakbit.com/tds/.../?keyword=

http://downloads.tweakbit.com/go/ab_dan_softonic_cpm_e/en/pc-speed-up/source/softonic/dan01/.../pc-speed-up-setup.exe

Scan 8_+xevbh.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.