» activedossieruploader.exe_old
Overview
Analysis
File Details
Downloads (2)

activedossieruploader.exe_old

Active Dossier Uploader

vBAddict.net, Marius Czyz aka Phalynx

File name:

Publisher:

vBAddict.net, Marius Czyz aka Phalynx

Product:

Active Dossier Uploader

Version:

3.1.0.4

MD5:

18935e7a37f92619f876d86964abbc9b

SHA-1:

253a587b6ce7b4578487cef160099016062af722

SHA-256:

f0c3f3cd5c0d5652bf42778dadcde23c6deb3111e63fb4ddbd0ec3589356fec0

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/26/2024 9:11:24 AM UTC (today)

Scan engine

Detection

Engine version

Trend Micro House Call

Suspicious_GEN.F47V0911

7.2.264

File size:

2.1 MB (2,220,032 bytes)

Product version:

3.1.0.4

Original file name:

ActiveDossierUploader.exe

File PE Metadata

Compilation timestamp:

9/4/2014 2:50:40 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

49152:WFJidbP1FwFJi/QFJinvyQRGHcx0C+OTpNaLPg6rKGFJi4Ixli:EJidbtFWJi/2Ji440sPaLPzrK0Ji4Ili

Entry address:

0x20067E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

2 MB (2,091,008 bytes)

The file activedossieruploader.exe_old has been seen being distributed by the following 2 URLs.

http://www.vbaddict.net/.../ActiveDossierUploader.exe

Scan activedossieruploader.exe_old - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.