home

banner.exe

Vladimir Varenkov

Publisher:
Vladimir Varenkov  (signed and verified)

MD5:
9cb845e90e948dd5d29dc75dcdd98a06

SHA-1:
2aa73d1fd5d81583ddefa76330b6f6e927f1a3c1

SHA-256:
11244e014075f07584e9e09992b2cf797711a838808e5b3a0ef953eceb49144b

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/25/2024 8:30:47 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.CDB
1.3.0.4959

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.14918

Trend Micro House Call
Possible_Virus
7.2.263

Trend Micro
Possible_Virus
10.465.20

File size:
699.1 KB (715,904 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\easy banner creator 2.6\banner.exe

Digital Signature
Signed by:
Vladimir Varenkov

Authority:
StartCom Ltd.

Valid from:
3/28/2012 10:27:02 AM

Valid to:
3/29/2014 10:55:09 AM

Subject:
E=support@easyanimationtools.com, CN=Vladimir Varenkov, L=Troitsk, S=Moskva Oblast, C=RU, Description=aP8721LmpRRf5N6X

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
05A9

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:YHKPVhwOrql1wkQxD9ekWOsuwF/rTw0KjO8Xjm1q8rwOI4aL3nFZOCfs130PDpcW:YHK3rq3WD9e/Hu8jejO8zkq2DabKB0P7

Entry address:
0x1BD000

Entry point:
EB, 02, 19, 3D, 50, EB, 01, FF, E8, 18, 00, 00, 00, EB, 04, B5, FC, B0, 98, EB, 01, 2F, 33, C0, EB, 05, 45, 4D, 70, 35, 40, 71, 61, EB, 02, B6, 68, EB, 05, E9, 7A, 0F, 9A, C2, B8, 0B, 48, 88, F6, EB, 03, 07, 40, B3, EB, 01, D7, 05, F5, B7, 77, 09, EB, 04, AD, 79, A3, B6, 75, 3C, EB, 03, 48, 7D, 7B, 64, FF, 30, EB, 03, EB, 89, A4, 64, 89, 20, EB, 03, 24, C4, 9A, EB, 01, 26, 8B, 10, EB, 04, 6A, 8B, 87, 4D, 64, 8F, 00, EB, 01, 03, 83, C4, 04, EB, 04, 6C, 77, 5B, 12, 58, EB, 03, 38, 3D, 1D, C3, EB, 04, F9, 57...
 
[+]

Packer / compiler:
FSG v1.10 (Microsoft Visual C++ 6.0 / 7.0)

Code size:
882.5 KB (903,680 bytes)

Scan banner.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.