» cardrunnersev_c.exe
Overview
Analysis
File Details

cardrunnersev_c.exe

CardRunnersEV

StoxEV

File name:

cardrunnersev_c.exe

Publisher:

StoxEV (signed and verified)

Product:

CardRunnersEV

Version:

3, 0, 6, 0

MD5:

f04e69d4dfb61f69e06de025c3b6877b

SHA-1:

9eeaead9cd1f153ddfeadd53285b5ccb5e260af7

SHA-256:

132a0c9167b3f0ebc7e54467c56cae33d1f87074d41ad6a1bffd21954e7c7df0

Scanner detections:

3 / 68

Status:

Clean (3 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/23/2024 6:20:37 AM UTC (today)

Scan engine

Detection

Engine version

NANO AntiVirus

Trojan.Win32.XPACK.dowldt

0.30.24.2086

Sophos

Mal/EncPk-ABFU

4.98

Trend Micro House Call

Suspicious_GEN.F47V0204

7.2.43

File size:

7.4 MB (7,730,136 bytes)

Product version:

3, 0, 6, 0

Original file name:

StoxEV.EXE

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\cardrunnersev\cardrunnersev3\cardrunnersev_c.exe

Digital Signature

Signed by:

StoxEV

Authority:

COMODO CA Limited

Valid from:

4/10/2013 3:00:00 AM

Valid to:

4/10/2016 2:59:59 AM

Subject:

CN=StoxEV, O=StoxEV, STREET=Kolfstraat 123, L=Purmerend, S=Noord-Holland, PostalCode=1442 TC, C=NL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

5F83937A75060E85F04E3413233DFE4E

File PE Metadata

Compilation timestamp:

5/18/2015 12:04:13 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:qt0HoyUbSO/Zj6EkwM3auaV5pZw2zNdxQq5FZjPJryIl:qt0Ez2lwM3xUp5DxftJrb

Entry address:

0x1325000

Entry point:

EB, 08, 0F, B0, 75, 00, 00, 00, 00, 00, E9, 00, 20, 00, 00, 54, 41, 47, 47, 00, 20, 00, 00, E4, 15, 00, 00, 01, 00, 30, 82, 15, E0, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 02, A0, 82, 15, D1, 30, 82, 15, CD, 02, 01, 01, 31, 09, 30, 07, 06, 05, 2B, 0E, 03, 02, 1A, 30, 82, 09, 4C, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 01, A0, 82, 09, 3D, 04, 82, 09, 39, D0, 00, 01, 00, 01, C1, B1, A1, 02, 00, 03, 00, 02, 00, 00, 00, 26, 00, 00, 00, 01, 00, 3D, 71, DF, 2D, 6B, 2B, 3D, 45, 22, AA, DB, 32, 4E, D2, 72, B9, E6... 
[+]

Entropy:

7.9608 (probably packed)

Code size:

2 MB (2,072,576 bytes)

Scan cardrunnersev_c.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.