home

child.64

delphine

Lyto Datarindo Fortuna

Publisher:
Lyto Datarindo Fortuna  (signed and verified)

Product:
delphine

Description:
Force USI

Version:
1, 0, 0, 6

MD5:
5d1b1a2f24218fbf5879e5ba13af2a06

SHA-1:
7213ddb4f06651c78498bd8c1fd23e1195416a72

SHA-256:
80d0f72fe71266d28efae98387e080dec2649974a17d1cdecfffc314c8395ae3

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
1/2/2026 5:36:04 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Trojan.Win32.Generic.127F0F06!310316806
23.00.65.15819

File size:
208.1 KB (213,088 bytes)

Product version:
1, 0, 0, 6

Copyright:
Lyto Datarindo Fortuna

Trademarks:
delphine - child

Original file name:
childs.c

Language:
Indonesian (Indonesia)

Digital Signature
Signed by:
Lyto Datarindo Fortuna

Authority:
VeriSign, Inc.

Valid from:
3/16/2010 7:00:00 AM

Valid to:
3/17/2011 6:59:59 AM

Subject:
CN=Lyto Datarindo Fortuna, OU=System, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Lyto Datarindo Fortuna, L=Jakarta, S=Jakarta, C=ID

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1CF941796D3E8BFD37C027D52227F887

File PE Metadata
Compilation timestamp:
11/12/2010 3:06:09 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
3072:35I+ofg4R1ORQNIeQcFVlYZOOU07BXHLWNrfiqULNEsoKTbDN2uQnJSMk3HXxvLG:xoY4Dd7QcLlkOAXLkrhYHPbDNXVMp

Entry address:
0xB3140

Entry point:
90, 90, 90, 68, 2E, E5, C5, D1, E9, 84, 50, 00, 00, 8B, 2F, 1B, 52, 0B, 21, 11, 9D, 5C, 9B, C5, DE, A8, 6F, A9, 91, E3, B9, D8, E6, 7C, D0, 3E, B5, 4C, 3F, F9, 2F, AB, E6, 7B, D4, 5C, 1E, 96, 2E, 8E, E1, 95, 17, 11, 00, 8B, 03, C4, D5, F3, 26, 6D, 20, B9, 2A, BF, 72, 3F, 22, 49, 00, 00, 00, 00, 94, 5B, CB, C3, 9C, D6, AD, DD, AC, 0E, CE, E5, 1F, DC, B5, B3, B2, 27, 48, 48, 02, 16, 49, C1, A1, 09, 99, 46, F0, 0B, 4E, 5D, 41, 9B, 42, 1A, CC, 31, 32, 18, 77, 8E, BA, 5D, 50, 77, 26, 9C, F2, F0, 9B, 60, CE, CE...
 
[+]

Entropy:
7.8826  (probably packed)

Code size:
814.5 KB (834,048 bytes)

Scan child.64 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.