» color my facebook64.exe
Overview
Analysis
File Details
Programs (1)

color my facebook64.exe

Color My Facebook

Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com

The executable color my facebook64.exe, “Color My Facebook exe” has been detected as malware by 1 anti-virus scanner. This file is typically installed with the program Color My Facebook by Duval which is a potentially unwanted software program.

File name:

Publisher:

Duval (signed by Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com)

Product:

Color My Facebook

Description:

Color My Facebook exe

Version:

1000.1000.1000.1000

MD5:

092b8d966b8ec157f5cd19b85124a4c4

SHA-1:

efb986ec241e816fd6019d40570030475b225b66

SHA-256:

0beaaf281279493181d608eb940b66e66ac231730ead67eca630173b34bb0742

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

4/19/2024 2:04:31 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Threat.Win.Reputation.IMP

15.6.18.22

File size:

164.6 KB (168,536 bytes)

Product version:

1000.1000.1000.1000

Original file name:

Color My Facebook.exe

File type:

Executable application (Win64 EXE)

Language:

English (United States)

Common path:

C:\Program Files\color my facebook\color my facebook64.exe

Digital Signature

Signed by:

Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com

Authority:

Apple Inc.

Valid from:

7/16/2012 1:25:00 AM

Valid to:

7/16/2013 1:25:00 AM

Subject:

C=FR, CN=Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com, OID.0.9.2342.19200300.100.1.1=3MV9W8EA58

Issuer:

CN=Apple Worldwide Developer Relations Certification Authority, OU=Apple Worldwide Developer Relations, O=Apple Inc., C=US

Serial number:

24A43EE61F285A43

File PE Metadata

Compilation timestamp:

3/18/2013 8:42:40 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

1536:UkzDwF75PL5t1W/vnradqaGKwLAMwJyi9fkTzHzUz5ARrU4FjV71WBDtTN/wqqJp:UyE50nC+KwUM0XKTzDBJqDqGrZqJfYjY

Entry address:

0x10048

Entry point:

48, 83, EC, 28, E8, 7F, 52, 00, 00, 48, 83, C4, 28, E9, 52, FE, FF, FF, CC, CC, 40, 53, 48, 83, EC, 30, 48, 8B, D9, B9, 0E, 00, 00, 00, E8, 21, 55, 00, 00, 90, 48, 8B, 43, 08, 48, 85, C0, 74, 3F, 48, 8B, 0D, 68, 74, 01, 00, 48, 8D, 15, 59, 74, 01, 00, 48, 89, 4C, 24, 20, 48, 85, C9, 74, 19, 48, 39, 01, 75, 0F, 48, 8B, 41, 08, 48, 89, 42, 08, E8, A5, E5, FF, FF, EB, 05, 48, 8B, D1, EB, DD, 48, 8B, 4B, 08, E8, 95, E5, FF, FF, 48, 83, 63, 08, 00, B9, 0E, 00, 00, 00, E8, CE, 53, 00, 00, 48, 83, C4, 30, 5B, C3... 
[+]

Entropy:

5.8912

Code size:

99 KB (101,376 bytes)

The file color my facebook64.exe has been discovered within the following program.

Color My Facebook by Duval

Publisher's description - “No more blue on Facebook! Choose your favorite color and see result instantly on your Facebook pages. Over 2,500,000 people downloaded Color My Facebook, the most popular and beautiful Facebook color changer! Are you?”

colormyfacebook.com

64% remove it

Remove color my facebook64.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.