» content.004
Overview
Analysis
File Details

content.004

Smilebox

Smilebox Inc.

The file content.004 by Smilebox has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

content.004

Publisher:

Smilebox, Inc. (signed by Smilebox Inc.)

Product:

Smilebox

Description:

Smilebox Starter

Version:

5324

MD5:

0b1f495bee84b0b122e6d7d215f3421c

SHA-1:

fd44a27431368f8c233a6003428d73b348048768

SHA-256:

a4bbf5227632e2097d6d7dbb6353101b248f2b37d52978314b8070e25cbd268d

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

5/2/2024 9:15:16 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic

17.2.6.13

File size:

272.9 KB (279,440 bytes)

Product version:

5324

Original file name:

SmileboxStarter.exe

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\content.004

Digital Signature

Signed by:

Smilebox Inc.

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

3/12/2006 8:00:00 PM

Valid to:

3/13/2007 7:59:59 PM

Subject:

CN=Smilebox Inc., OU=Secure Application Department, O=Smilebox Inc., L=Redmond, S=Washington, C=US

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

51756962B5194FC944CFE96B5C4D7C63

File PE Metadata

Compilation timestamp:

12/5/2006 2:16:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

Entry address:

0x1F530

Entry point:

E8, 9B, 65, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 83, EC, 24, 53, 56, 8B, 75, 08, 33, DB, 3B, F3, 74, 05, 39, 5D, 0C, 77, 1B, E8, 9A, 1D, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, B2, 1F, 00, 00, 83, C4, 14, 8B, C6, EB, 40, 8B, 45, 10, 3B, C3, 88, 1E, 74, DC, 39, 58, 04, 7F, 12, 7C, 04, 39, 18, 73, 0C, E8, 6B, 1D, 00, 00, 6A, 16, 5E, 89, 30, EB, DC, 50, 8D, 45, DC, 50, E8, BD, 67, 00, 00, 3B, C3, 59, 59, 75, 10, 8D, 45, DC, 50, FF, 75, 0C, 56, E8, BC, 65, 00, 00, 83, C4, 0C, 5E, 5B, C9, C3, 53... 
[+]

Entropy:

6.3228

Code size:

176 KB (180,224 bytes)

Remove content.004 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.