home

ctxfm112014.exe

CCH Canadian Limited

This is a setup program which is used to install the application. The file has been seen being downloaded from tc.cch.ca.
Publisher:
Wolters Kluwer Limited  (signed by CCH Canadian Limited)

Description:
{77350EAC-7934-4D60-A6F0-D1F9463D235E}

Version:
14.1.1.31

MD5:
bc7b3bf2363253b53fd1fc5f0a04cf32

SHA-1:
411cf32d3cfc95269dd775ae78a1ebb63e87560c

SHA-256:
4b0895b2284be64f51c2efe522aa9c2124e45dffa8fcead10208674208f4d5d8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/18/2024 5:29:49 AM UTC  (today)

File size:
70.4 MB (73,800,544 bytes)

Copyright:
Copyright © 2014 Wolters Kluwer Limited

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\ctxfm112014.exe

Digital Signature
Signed by:
CCH Canadian Limited

Authority:
DigiCert Inc

Valid from:
6/18/2012 9:00:00 PM

Valid to:
6/24/2015 9:00:00 AM

Subject:
CN=CCH Canadian Limited, O=CCH Canadian Limited, L=Sherbrooke, S=Quebec, C=CA

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
09C5F82A27476A5CF1ECCC20159D13FC

File PE Metadata
Compilation timestamp:
8/16/2007 3:13:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
1572864:05hBtzws+iqcaCQ+dg4O+WEGBd8I3A+6bghhvA4e:+LGlPcnqO2fvAVs+

Entry address:
0x1000

Entry point:
55, 8B, EC, 81, EC, 7C, 05, 00, 00, 53, 56, 57, BE, 04, 01, 00, 00, 56, 8D, 85, 90, FD, FF, FF, 33, DB, 50, 53, 89, 5D, F4, FF, 15, 38, 20, 40, 00, 56, 8D, 85, 90, FD, FF, FF, 50, 50, FF, 15, 34, 20, 40, 00, 8B, 3D, 30, 20, 40, 00, 53, 53, 6A, 03, 53, 6A, 01, 68, 00, 00, 00, 80, 8D, 85, 90, FD, FF, FF, 50, FF, D7, 83, F8, FF, 89, 45, FC, 0F, 84, 82, 01, 00, 00, 8D, 85, 8C, FC, FF, FF, 50, 56, FF, 15, 2C, 20, 40, 00, 8D, 85, 94, FE, FF, FF, 50, 53, 68, 58, 20, 40, 00, 8D, 85, 8C, FC, FF, FF, 50, FF, 15, 28...
 
[+]

Entropy:
7.9997

Developed / compiled with:
Microsoft Visual C++

Code size:
1024 Bytes (1,024 bytes)

The file ctxfm112014.exe has been seen being distributed by the following URL.

https://tc.cch.ca/cchservices/.../download.v3.asp?lng=EN&brd=CTX&session=2ntKXmtK4&key=d5fced1b-44e8-42d3-b766-54b20a082907&ref=4CK8oH49CGpSrDm$$&file=8NsOUO6roKQ18KQNm4Tbe&sz=73800544&type=f&pid=3djo$&vid=3ejgQ&product=CTX&tck=v7mAE1

Scan ctxfm112014.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.