d4ca6a2286e4cd43c2514d47dbb20be9b78cc779

ToolWiz Care

XII CNC Inc.

It is installed within the Mozilla Firefox web browser as part of an addin/plugin.
Publisher:
ToolWiz  (signed by XII CNC Inc.)

Product:
ToolWiz Care

Version:
3.1.0.5500

MD5:
5f741189382905cc64ee4f2c4646c281

SHA-1:
78dec4d029a7cc410d7e4a3bbd49b2500001f830

SHA-256:
3e7e7660123a4f08422a90045190691455d7d96a9b73147131890108136f280b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
10/24/2017 7:01:31 AM UTC  (today)

File size:
7.2 MB (7,539,877 bytes)

Product version:
2.0

Copyright:
Copyright(c) 2013 by ToolWiz.com

Trademarks:
ToolWiz

Original file name:
Setup.exe

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\mozilla\firefox\profiles\41a66e7e5ee1\cache2\entries\d4ca6a2286e4cd43c2514d47dbb20be9b78cc779

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
9/10/2013 8:00:00 AM

Valid to:
11/10/2014 7:59:59 AM

Subject:
CN=XII CNC Inc., OU=R&D Team, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=XII CNC Inc., L=Anyang-si, S=Gyeonggi-do, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0EA8B60149BC1FE40C91216292149AA7

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:eImId/Hz9onJicYZK3bE3xLQPM/8KG7fV83RxK5Wx:4wTCnsw3bmLQPMmDy3Rx

Entry address:
0xF9C001

Entry point:
60, E9, 3D, 04, 00, 00, 41, 8D, AD, A9, A9, 42, A9, 12, 99, 90, ED, A9, AA, 74, 82, 34, 79, 96, ED, A9, 2A, 14, 55, E0, ED, A9, A9, 20, 34, 55, E0, ED, A9, A6, 2C, CF, AA, A9, A9, 6E, 2C, 9A, 90, ED, A9, A9, A9, A9, A9, 24, 2C, AD, E3, ED, A9, F9, 56, 3C, A9, E2, ED, A9, 20, 2C, A9, E3, ED, A9, 22, 51, 24, 34, B8, E3, ED, A9, FA, F9, 56, 3C, 55, E3, ED, A9, 20, 2C, 55, 96, ED, A9, 24, 34, B7, E3, ED, A9, FA, FE, 56, 3C, 55, E3, ED, A9, 20, 2C, A9, E9, ED, A9, 24, 2C, 1C, 90, ED, A9, 56, 49, FD, C0, BC, A9...
 
[+]

Entropy:
7.9942

Packer / compiler:
ASPack v2.11

Code size:
1.3 MB (1,400,320 bytes)

Scan d4ca6a2286e4cd43c2514d47dbb20be9b78cc779 - Powered by Reason Core Security