» D7 Skin Picker.exe
Overview
Analysis
File Details

D7 Skin Picker.exe

D7SkinPicker

John Shaw

File name:

D7 Skin Picker.exe

Publisher:

Foolish IT (signed by John Shaw)

Product:

D7SkinPicker

Version:

1.00

MD5:

7435125c9854711c56cf8b3e286f94e9

SHA-1:

c581a8039f7d2d8f2b6c2f3919e982a0574d7095

SHA-256:

73211badbf7641f46c0aea57851b569dcbb2213a104b8a6d676be486325c6b86

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/19/2024 7:21:41 PM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

BACKDOOR.Trojan

9.0.1.0342

File size:

86.9 KB (88,944 bytes)

Product version:

1.00

Original file name:

D7 Skin Picker.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Digital Signature

Signed by:

John Shaw

Authority:

StartCom Ltd.

Valid from:

2/16/2012 10:30:13 AM

Valid to:

2/17/2014 7:18:06 AM

Subject:

E=nick@obxcompguy.com, CN=John Shaw, L=Manteo NC, S=North Carolina, C=US, Description=Q060IjEkExVuy25F

Issuer:

CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:

0545

File PE Metadata

Compilation timestamp:

3/8/2012 9:12:20 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

1536:H5Irz067zkJcfGo3aZRKWEwlIW7Hntw2lK:ZIrz0W+BZw1LMnC

Entry address:

0x1E9C

Entry point:

68, E8, 1F, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 1F, 6C, AB, A8, A0, 66, 3C, 47, AF, 50, ED, FF, AA, 36, 04, EE, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 3A, 01, E8, 40, 3C, 01, 44, 37, 53, 6B, 69, 6E, 50, 69, 63, 6B, 65, 72, 00, 43, 6F, 6E, 00, 00, 00, 00, 01, 00, 01, 00, 48, 2D, 40, 00, 00, 00, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, 00, 00, 00, 00, CC, 2D, 40, 00, 68, 10, 41, 00, 02, 00, 00, 00, 24, 1F, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.2817

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

64 KB (65,536 bytes)

Scan D7 Skin Picker.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.