home

d7II.exe

d7II

Foolish IT LLC

Publisher:
Foolish IT LLC  (signed and verified)

Product:
d7II

Description:
d7II - PC Technician's Tool

Version:
3.06.0084

MD5:
ef6de8972bf1cb7a35562313916fa993

SHA-1:
70ee5e2d19078d4ad814d1d6306b346bb5bac91b

SHA-256:
e70e5ddf1a79d00299bda6b91d103b1ea511592318671fba17717e226ad00e56

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 7:30:36 PM UTC  (today)

File size:
6.8 MB (7,126,208 bytes)

Product version:
3.06.0084

Copyright:
Foolish IT LLC

Original file name:
d7II.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Foolish IT LLC

Authority:
StartCom Ltd.

Valid from:
5/10/2014 7:38:40 AM

Valid to:
5/10/2016 3:34:08 AM

Subject:
E=foolishtech@foolishit.com, CN=Foolish IT LLC, O=Foolish IT LLC, L=Manteo, S=North Carolina, C=US, Description=D9J0KaT9DvjE2CWD

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
0E63

File PE Metadata
Compilation timestamp:
6/26/2015 9:10:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:u7eet7Y+wqYiqGBGCnt1mk4aNH1/mKyMAcWPWoWFnj71nBMULCEw41DQYSEIK5NL:u7eTzgt1mk4aNV5AojsULCEw41DQYSEx

Entry address:
0x4650C

Entry point:
68, FC, 7B, 44, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, 6C, 64, F9, 62, B0, B4, DF, 49, A3, 77, 60, 58, FE, 8B, 32, 2B, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 64, 37, 49, 49, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, A5, 00, FC, EE, 49, 00, 00, 00, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, 00, 00, 00, 00, 40, 0E, 4A, 00, 70, A0, 9C, 00, 00, 00, 00, 00, E8, 2D, 9F, 05, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 8C, 65, 44, 00...
 
[+]

Entropy:
6.1743

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
5.8 MB (6,062,080 bytes)

The file d7II.exe has been seen being distributed by the following URL.

https://www.dropbox.com/s/.../d7II.exe

Scan d7II.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.