home

d7II.exe

d7II

Foolish IT LLC

Publisher:
Foolish IT LLC  (signed and verified)

Product:
d7II

Description:
d7II - PC Technician's Tool

Version:
3.06.0084

MD5:
95d598a92f381a1b4a759fc4fc050551

SHA-1:
e4006f549adba88c9e6d95cc6433cb7b00629ca1

SHA-256:
4e0ac78f6a6b4910ec2f16da2165e0a6df450b050511a3d1209600bb55c77756

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
5/4/2024 3:40:47 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.DownLoader14.30476
9.0.1.05190

Sophos
Mal/Backdr-L
4.98

Trend Micro House Call
Suspicious_GEN.F47V0809
7.2.362

File size:
6.8 MB (7,126,208 bytes)

Product version:
3.06.0084

Copyright:
Foolish IT LLC

Original file name:
d7II.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Foolish IT LLC

Authority:
StartCom Ltd.

Valid from:
5/10/2014 2:38:40 AM

Valid to:
5/9/2016 10:34:08 PM

Subject:
E=foolishtech@foolishit.com, CN=Foolish IT LLC, O=Foolish IT LLC, L=Manteo, S=North Carolina, C=US, Description=D9J0KaT9DvjE2CWD

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
0E63

File PE Metadata
Compilation timestamp:
6/26/2015 4:10:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:u7eet7Y+wqYiqGBGCntKmk4aNH1/mKyMAcWPWoWFnj71nBMULCEw41DQYSEIK5NL:u7eTzgtKmk4aNV5AojsULCEw41DQYSEx

Entry address:
0x4650C

Entry point:
68, FC, 7B, 44, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, 6C, 64, F9, 62, B0, B4, DF, 49, A3, 77, 60, 58, FE, 8B, 32, 2B, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 64, 37, 49, 49, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, A5, 00, FC, EE, 49, 00, 00, 00, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, 00, 00, 00, 00, 40, 0E, 4A, 00, 70, A0, 9C, 00, 00, 00, 00, 00, E8, 2D, 9F, 05, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 8C, 65, 44, 00...
 
[+]

Entropy:
6.1744

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
5.8 MB (6,062,080 bytes)

Scan d7II.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.