home

DeclareTool.exe

TODO:

Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin

Publisher:
TODO: <Company name>  (signed by Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin)

Product:
TODO: <Product name>

Description:
TODO: <File description>

Version:
1.0.1.1

MD5:
dd15a41b4b29191e89a454870b55284b

SHA-1:
e86d516c4a146248e3ffbf13ba338b10b4b07862

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/18/2024 9:56:54 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

File size:
194.8 KB (199,520 bytes)

Product version:
1.0.1.1

Copyright:
TODO: (c) <Company name>. All rights reserved.

Original file name:
DeclareTool.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\vtcgame\audition\declaretool.exe

Digital Signature
Signed by:
Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin

Authority:
VeriSign, Inc.

Valid from:
7/25/2011 7:00:00 AM

Valid to:
7/26/2013 6:59:59 AM

Subject:
CN=Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin, L=Hanoi, S=Hanoi, C=VN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1163AFD815645B4622FAC27B357AE85B

File PE Metadata
Compilation timestamp:
5/31/2013 6:37:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:jwvP7Z6tMzUj6yfDseH2qZVwE8t5eXZFEPi:eFXUHfpWqZ78tspFEPi

Entry address:
0x1000

Entry point:
B8, 04, 68, 47, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, CD, 7F, 95, A8, 88, 4E, 0C, 00, FB, 0F, 57, 63, 80, 4D, 99, E9, A1, 3D, 58, EC, 1C, ED, 1B, 07, C0, B1, 2E, D5, 53, A8, 07, EE, 0E, 87, 47, C0, E9, CB, B6, 6E, 25, 3F, BC, 74, 3F, F4, 29, 81, 0E, 24, 24, BF, 29, 97, 88, EC, 3A, 47, A5, 5F, 62, C0, 0C, E1, F1, 45, 6B, 66, 93, F9, FF, 41, 49, C0, 90, 81, B3, 29, C5, 51, 4F, E8, 84, 83, 00, 13, 23, A6, 53, 6D, 64, 96, FE...
 
[+]

Entropy:
7.8458

Packer / compiler:
PECompact v2

Code size:
276 KB (282,624 bytes)

The file DeclareTool.exe has been discovered within the following program.

New Audition  by VTCGame
au.vtcgame.vn
About 1% of users remove it
 
Powered by Should I Remove It?

Scan DeclareTool.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.