home

dfwgxf6a4.exe

Malwarebytes Corporation

Publisher:
Malwarebytes Corporation  (signed and verified)

MD5:
9c1de7ecc70302fd4f02b12079104613

SHA-1:
f526361d08a6c20a0083bc760bdcb1bfb3213b4a

SHA-256:
d4e2f37b9bd0ecf248c8e0421368d4aaa39bbd3cb660763b3b5613303b06c484

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 1:35:29 AM UTC  (today)

File size:
1010.9 KB (1,035,136 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\dfwgxf6a4.exe

Digital Signature
Signed by:
Malwarebytes Corporation

Authority:
VeriSign, Inc.

Valid from:
9/7/2009 7:00:00 PM

Valid to:
4/14/2012 6:59:59 PM

Subject:
CN=Malwarebytes Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Malwarebytes Corporation, L=Champaign, S=Illinois, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
087BF904D84543142F7B6F46ABCD459D

File PE Metadata
Compilation timestamp:
5/10/2005 7:08:32 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
24576:FNm9Bt5IKZ+W/DuBLHmbZ6uuGFL3C978Zplk:ForRYmuBrqZEgC978Zzk

Entry address:
0x1000

Entry point:
E8, B7, 24, 00, 00, 50, E8, E7, 9D, 00, 00, 00, 00, 00, 00, 90, 55, 8B, EC, 53, 56, 57, 8B, 7D, 10, 8B, 5D, 0C, 8B, 75, 08, 8B, D3, FF, 75, 14, 68, E5, C0, 40, 00, 6A, 00, 6A, 00, 8B, C6, 8B, CF, E8, 42, 40, 00, 00, 81, EB, 10, 01, 00, 00, 74, 05, 4B, 74, 14, EB, 57, FF, 75, 14, 6A, 66, 56, E8, 3C, A0, 00, 00, B8, 01, 00, 00, 00, EB, 47, 66, 81, E7, FF, FF, 66, FF, CF, 74, 07, 66, FF, CF, 74, 23, EB, 30, 68, 80, 00, 00, 00, 68, DC, D4, 40, 00, 6A, 65, 56, E8, 82, 9F, 00, 00, 6A, 01, 56, E8, 5C, 9F, 00, 00...
 
[+]

Entropy:
7.9658  (probably packed)

Code size:
44 KB (45,056 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.