home

efilmlt.exe

eFilm Workstation

MERGE Healthcare

Publisher:
MERGE Healthcare  (signed and verified)

Product:
eFilm Workstation

Description:
eFilm

Version:
3.4.0.10

MD5:
e57821b90966f8f3aabb83fe78b23de5

SHA-1:
239b3ddd47bf8c422bf7f08415a0a09a3e462422

SHA-256:
f75817be6d91436ddcb7030c54ccca245477aaba6dd751fc7ccfb62a44226287

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/6/2024 1:07:19 PM UTC  (today)

File size:
5.8 MB (6,103,752 bytes)

Product version:
3.4.0.10

Copyright:
2010

Original file name:
eFilm.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
MERGE Healthcare

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
4/10/2009 11:11:01 AM

Valid to:
4/1/2011 11:28:26 AM

Subject:
CN=MERGE Healthcare, OU=North America, O=MERGE Healthcare, L=Burlington, S=Massachusetts, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
5B207D13A47E2EBD7658106269969F91

File PE Metadata
Compilation timestamp:
12/2/2010 5:05:48 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:V9T52EVoZ8bXOlEfkhRtfb1uW/Q8o8iLlss/x:TForhLbgW/Q8o8iLlss/x

Entry address:
0x17C374

Entry point:
E8, BB, 04, 00, 00, E9, 35, FD, FF, FF, CC, CC, 68, EA, BB, 57, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 24, B6, 60, 00, 31, 45, FC, 33, C5, 89, 45, E4, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, E4, 33, CD, E8, 48, F7, FF, FF, E9, 52, 01, 00, 00, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 38, CE, 60, 00, 89, 0D, 34, CE, 60, 00, 89, 15, 30, CE, 60, 00, 89, 1D, 2C...
 
[+]

Entropy:
5.6083

Code size:
1.6 MB (1,720,320 bytes)

The file efilmlt.exe has been seen being distributed by the following URL.

https://doc-00-c4-docs.googleusercontent.com/docs/securesc/5679rv2io9ilje8f0cttcvnsc0mus735/9ldvlmjbmchf9ce75if6u9dpnokk0tm3/1464091200000/.../06594036764475863916/0Bx6JN_6oFSqQbU53TXpIcHZoREU?e=download

Scan efilmlt.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.