home

elback.exe

FSPro Labs

Publisher:
FSPro Labs  (signed and verified)

MD5:
ba978e71e25e03497c6e9e1adb398154

SHA-1:
b201b23b93c5f798ac4170747eb0e8a62fa6a6e5

SHA-256:
53c3929446a2fb83257804cac2f4cdcc74de2b2a7fe3556fd0438f639b9cb59d

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 4:51:04 PM UTC  (today)

Scan engine
Detection
Engine version

SUPERAntiSpyware
Trojan.Agent/Gen-Flux
10494

File size:
73 KB (74,720 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
FSPro Labs

Authority:
The USERTRUST Network

Valid from:
1/21/2007 9:00:00 AM

Valid to:
1/22/2008 8:59:59 AM

Subject:
CN=FSPro Labs, O=FSPro Labs, STREET=20-6 P.Toliatti st. apt. 20, L=Taganrog, S=RO, PostalCode=347931, C=RU

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
0080BFAF635421F01F5FBF784912F11AE7

File PE Metadata
Compilation timestamp:
6/20/1992 7:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.25

CTPH (ssdeep):
1536:/gqsE3sxDurc9l0DjgyaGd88w1D8qtJg4xDZv4e+59P:kDecgngyjBqtm4xdF+59

Entry address:
0xDFD0

Entry point:
55, 8B, EC, 83, C4, E0, 53, 56, 57, 33, C0, 89, 45, E0, 89, 45, EC, 89, 45, F0, A1, F4, F3, 40, 00, C6, 00, 01, B8, 30, DF, 40, 00, E8, 96, 77, FF, FF, 8B, 1D, 34, F3, 40, 00, 33, C0, 55, 68, 20, E3, 40, 00, 64, FF, 30, 64, 89, 20, 8D, 45, F0, E8, 32, EC, FF, FF, 8B, 55, F0, B8, 64, 06, 41, 00, E8, D1, 53, FF, FF, E8, 30, 47, FF, FF, 85, C0, 74, 19, B1, 01, BA, 30, E3, 40, 00, B8, 58, E3, 40, 00, E8, D3, A8, FF, FF, 84, C0, 0F, 84, 73, 01, 00, 00, 8B, C3, BA, 64, E3, 40, 00, E8, E7, 58, FF, FF, E8, C9, 6E...
 
[+]

Entropy:
6.5108

Developed / compiled with:
Microsoft Visual C++

Code size:
54 KB (55,296 bytes)

Scan elback.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.