home

evtx_view64.exe

EventLog parser application

TZWORKS LLC

Publisher:
TZWORKS LLC  (signed and verified)

Product:
EventLog parser application

Description:
Windows Eventlog Viewer

Version:
0.0.6.3

MD5:
07f24e10dbd04cd4880226c8a7a4e569

SHA-1:
0d3814227abbe7db6931a4399be7951d2e38fd01

SHA-256:
8aadda9500a2b18d472470252792bc6e2b8c967413ad1f15dd4abc67c603fec2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/6/2024 4:59:26 PM UTC  (today)

File size:
1.4 MB (1,505,968 bytes)

Product version:
0.0.6.3

Copyright:
Copyright © TZWorks LLC 2009-2011

Original file name:
evtx_view.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\evtx_view64.v.0.63.win\evtx_view64.exe

Digital Signature
Signed by:
TZWORKS LLC

Authority:
The USERTRUST Network

Valid from:
12/22/2008 7:00:00 PM

Valid to:
12/23/2011 6:59:59 PM

Subject:
CN=TZWORKS LLC, O=TZWORKS LLC, STREET=3004 Breezy Knoll Court, L=Herdon, S=VA, PostalCode=20171, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00F4D7AE908AC915CC6BDE75BC8BAC190B

File PE Metadata
Compilation timestamp:
10/22/2011 8:15:52 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:5Z5gbclwZNHXUrKdsxYqF3JLoyUsZfBojwt4BDIKKZe2yQdmlwtIhTaQ/ZPYfw2V:5ZSbw4XXds2+pTUsZfB0y4ZIKKIBTNJm

Entry address:
0xB68A8

Entry point:
48, 83, EC, 28, E8, 1F, AD, 00, 00, 48, 83, C4, 28, E9, 76, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, A1, 5D, 0A, 00, 75, 11, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 02, F3, C3, 48, C1, C9, 10, E9, 95, AD, 00, 00, CC, 40, 53, 48, 83, EC, 20, 49, 8B, C0, 4D, 85, C9, 74, 3B, 48, 85, C9, 75, 15, E8, A8, 1B, 00, 00, BB, 16, 00, 00, 00, 89, 18, E8, B4, B0, 00, 00, 8B, C3, EB, 23, 48, 85, C0, 74, E6, 49, 3B, D1, 73, 0C, E8, 89, 1B, 00, 00, BB...
 
[+]

Entropy:
6.1633

Code size:
891.5 KB (912,896 bytes)

Scan evtx_view64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.