home

family_tree_builder.exe

MyHeritage Ltd.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is installed with MyHeritage Family Tree Builder. The file has been seen being downloaded from a.myheritageonline.com.
Publisher:
MyHeritage Ltd.  (signed and verified)

MD5:
2c19cf2d5831f82edafdf27946a2a051

SHA-1:
90531a9faab350602608dde45d1b0d6f2f405c2d

SHA-256:
a1932ab9b9cc6c2f7460b074a98e5148d7c8b7d97dd78441b6633d8c302d5575

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 4:59:04 AM UTC  (today)

File size:
542.6 KB (555,576 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\family_tree_builder.exe

Digital Signature
Signed by:
MyHeritage Ltd.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
2/21/2008 1:00:00 AM

Valid to:
3/24/2010 12:59:59 AM

Subject:
CN=MyHeritage Ltd., OU=GENEALOGY RESEARCH, O=MyHeritage Ltd., L=Bnei Atarot, S=Bnei Atarot, C=IL

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
75549F68705A5EE7233D6E7F90A8D4AF

File PE Metadata
Compilation timestamp:
12/20/2008 1:41:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:nxconwqEaiEPWVejQA8rNNPbG0/ao4gpuLCxyk5MReAlDi6fL:n/nvEaibejmZNDG0/0lCckfuDlL

Entry address:
0x30F1

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, EA, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A1, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 8F, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file family_tree_builder.exe has been discovered within the following program.

MyHeritage Family Tree Builder  by MyHeritage.com
Family Tree Builder (FTB) is genealogy software to create family trees. The free download version is distributed as freeware, with no restrictions, although registration is required to run the software.
www.myheritage.com/family-tree-builder
About 2% of users remove it
 
Powered by Should I Remove It?

The file family_tree_builder.exe has been seen being distributed by the following URL.

http://a.myheritageonline.com/FP/.../family_tree_builder.exe

Scan family_tree_builder.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.