home

family_tree_builder_7117.exe

MyHeritage Ltd.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is installed with MyHeritage Family Tree Builder. The file has been seen being downloaded from a.netdna.mhcache.com.
Publisher:
MyHeritage Ltd.  (signed and verified)

MD5:
9a297082eecef5437b3090b7adba9ac5

SHA-1:
cdcb64fe069a1f8f3f386ade65df1f58ec92bd31

SHA-256:
f7f6bd67fde8f2bf458c5f83f3f0c0de1538516b7d5dfb289f35c06cf38c21c7

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/10/2024 11:17:03 AM UTC  (today)

File size:
35.2 MB (36,898,440 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\family_tree_builder_7117.exe

Digital Signature
Signed by:
MyHeritage Ltd.

Authority:
Thawte, Inc.

Valid from:
4/24/2012 2:00:00 AM

Valid to:
3/26/2014 12:59:59 AM

Subject:
CN=MyHeritage Ltd., OU=GENEALOGY RESEARCH, O=MyHeritage Ltd., L=Bnei Atarot, S=Bnei Atarot, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
06EC6BC2F2460615FF9E384A419CF9B5

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:NFMVc7/tbFTw9gjt5gGGurqNnHPLu+s2Hi9xA2kYX0Ihb8D2APvI3i:NF0c7/rTt5H9yvLRDC9uM0Gb8DDu

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file family_tree_builder_7117.exe has been discovered within the following program.

MyHeritage Family Tree Builder  by MyHeritage.com
Family Tree Builder (FTB) is genealogy software to create family trees. The free download version is distributed as freeware, with no restrictions, although registration is required to run the software.
www.myheritage.com/family-tree-builder
About 2% of users remove it
 
Powered by Should I Remove It?

The file family_tree_builder_7117.exe has been seen being distributed by the following URL.

http://a.netdna.mhcache.com/FP/.../family_tree_builder_7117.exe

Scan family_tree_builder_7117.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.