home

FamilyTreePublisher.exe

MyHeritage Family Tree Publisher

MyHeritage Ltd.

The application FamilyTreePublisher.exe, “MyHeritage Family Tree Publisher Software” by MyHeritage has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program MyHeritage Family Tree Builder by MyHeritage.com.
Publisher:
MyHeritage  (signed by MyHeritage Ltd.)

Product:
MyHeritage Family Tree Publisher

Description:
MyHeritage Family Tree Publisher Software

Version:
3, 0, 0, 805

MD5:
c030102ed53c1e09eccb636409945be3

SHA-1:
9a34300b9671e277249443d8e95779190a116f1f

SHA-256:
f6df2f84898aa8a5be2b304537c8ca044b2131602f44cbffd7314e01774023b7

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 3:10:23 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Bundler.MyHerita.Meta (M)
16.6.12.17

File size:
747.5 KB (765,456 bytes)

Product version:
3, 0, 0, 805

Copyright:
Copyright (C) 2008 MyHeritage.com

Original file name:
FamilyTreePublisher.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
MyHeritage Ltd.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
2/21/2008 2:00:00 AM

Valid to:
3/24/2010 1:59:59 AM

Subject:
CN=MyHeritage Ltd., OU=GENEALOGY RESEARCH, O=MyHeritage Ltd., L=Bnei Atarot, S=Bnei Atarot, C=IL

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
75549F68705A5EE7233D6E7F90A8D4AF

File PE Metadata
Compilation timestamp:
10/25/2009 2:15:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:imin2DLRVfvdcFY/+x1EMHbCiwr5JEBXV6nbyaIqwKlniO8QLWf8es8He34IIsvV:iv2DTfvdoY/+bTCXrH4XxaxwKiO8vfOF

Entry address:
0x242D00

Entry point:
60, BE, 00, 30, 59, 00, 8D, BE, 00, E0, E6, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
704 KB (720,896 bytes)

The file FamilyTreePublisher.exe has been discovered within the following program.

MyHeritage Family Tree Builder  by MyHeritage.com
Family Tree Builder (FTB) is genealogy software to create family trees. The free download version is distributed as freeware, with no restrictions, although registration is required to run the software.
www.myheritage.com/family-tree-builder
About 2% of users remove it
 
Powered by Should I Remove It?

Remove FamilyTreePublisher.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.