» FantaMorph.exe
Overview
Analysis
File Details

FantaMorph.exe

Abrosoft FantaMorph

Abrosoft Co.

File name:

FantaMorph.exe

Publisher:

Abrosoft (signed by Abrosoft Co.)

Product:

Abrosoft FantaMorph

Description:

FantaMorph

Version:

4.02.0006

MD5:

841fae497397de328dbda347e65cf770

SHA-1:

5588188c0900d36c987f593f784bce4e3cbdb9e2

SHA-256:

b74e08f9c89fbbe36b2a1819217fac089c5350cab56ac07614a6d0377398cdd4

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

5/10/2024 6:12:13 AM UTC (today)

Scan engine

Detection

Engine version

Malwarebytes

Backdoor.Agent.PRN

v2016.02.07.11

Zillya! Antivirus

Backdoor.Bifrose.Win32.42431

2.0.0.1989

File size:

598.4 KB (612,768 bytes)

Product version:

4.02.0006

Trademarks:

Abrosoft

Original file name:

FantaMorph.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\abrosoft\fantamorph4\fantamorph.exe

Digital Signature

Signed by:

Abrosoft Co.

Authority:

The USERTRUST Network

Valid from:

10/28/2009 5:00:00 PM

Valid to:

10/28/2012 4:59:59 PM

Subject:

CN=Abrosoft Co., O=Abrosoft Co., STREET="No.72 SuZhouJie, Tower 1/Suite 403", STREET=HaiDian, L=Beijing, S=Beijing, PostalCode=100080, C=CN

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

7ADBBFF86E08ED512B2202891A5A2CFF

File PE Metadata

Compilation timestamp:

9/21/2010 1:30:07 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:12hCK8DeoLA4hjjqTdSbNOcOACL3oWYAaTVikWE9vDP:60DB0c+TdyMZMA0VDvDP

Entry address:

0x28D001

Entry point:

60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, D0, 28, 00, 83, BD, 22, 04, 00, 00, 00, 89, 9D, 22, 04, 00, 00, 0F, 85, 65, 03, 00, 00, 8D, 85, 2E, 04, 00, 00, 50, FF, 95, 4D, 0F, 00, 00, 89, 85, 26, 04, 00, 00, 8B, F8, 8D, 5D, 5E, 53, 50, FF, 95, 49, 0F, 00, 00, 89, 85, 4D, 05, 00, 00, 8D, 5D, 6B, 53, 57, FF, 95, 49, 0F, 00, 00, 89, 85, 51, 05, 00, 00, 8D, 45, 77, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72... 
[+]

Entropy:

7.9776

Packer / compiler:

ASPack v2.12

Code size:

2.4 MB (2,510,848 bytes)

Scan FantaMorph.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.