home

faxtifview.exe

Able Fax Tif View

Graphic Region

This is a setup and installation application. The file has been seen being downloaded from www.graphicregion.com and multiple other hosts.
Publisher:
GraphicRegion.com   (signed by Graphic Region)

Product:
Able Fax Tif View

Description:
Able Fax Tif View Setup

Version:
3.9.4.5

MD5:
42596a3f6cc967b5308ba51bc72f5f75

SHA-1:
49b872e0c081b9555e02553c87dc2bfd669c24ed

SHA-256:
045a4373125b78d88991c7b68461fa2d4a4e9dbb0ace88738a9c1626bf047422

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/16/2024 11:57:02 PM UTC  (a few moments ago)

File size:
33.5 MB (35,134,928 bytes)

Product version:
3.9.4.5

Copyright:
Copyright © 1997-2016 GraphicRegion.com

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\faxtifview.exe

Digital Signature
Signed by:
Graphic Region

Authority:
Unizeto Technologies S.A.

Valid from:
3/19/2016 4:27:48 PM

Valid to:
9/9/2016 8:11:02 AM

Subject:
E=support@graphicregion.com, CN=Vyacheslav Burlakov, O=Graphic Region, C=RU

Issuer:
CN=Certum Code Signing CA SHA2, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
7343898B44883820144789D7A9FE2AD0

File PE Metadata
Compilation timestamp:
7/9/2014 9:58:13 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
786432:JG8voKNi31QbPG1HQqjSSdQ4TTn5HRtOJDNhSuV0/Sd3X+1:08d41QbixSmQ4Pn5HDOJhhSuVSW3X+1

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file faxtifview.exe has been seen being distributed by the following 2 URLs.

http://www.graphicregion.com/faxtifview.exe

http://en.softonic.com/sads/tracker.php?ev=c&co=DE&sid=a9cd4fafc6c5706d56d9ec67f9f0c144&upv=d00a38809b74d1a84260a6000b3469cd&z=download-cpd&sk=116&abp=0&params=F39B2A32BFC101987B1458170C278E039C2598F67F8A084905596B1FB1B81A80163B026A0A41B2F4C41CDB128F2EA1D825FAED5BBA0C7CD2934F7FF0B024E541D1C6E1A87C46C097A645E000E7758DFCBAB2343A4B4D6A2169E7F0D52F9EE7FB2AC7F91297D2223B4426F8BCD4075EA62A381F889BAD1D15FAC0693F69FB62E52ECE60D59A59A9DDAEEF63459690F0CF1E9A137EA2ACE481774B6A1CEE1B3562&h=1B7BD6E33BAAE401A5244C8E3587AE53841C028E4FECEF13C2696FFC9BF64FC8&directdownload=1&f=98698&d=http://.../faxtifview.exe

Scan faxtifview.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.