home

fondofestivo_ar_c2bf23fa.exe

msnDelivery

Microsoft

This is a setup program which is used to install the application. The file has been seen being downloaded from www.feriademoticones.com.
Publisher:
Microsoft  (signed and verified)

Product:
msnDelivery

Version:
1.0.3987.18582

MD5:
3e23e062c406244c8c5d9f266f8e293b

SHA-1:
2123f103a23ea28b1e859cd84e36de64c8d53cc3

SHA-256:
2bf38387ec26ea4d19f269c563643a14017cf627fa60e6feb315bdf8128a9e0f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 12:54:03 AM UTC  (today)

File size:
843.8 KB (864,088 bytes)

Product version:
1.0.3987.18582

Copyright:
Copyright 2009

Original file name:
FondoFestivo_AR.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\fondofestivo_ar_c2bf23fa.exe

Digital Signature
Signed by:
Microsoft

Authority:
GlobalSign nv-sa

Valid from:
1/19/2010 4:36:59 PM

Valid to:
1/19/2011 4:36:59 PM

Subject:
CN=MSN Messenger Client - Microsoft, OU=Microsoft, O=Microsoft, L=Capital Federal, S=Capital Federal, C=AR

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
010000000001264834E0A6

File PE Metadata
Compilation timestamp:
12/1/2010 10:19:25 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0xCF09E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
824 KB (843,776 bytes)

The file fondofestivo_ar_c2bf23fa.exe has been seen being distributed by the following URL.

http://www.feriademoticones.com/.../fondofestivo_ar_c2bf23fa.exe

Scan fondofestivo_ar_c2bf23fa.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.