» formalitefacileie.exe
Overview
Analysis
File Details

formalitefacileie.exe

FormaliteFacile

SUNWORK MEDIA

The executable formalitefacileie.exe, “FormaliteFacile Setup ” has been detected as malware by 23 anti-virus scanners. The program is a setup application that uses the Inno Setup installer.

File name:

Publisher:

SunWork Media (signed by SUNWORK MEDIA)

Product:

FormaliteFacile

Description:

FormaliteFacile Setup

MD5:

73e628a1000fe94da36249985de7d2ac

SHA-1:

f1ea092a8ac50ba8a9dcecba641c34fec5afa969

SHA-256:

147036d00efaca1269596970491d57172212ffd238ac9c952bfcba966edcb8a9

Scanner detections:

23 / 68

Status:

Malware

Analysis date:

4/24/2024 11:54:15 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.10365450

310

avast!

Win32:Malware-gen

2014.9-160330

AVG

Generic32

2017.0.2788

Bitdefender

Trojan.Generic.10365450

1.0.20.450

Dr.Web

Trojan.StartPage.51693

9.0.1.090

Emsisoft Anti-Malware

Trojan.Generic.10365450

8.16.03.30.04

Fortinet FortiGate

W32/Pasta.UBT!tr

3/30/2016

F-Secure

Trojan.Generic.10365450

11.2016-30-03_4

G Data

Trojan.Generic.10365450

16.3.25

IKARUS anti.virus

Trojan.Win32.Pasta

t3scan.1.8.9.0

K7 AntiVirus

Riskware

13.202.15609

Kaspersky

Trojan.Win32.Pasta

14.0.0.437

McAfee

Artemis!73E628A1000F

5600.6444

MicroWorld eScan

Trojan.Generic.10365450

17.0.0.270

NANO AntiVirus

Trojan.Win32.Pasta.bkpdfe

0.30.16.1110

Norman

Malware

11.20160330

nProtect

Trojan.Generic.10365450

15.04.15.01

Panda Antivirus

Trj/CI.A

16.03.30.04

Qihoo 360 Security

Win32/Trojan.92c

1.0.0.1015

Quick Heal

Trojan.Pasta.r5

3.16.14.00

Sophos

Mal/Generic-S

4.98

Vba32 AntiVirus

Trojan.Pasta

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

39382

File size:

384.8 KB (394,064 bytes)

Product version:

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\formalitefacileie.exe

Digital Signature

Signed by:

SUNWORK MEDIA

Authority:

Thawte, Inc.

Valid from:

4/6/2012 2:00:00 AM

Valid to:

4/7/2014 1:59:59 AM

Subject:

CN=SUNWORK MEDIA, OU=ALPES MARITIME, O=SUNWORK MEDIA, L=NICE, S=PACA, C=FR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

42B235AE116D147D4122347E0124620E

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6144:7/na4kOKb6G3n/puDDNHtdgDQGS+4aVm2b6oRKVo/ZPzSMwp5HhsalprDkLHisOU:jna9OYPUnaMGF4O2DnM2xk/O2R

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

Remove formalitefacileie.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.