home

frame.exe

Vladimir Varenkov

Publisher:
Vladimir Varenkov  (signed and verified)

MD5:
a9b9cae4df89f66d94dc2c8a0054ade5

SHA-1:
ceded529042ee3ba0d8daa15e10ddd7a56b49ad2

SHA-256:
1cd4227cf6eb5b38ba7e1fbd44de300916b7190640c7f9ec4b46585789501307

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/26/2024 4:15:11 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Packed.Obsidium (variant)
8.7396

Quick Heal
(Suspicious) - DNAScan
3.14.12.00

File size:
739 KB (756,696 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\easy frame creator 2.1\frame.exe

Digital Signature
Signed by:
Vladimir Varenkov

Authority:
StartCom Ltd.

Valid from:
3/28/2012 11:27:02 AM

Valid to:
3/29/2014 12:55:09 PM

Subject:
E=support@easyanimationtools.com, CN=Vladimir Varenkov, L=Troitsk, S=Moskva Oblast, C=RU, Description=aP8721LmpRRf5N6X

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
05A9

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:/JkEH4QadET4KqzZn64W4SJfUTiiLLeKkYvRpLLqQOvvRKOgcHC0yPJwZw/y+xyg:/Jtba+QZKlmLLDRprvOgc2JSEk47j

Entry address:
0x1C2000

Entry point:
EB, 04, 09, 5F, 64, 0D, 50, EB, 02, 5F, EE, E8, 15, 00, 00, 00, EB, 02, 5B, 6D, EB, 02, EA, 7A, 33, C0, EB, 04, D7, 97, C8, E9, 71, 5D, EB, 01, 2B, EB, 05, 24, CD, F9, B7, F2, B8, 33, 48, EB, F6, EB, 02, 1C, 70, EB, 05, 03, BE, 5E, E4, 36, 05, CD, B7, 14, 09, EB, 04, BC, FE, CD, 4F, 75, 36, EB, 02, AE, 46, 64, FF, 30, EB, 02, 99, 5D, 64, 89, 20, EB, 02, 2E, 91, EB, 03, 39, 78, 9E, 8B, 10, EB, 02, BD, 97, 64, 8F, 00, EB, 01, 9F, 83, C4, 04, EB, 04, 5C, 0D, C7, 60, 58, EB, 01, 5A, C3, EB, 03, 18, 3D, 9B, EB...
 
[+]

Entropy:
7.9879  (probably packed)

Code size:
1012.5 KB (1,036,800 bytes)

Scan frame.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.