home

frst64.exe

Farbar

Publisher:
Farbar

Description:
Farbar Recovery Scan Tool

Version:
16.11.2015.0

MD5:
df25a498414bcf82ea389ce2ddc3839b

SHA-1:
571904d6b26da421b3b62752ebafb60d4674b098

SHA-256:
be96ae8b70ba7ad23e97a51d67e1767699f7c08fda226fc940f75595e07d2f1f

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 5:45:39 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
23.00.65.151222

File size:
1.9 MB (2,008,576 bytes)

Product version:
3.3.12.0

Copyright:
©1999-2014 Jonathan Bennett & AutoIt Team

File type:
Executable application (Win64 EXE)

Language:
English (United Kingdom)

File PE Metadata
Compilation timestamp:
11/16/2015 1:34:53 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
49152:eZzO43KtaISugRed1bVka/uUy/bcmVn/A9IdBx:ztaDyy/brV/A9o

Entry address:
0x2C9D4

Entry point:
48, 83, EC, 28, E8, CF, AF, 00, 00, 48, 83, C4, 28, E9, 36, FE, FF, FF, CC, CC, 40, 53, 48, 83, EC, 10, 41, B9, 02, 00, 00, 00, 33, C9, 45, 8D, 51, FF, 44, 89, 0D, 33, 6A, 0A, 00, 41, 8B, C2, 44, 89, 15, 25, 6A, 0A, 00, 0F, A2, 89, 04, 24, 89, 5C, 24, 04, 89, 54, 24, 0C, 0F, BA, E1, 14, 73, 2B, 44, 89, 0D, 0B, 6A, 0A, 00, C7, 05, 05, 6A, 0A, 00, 06, 00, 00, 00, 0F, BA, E1, 1C, 73, 14, C7, 05, F1, 69, 0A, 00, 03, 00, 00, 00, C7, 05, EB, 69, 0A, 00, 0E, 00, 00, 00, 44, 8B, 05, C0, CF, 0A, 00, 33, C9, B8, 07...
 
[+]

Entropy:
7.4930

Code size:
656.5 KB (672,256 bytes)

The file frst64.exe has been seen being distributed by the following 2 URLs.

http://www.telecharger.sosvirus.net/download/.../?wpdmdl=5454&wpdmtoken=tRACMmeYeMNMg8hz8_sm751_sjHFyfY0ZSDy7_zSPuM

http://www.geekstogo.com/forum/files/get/.../2040-FRST64.exe

Scan frst64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.