» ftm2005se.exe
Overview
Analysis
File Details
Programs (1)
Downloads (3)

ftm2005se.exe

Family Tree Maker 2005

MyFamily.com Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

ftm2005se.exe

Publisher:

MyFamily.com (signed by MyFamily.com Inc.)

Product:

Family Tree Maker 2005

Version:

12.0.345

MD5:

b3318e87825b63116af5e69da415e451

SHA-1:

e0fb8c4f9d4197f21bdd31116666a5142776491a

SHA-256:

d847cc5ce09982a37a7b7b080f20594ea23336c0bda2f8aef8e6305ff567ca53

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

5/8/2024 10:57:28 PM UTC (today)

Scan engine

Detection

Engine version

Clam AntiVirus

Trojan.Peed-474

0.98/18155

Rising Antivirus

PE:Malware.XPACK/RDM!5.1

23.00.65.14512

File size:

16 MB (16,759,728 bytes)

Product version:

12.0.345

Original file name:

stub32i.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\ftm2005se.exe

Digital Signature

Signed by:

MyFamily.com Inc.

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

4/19/2004 10:59:54 PM

Valid to:

4/19/2005 10:59:54 PM

Subject:

CN=MyFamily.com Inc., O=MyFamily.com Inc., L=Provo, S=Utah, C=US

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

3E121B

File PE Metadata

Compilation timestamp:

8/2/2002 9:01:18 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

393216:pe1gX1+XUUpv/P9aJMne9Aw9807zReDzTn7gV0sKBcPjUFj:o1gX1+/nlaJV0PTavKBcPjc

Entry address:

0x8AF7

Entry point:

55, 8B, EC, 6A, FF, 68, 20, 43, 41, 00, 68, F0, C3, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, F0, 41, 41, 00, 33, D2, 8A, D4, 89, 15, 7C, 93, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 78, 93, 41, 00, C1, E1, 08, 03, CA, 89, 0D, 74, 93, 41, 00, C1, E8, 10, A3, 70, 93, 41, 00, 33, F6, 56, E8, 70, 02, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, D1, 36, 00, 00, FF, 15, F4, 41, 41, 00, A3, 4C, BA, 41, 00, E8... 
[+]

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

76 KB (77,824 bytes)

The file ftm2005se.exe has been discovered within the following program.

Family Tree Maker 2012 by Ancestry.com, Inc.

Publisher's description - “Family Tree Maker is the ideal tool to help you discover and preserve your family’s heritage. It’s quick and easy to use for those just starting to research their family history, but it’s also robust enough for the most serious genealogist.”

www.familytreemaker.com

3% remove it

The file ftm2005se.exe has been seen being distributed by the following 3 URLs.

http://gsf-cf.softonic.com/e0f/b8c/.../file?SD_used=0&channel=WEB&fdh=no&id_file=47739&instance=softonic_es&type=PROGRAM&Expires=1455357226&Signature=aiIoQ2x7HoyQOOUHPo41U8QrG4Y7axHeUdE~mxT08BGrYWDtKIytO~J8RGNifa~VaFq78~5FXDIBB8xEDeECJF7liSJOJXV76eXAj8P--KIie0pL9bNpdDgtZBoDSKffA85Dg6-ohZMOzynJ36bfEAJDBUKObLo8AThJss~DmYg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ftm2005se.exe

http://c.ancestry.com/Affiliate/Knowledgebase/Images/.../ftm2005se.exe

http://www.familytreemaker.dk/.../ftm2005UKdemo.exe

Scan ftm2005se.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.