» graphtool1.exe
Overview
Analysis
File Details

graphtool1.exe

GraphTool Application

StoxEV

File name:

graphtool1.exe

Publisher:

StoxEV (signed and verified)

Product:

GraphTool Application

Description:

GraphTool MFC Application

Version:

1, 1, 1, 0

MD5:

2ba7cf07d6c8ca57c07c9b5af29e8122

SHA-1:

c8f4fbdb4a582c71933d710e58bc2194d3671b71

SHA-256:

d8a7068252d7a811c3558b2d9e302728ad4320a97aacc973042d7ba015031714

Scanner detections:

4 / 68

Status:

Clean (4 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/24/2024 4:15:43 AM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

HW32.Packed

1.3.0.6979

NANO AntiVirus

Trojan.Win32.XPACK.dowldt

0.30.24.2668

Qihoo 360 Security

HEUR/QVM19.1.Malware.Gen

1.0.0.1015

Sophos

Virus 'Mal/EncPk-ABFU'

File size:

1.3 MB (1,346,800 bytes)

Product version:

1, 1, 1, 0

Original file name:

GraphTool.EXE

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\holdeq\holdeq\graphtool1.exe

Digital Signature

Signed by:

StoxEV

Authority:

COMODO CA Limited

Valid from:

4/10/2013 3:00:00 AM

Valid to:

4/10/2016 2:59:59 AM

Subject:

CN=StoxEV, O=StoxEV, STREET=Kolfstraat 123, L=Purmerend, S=Noord-Holland, PostalCode=1442 TC, C=NL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

5F83937A75060E85F04E3413233DFE4E

File PE Metadata

Compilation timestamp:

6/21/2015 10:02:02 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

24576:sZPBeHL6g8aKqBofrUKU2BKgPQKJV53MdI4WCd4fAKwp1RY76DdtCLexS1:cBeHaaKXATFwd58d9d2MpHBDdyWS1

Entry address:

0x309000

Entry point:

EB, 08, 0F, 50, 14, 00, 00, 00, 00, 00, E9, 00, 20, 00, 00, 54, 41, 47, 47, 00, 20, 00, 00, E5, 15, 00, 00, 01, 00, 30, 82, 15, E1, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 02, A0, 82, 15, D2, 30, 82, 15, CE, 02, 01, 01, 31, 09, 30, 07, 06, 05, 2B, 0E, 03, 02, 1A, 30, 82, 09, 4D, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 01, A0, 82, 09, 3E, 04, 82, 09, 3A, D0, 00, 01, 00, 01, C1, B1, A1, 02, 00, 03, 00, 04, 00, 00, 00, 26, 00, 00, 00, 01, 00, 1D, FF, F1, 34, 2F, 51, DE, FB, B3, E9, 49, A8, 31, 81, C7, 0D, 8A... 
[+]

Code size:

72 KB (73,728 bytes)

Scan graphtool1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.