home

IEFTimeline.exe

IEF Timeline

Magnet Forensics Inc.

Publisher:
Magnet Forensics Inc.  (signed and verified)

Product:
IEF Timeline

Version:
6.5.0.0504

MD5:
49859ea1705126bdf6c986c5e82f8ba9

SHA-1:
c2ec089ae6fe72abf9667929cb05e7db0567a17f

SHA-256:
1561a16f6c6d43fd73f69f11e8966074a2b00570d96383f2635b2e42c03a1455

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/16/2024 11:40:56 AM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan.Win32.Meredrop
t3scan.1.8.6.0

Trend Micro House Call
Suspicious_GEN.F47V0121
7.2.9

Vba32 AntiVirus
Malware-Cryptor.MSIL.gen.1
3.12.26.3

File size:
4.3 MB (4,536,648 bytes)

Product version:
6.5.0.0504

Copyright:
Copyright © Magnet Forensics Inc. 2013

Original file name:
IEFTimeline.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\internet evidence finder report viewer\ief timeline\ieftimeline.exe

Digital Signature
Signed by:
Magnet Forensics Inc.

Authority:
GlobalSign nv-sa

Valid from:
8/31/2012 3:08:15 PM

Valid to:
9/1/2015 3:08:15 PM

Subject:
E=jad@magnetforensics.com, CN=Magnet Forensics Inc., O=Magnet Forensics Inc., L=Waterloo, S=Ontario, C=CA

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121196291CEA40E811694D0D164367A0E83

File PE Metadata
Compilation timestamp:
11/19/2014 8:04:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
98304:F0CzsAdg8LQ84gPZJDpMjZxXZrBJMHgsM:GCn68E8461mZxPJmjM

Entry address:
0x44E5B6

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E0, 44, 00, 0C, 00, 00, 00, B8, 35, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9967

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
4.3 MB (4,507,136 bytes)

Scan IEFTimeline.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.