home

IEFTimeline.exe

IEF Timeline

Magnet Forensics Inc.

Publisher:
Magnet Forensics Inc.  (signed and verified)

Product:
IEF Timeline

Version:
6.6.0.0333

MD5:
fc048ad7c7c59a6faf4d252b37bc7ff6

SHA-1:
e9506832c700c8445a5f5a5ff4b15073fb74199f

SHA-256:
a85af4ae95f1b02b7af8691ca68911a914f3eca52c4ebc7130c969416ac1d5c5

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 4:43:57 AM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan.Win32.Meredrop
t3scan.1.9.5.0

Trend Micro House Call
Suspicious_GEN.F47V0524
7.2.337

Vba32 AntiVirus
Malware-Cryptor.MSIL.gen.1
3.12.26.4

File size:
4.9 MB (5,156,168 bytes)

Product version:
6.6.0.0333

Copyright:
Copyright © Magnet Forensics Inc. 2015

Original file name:
IEFTimeline.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\internet evidence finder_660\ief report viewer\ief timeline\ieftimeline.exe

Digital Signature
Signed by:
Magnet Forensics Inc.

Authority:
GlobalSign nv-sa

Valid from:
8/31/2012 3:08:15 PM

Valid to:
9/1/2015 3:08:15 PM

Subject:
E=jad@magnetforensics.com, CN=Magnet Forensics Inc., O=Magnet Forensics Inc., L=Waterloo, S=Ontario, C=CA

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121196291CEA40E811694D0D164367A0E83

File PE Metadata
Compilation timestamp:
5/13/2015 1:02:02 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
98304:IrwSsyQ/ygZzAQVX2EB17n/L+ikaH7TzGcYd2iga81Bg/WURyHqi:IrwDBAQ92EBJ/73tYd2iHruUIKi

Entry address:
0x4E58A2

Entry point:
4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9973  (probably packed)

Code size:
4.9 MB (5,126,656 bytes)

Scan IEFTimeline.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.