» macdrive_7.1.0_en_setup.exe
Overview
Analysis
File Details
Downloads (8)

macdrive_7.1.0_en_setup.exe

MacDrive 7

Mediafour Corporation

This is a self-extracting archive and installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

Publisher:

Mediafour Corporation, info@mediafour.com (signed by Mediafour Corporation)

Product:

MacDrive 7

Description:

MacDrive 7 Setup

Version:

7.1.0.0

MD5:

e432ead75e859fe6959b6b5f6747fc7d

SHA-1:

a685e448eb4b8b39558e2872bb4adb37c820a3c6

SHA-256:

9b46cf4e2419a728b4c04c7dd23945ed559dc82397372bb68c4686f417ee3ded

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/18/2024 10:27:42 AM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Worm.VobfusEx!1.99DD

23.00.65.141228

File size:

2.7 MB (2,802,544 bytes)

Product version:

7.1.0.0

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Digital Signature

Signed by:

Mediafour Corporation

Authority:

VeriSign, Inc.

Valid from:

7/13/2007 8:00:00 AM

Valid to:

9/9/2010 7:59:59 AM

Subject:

CN=Mediafour Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mediafour Corporation, L=West Des Moines, S=Iowa, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

20B6C0BFEAEE9A994EDDBAA33016984E

File PE Metadata

Compilation timestamp:

6/20/1992 6:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:GuRr+6s4Cumzpcv+yTiDoj283j8HARL7zI6HyH+aMere40d8kksHHTG:GyrRLCL2BuojLz6ARL7uH+aMUe40akRC

Entry address:

0x3274

Entry point:

55, 8B, EC, 83, C4, F4, B8, 3C, 32, 01, 00, E8, 98, E9, FF, FF, E8, 43, FF, FF, FF, E8, 7E, FF, FF, FF, E8, 15, FE, FF, FF, E8, AC, E4, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.9855

Developed / compiled with:

Microsoft Visual C++

Code size:

9 KB (9,216 bytes)

The file macdrive_7.1.0_en_setup.exe has been seen being distributed by the following 8 URLs.

http://gsf-cf.softonic.com/a68/5e4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=51545&instance=softonic_en&type=PROGRAM&Expires=1477595746&Signature=PIDQrxHWL5a7e0ngQ9gnd1~pZGRAtVeYIkiZvxeuiprxNwpbN5PRdq65UDzOg3GPZQavJAXb8-SKfxroXNBUJ99traq3cC2LKGNJR-aPRJY636LQif2kE9j2Fz4gGGidBYyQoAna-7ZidsdAtOdmUyB~9i0WQSwF3Tfrr-iZ1Jo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=macdrive_7.1.0_en_setup.exe

http://gsf-cf.softonic.com/a68/5e4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=51545&instance=softonic_en&type=PROGRAM&Expires=1479442286&Signature=GJcjI9wWL49UyWYNyAzgkzNDVG9bE19t0sTnYvCW7t8lTtuT8jClRx-H9KW0p~t008MMOqwcgaVy7ga9~Lcom~5ZNjOCEYIn6rom3dC4LW2KCP-xlIM6McbonPfzd-jRB3Li6PigNm8nGTijYFJ0VJiiJXTRlMsJj~KAugfNSu8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=macdrive_7.1.0_en_setup.exe

http://gsf-cf.softonic.com/a68/5e4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=51545&instance=softonic_en&type=PROGRAM&Expires=1466229079&Signature=JasomUUQRiCiTunVkKrBabr3utJsK-iXLEPXqg3uUjaqJwKALnSCvf4oQMj9XrC~suUGpYsjRV8b-JxXfXE9YOskp42FBZHue-taf2KR7S0ZvlXqZYUpVYzGa4HDUpVtkaBrK3ibMZkuLkQQVO~ANsqkPKBbWKM2a6Vl2ePdrJk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=macdrive_7.1.0_en_setup.exe

http://gsf-cf.softonic.com/a68/5e4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=51545&instance=softonic_en&type=PROGRAM&Expires=1441794941&Signature=GQF5MsOf4CPiq6zGVqAFQXMoxVT~v2zpD3-k419dkryuVhJUj7w8F4h4VrfpSycNwIt2n22zBE-On-tMSS9dx4iGMvc-0Z965IWM61CoD0mLMS6VmqbDz1R2bCf3aWGREyojpAj4mo5nUKjdGQwQS-4GpjzdYJfpLP5Q85CajX8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=macdrive_7.1.0_en_setup.exe

http://gsf-cf.softonic.com/a68/5e4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=51545&instance=softonic_en&type=PROGRAM&Expires=1465085023&Signature=ii5GpFEpYWh5D7n-P4N8oo9uTqHijagOsLbgbCXo878wsK2oE78OwlBIBg9MnU3x-AMwC0hLiNjQm-twlqP62pPZAt~EQV-ycsRMNb1HPqj9kA0RHVSR1x1K2idPHlPO19zUode8V4GaQ08YzTSQ1aoZ8B7XHJon9N8TlzzP9ek_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=macdrive_7.1.0_en_setup.exe

http://gsf-cf.softonic.com/a68/5e4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=51545&instance=softonic_en&type=PROGRAM&Expires=1462141153&Signature=dVKM0Ztd2kx51fr4vAEIe9Rn-9tHi-WECBoExWU-PI8I3dWDabuEyjLLLEqIPDgzefCXvB1Jla2BuE9H0ShuEnpzMev3VcCFZU~LorUeFheMDaK80tlten1zjJyayL5U-ADvidotQNf0WR2hLe2GoOQHihQuOlNZuLJmVto8EAE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=macdrive_7.1.0_en_setup.exe

http://gsf-cf.softonic.com/a68/5e4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=51545&instance=softonic_en&type=PROGRAM&Expires=1453021478&Signature=FOcoGaegtSb97aYWhPo~WCqeT~9wAA5ULzwqY57EtX240pNIUqyuXiFw5z211dGYsKCherSTmNrGEBRd37fQ9iXQt4xqS2u~XLooctJLkbOrkEixdxeFYHp1QzslVWiWz~NusJLbdVbpXH-qgSPw2O87Rdwgn6RScx4HL6Yd7r0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=macdrive_7.1.0_en_setup.exe

http://gsf-cf.softonic.com/a68/5e4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=51545&instance=softonic_en&type=PROGRAM&Expires=1443316472&Signature=PwULFArpkA0vQ1968QkU47JjCIjOQbfbQlmDrHYurfgEivZrFrRrvHs7usY4n8j~jCOKFnfT7ISfSA3rwDI3kSnXtrrVY9NlC~1p0eOjFNDEIss9opHbfEpUbeMF3VsTIG~1l8ISlPmAaOmVSjMVcPAEoYFVPPR9~SUkrMu3lOU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=macdrive_7.1.0_en_setup.exe

Scan macdrive_7.1.0_en_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.