home

mcfx_pro.1.2.1271.demo.exe

MCFX Pro

TS Support

This is a setup program which is used to install the application. The file has been seen being downloaded from www.multicharts.com.
Publisher:
TS Support

Product:
MCFX Pro

Version:
1.0.1271.0

MD5:
34084ced4a74054ecc27e30dea68def1

SHA-1:
692e52d0368fed43d9cddc1e3b67f1e0901e133c

SHA-256:
f8561bee3cafb105db178991df6f8ab6e1b4ee27e2677af87581536a1fbd16b5

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 9:17:01 PM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
TrojWare.Win32.TrojanDownloader.Swizzor.Gen
22946

File size:
22.2 MB (23,310,336 bytes)

Product version:
1.2.1271.0

Copyright:
Copyright (C) 1997-2007 TS Support LLC. All rights reserved.

Original file name:
tsbootstrapper.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\programs\mcfx_pro.1.2.1271.demo.exe

File PE Metadata
Compilation timestamp:
6/29/2007 12:55:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
393216:W3oZPgNWo7LqNuw3Z/qxUdPR98yUGO88A1IhKLmS9WqSYvDgxI/bwTlVcPZTTHW2:0oZPdmZ2/hRNUPBhE38qSYvDgxI/bEuD

Entry address:
0x14E40

Entry point:
E8, 5B, 75, 00, 00, E9, 16, FE, FF, FF, C3, B8, C1, CE, 41, 00, A3, B0, C0, 42, 00, C7, 05, B4, C0, 42, 00, BD, C5, 41, 00, C7, 05, B8, C0, 42, 00, 7B, C5, 41, 00, C7, 05, BC, C0, 42, 00, AF, C5, 41, 00, C7, 05, C0, C0, 42, 00, 25, C5, 41, 00, A3, C4, C0, 42, 00, C7, 05, C8, C0, 42, 00, 3B, CE, 41, 00, C7, 05, CC, C0, 42, 00, 3B, C5, 41, 00, C7, 05, D0, C0, 42, 00, A5, C4, 41, 00, C7, 05, D4, C0, 42, 00, 34, C4, 41, 00, C3, E8, 9B, FF, FF, FF, E8, B1, 80, 00, 00, 83, 7C, 24, 04, 00, A3, 04, CB, 42, 00, 74...
 
[+]

Entropy:
7.9822  (probably packed)

Code size:
140 KB (143,360 bytes)

The file mcfx_pro.1.2.1271.demo.exe has been seen being distributed by the following URL.

http://www.multicharts.com/.../mcfx_pro.1.2.1271.demo.exe

Scan mcfx_pro.1.2.1271.demo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.