» off.exe
Overview
Analysis
File Details
Programs (1)

off.exe

MyHeritage Ltd.

This file is installed with the program MyHeritage Family Tree Builder.

File name:

off.exe

Publisher:

MyHeritage Ltd. (signed and verified)

MD5:

46e8b6c0bb5aeb944a52e68db2069d97

SHA-1:

fcb90a8d8a14d38973d8e174190794c7b0774035

SHA-256:

90439a51129fc1666865bae38fba52e45728b224d7c0c498aec1818b1727a89e

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/16/2024 5:26:10 PM UTC (today)

Scan engine

Detection

Engine version

Trend Micro House Call

PAK_Generic.001

7.2.257

Trend Micro

PAK_Generic.001

10.465.14

File size:

50.5 KB (51,728 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\myheritage\bin\off.exe

Digital Signature

Signed by:

MyHeritage Ltd.

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

2/21/2008 12:00:00 AM

Valid to:

3/23/2010 11:59:59 PM

Subject:

CN=MyHeritage Ltd., OU=GENEALOGY RESEARCH, O=MyHeritage Ltd., L=Bnei Atarot, S=Bnei Atarot, C=IL

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

75549F68705A5EE7233D6E7F90A8D4AF

File PE Metadata

Compilation timestamp:

12/21/2008 2:57:22 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

CTPH (ssdeep):

1536:SKcfp7xL6mBXMka04UwioXAiR9bvMGJXNziPnXb:k6muka04P/QiR9XanL

Entry address:

0x1C820

Entry point:

60, BE, 00, 20, 41, 00, 8D, BE, 00, F0, FE, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB... 
[+]

Entropy:

7.8055

Packer / compiler:

UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:

44 KB (45,056 bytes)

The file off.exe has been discovered within the following program.

MyHeritage Family Tree Builder by MyHeritage.com

Family Tree Builder (FTB) is genealogy software to create family trees. The free download version is distributed as freeware, with no restrictions, although registration is required to run the software.

www.myheritage.com/family-tree-builder

About 2% of users remove it

Scan off.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.