home

partition_doctor.exe

Eugine Kharinskiy

Publisher:
SoftAmbulance Data Recovery  (signed by Eugine Kharinskiy)

Description:
SoftAmbulance Partition Doctor

Version:
5.23.0.0

MD5:
a91f0101251324af4a8db967edd39ae6

SHA-1:
bf286b430f6b05b60dd5f29de9c1eb811ba54958

SHA-256:
82606652864ac3d05dd512d2a8ea71e25b73ba304546805079e0c9ac3902f0f7

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 12:57:20 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.TsCabk
1.3.0.4924

Trend Micro House Call
PAK_Generic.009
7.2.26

Trend Micro
PAK_Generic.009
10.465.26

File size:
2.9 MB (3,002,352 bytes)

Product version:
5.x

Copyright:
SoftAmbulance

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\softambulance\partition doctor\partition_doctor.exe

Digital Signature
Signed by:
Eugine Kharinskiy

Authority:
GlobalSign nv-sa

Valid from:
6/6/2011 11:29:02 PM

Valid to:
6/6/2012 12:41:53 PM

Subject:
CN=Eugine Kharinskiy, C=UA

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000013068D42602

File PE Metadata
Compilation timestamp:
6/14/2011 6:15:26 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:zAYv02aDKHuwwzARICxNZ/dIJHMOkSOVE1HYtkN14o1nqU/wXRftWQ8/Yfe2F:zAYv0hDKHuwF550HO44in4/U/wXRFWQ9

Entry address:
0x8C7E11

Entry point:
E8, 3B, FF, FF, FF, 05, 9A, 2C, 00, 00, FF, E0, E8, 2F, FF, FF, FF, 05, 91, 34, 00, 00, FF, E0, E8, 04, 00, 00, 00, FF, FF, FF, FF, 5E, C3, 00, B4, 93, 26, 52, 1C, 7B, FE, 28, 7A, 36, 5A, CA, 7B, 92, B8, CC, 75, BD, 9F, E4, 24, E0, 39, 62, D3, CC, AE, E5, 9D, 4D, 8C, 2B, F5, 44, 82, 76, 3A, 05, 90, 85, A8, DA, BE, BA, 36, CE, ED, 16, 78, 1D, EB, 32, 2C, 91, BE, D8, B8, 61, E6, DD, 67, BA, 09, 5D, 51, 90, AD, A2, AC, 27, 2E, 39, A4, B7, 61, CA, EF, 18, 03, 2B, 2D, 73, F7, 8D, A6, 58, 67, F0, AD, 8F, 84, 51...
 
[+]

Entropy:
7.8611  (probably packed)

Code size:
2.6 MB (2,733,056 bytes)

Scan partition_doctor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.