home

pexplorer.exe

Heaventools Software

Publisher:
Heaventools Software  (signed and verified)

MD5:
3a0f3f3eee655be8e468d5b79406c5bf

SHA-1:
746a4f62fce0681b8c13a72f557ef1b160e58b1a

SHA-256:
b8be48f05eda12bc60c840d58826eb55583111c9564620314f0d2a8eaf86a722

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/23/2024 6:34:14 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Pedka
1.3.0.4677

Norman
Heuristic_Anomaly.A
11.20151105

Rising Antivirus
PE:Trojan.Win32.Generic.153AAE38!356167224
23.00.65.151103

File size:
2.9 MB (3,007,224 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\pe explorer\pexplorer.exe

Digital Signature
Signed by:
Heaventools Software

Authority:
The USERTRUST Network

Valid from:
10/25/2007 3:00:00 AM

Valid to:
10/25/2009 2:59:59 AM

Subject:
CN=Heaventools Software, O=Heaventools Software, STREET=101-1001 West Broadway Dept. 381, L=Vancouver, S=BC, PostalCode=V6H4E4, C=CA

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
009F1730A374EFEA42ED0D1B504DA8F981

File PE Metadata
Compilation timestamp:
10/14/2009 8:31:44 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:RIwaGlEAiVuupmPQ/fdXluEa6Z/rYqzzvlaUqd99VdXzvJS9DpS1GRmuDrxOhV4j:hal5uuYPQ/fdXluEa6R1zLlaUwHjzwDT

Entry address:
0x1BA698

Entry point:
55, 8B, EC, 83, C4, F4, 53, 56, 57, B8, 00, A3, 5B, 00, E8, A1, AF, E4, FF, 8B, 1D, A4, 49, 5C, 00, A1, 00, 41, 5C, 00, E8, 95, 97, E4, FF, 50, 6A, 00, 68, 01, 00, 1F, 00, E8, 58, B2, E4, FF, A3, 04, 41, 5C, 00, 83, 3D, 04, 41, 5C, 00, 00, 75, 19, A1, 00, 41, 5C, 00, E8, 70, 97, E4, FF, 50, 6A, 00, 6A, 00, E8, 1E, B0, E4, FF, A3, 04, 41, 5C, 00, 33, C0, 55, 68, 4B, A8, 5B, 00, 64, FF, 30, 64, 89, 20, 33, C0, 55, 68, DA, A7, 5B, 00, 64, FF, 30, 64, 89, 20, 8B, 03, E8, 16, 78, E7, FF, E8, F9, 7C, FA, FF, 8B...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.7 MB (1,808,896 bytes)

Scan pexplorer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.