home

pillow-2.6.1.win32-py3.4.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.lfd.uci.edu.
MD5:
8c018b47e0880b5b40267e39b2b16b8e

SHA-1:
dac53ca31de1e60af01a7871fe44afe22d886a40

SHA-256:
33dce8fb7271d72956a00bbbfffd47f8d331bd6bdf427e957ef8f81c6f0a7dc5

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/16/2024 3:21:33 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.W32.Swisyn
2.1.4+

File size:
1.3 MB (1,337,838 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\pillow-2.6.1.win32-py3.4.exe

File PE Metadata
Compilation timestamp:
4/4/2012 4:16:07 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:QGmA0UTPebDprZdbv2Dy6ug7hbexRwd4VWg0lOpo+kXb9fVaX2:7n0UTKprZBR7g1bYRwe5EyYS2

Entry address:
0xBA35

Entry point:
E8, 18, AF, 00, 00, E9, 89, FE, FF, FF, 57, 8B, C6, 83, E0, 0F, 85, C0, 0F, 85, C1, 00, 00, 00, 8B, D1, 83, E1, 7F, C1, EA, 07, 74, 65, EB, 06, 8D, 9B, 00, 00, 00, 00, 66, 0F, 6F, 06, 66, 0F, 6F, 4E, 10, 66, 0F, 6F, 56, 20, 66, 0F, 6F, 5E, 30, 66, 0F, 7F, 07, 66, 0F, 7F, 4F, 10, 66, 0F, 7F, 57, 20, 66, 0F, 7F, 5F, 30, 66, 0F, 6F, 66, 40, 66, 0F, 6F, 6E, 50, 66, 0F, 6F, 76, 60, 66, 0F, 6F, 7E, 70, 66, 0F, 7F, 67, 40, 66, 0F, 7F, 6F, 50, 66, 0F, 7F, 77, 60, 66, 0F, 7F, 7F, 70, 8D, B6, 80, 00, 00, 00, 8D, BF...
 
[+]

Entropy:
7.9356  (probably packed)

Code size:
134.5 KB (137,728 bytes)

The file pillow-2.6.1.win32-py3.4.exe has been seen being distributed by the following URL.

http://www.lfd.uci.edu/~gohlke/pythonlibs/.../Pillow-2.6.1.win32-py3.4.exe

Scan pillow-2.6.1.win32-py3.4.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.