» POLINK.EXE
Overview
Analysis
File Details

POLINK.EXE

Pelles C for Windows

Per Orinius

File name:

POLINK.EXE

Publisher:

Pelle Orinius (signed by Per Orinius)

Product:

Pelles C for Windows

Description:

Pelles Linker

Version:

6.50.0

MD5:

c9a4469d1f6dbf34f444e5e33bc03b1e

SHA-1:

039d4db8e00073360d1855e2c72f5e03e2e46274

SHA-256:

2ad63f569d430a74143cc43c2d0e48b32866c3a3812334a8fb276790db5acf04

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/26/2024 4:39:02 AM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Malware.XPACK-LNR/Heur!1.5594

23.00.65.14604

File size:

169.2 KB (173,224 bytes)

Product version:

6.50

Original file name:

POLINK.EXE

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\pony\builder\masm32\bin\polink.exe

Digital Signature

Signed by:

Per Orinius

Authority:

StartCom Ltd.

Valid from:

5/1/2010 2:21:01 AM

Valid to:

5/1/2012 2:52:39 PM

Subject:

E=pelle@smorgasbordet.com, CN=Per Orinius, OU=StartCom Verified Certificate Member, L=Stockholm, S=Stockholms, C=SE, Description=188892-g02RZJk7FwL969zw

Issuer:

CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:

012F

File PE Metadata

Compilation timestamp:

11/19/2010 8:02:31 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

2.50

CTPH (ssdeep):

3072:WdU4MSSgdQ4wmbUvQPrpCecPz5dxMuOz0JfAr2bg9O3GfIVJeqONpTf0fy/II19g:Wq4MSzdlwmbUvQzpCecP1dxgifz3GI

Entry address:

0x15CD0

Entry point:

55, 89, E5, 6A, FF, 68, 9C, 0B, 42, 00, 68, 38, 45, 41, 00, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 83, EC, 0C, 53, 56, 57, 89, 65, E8, 68, 00, 00, 00, 02, E8, C0, 33, 00, 00, 59, A3, EC, 23, 42, 00, E8, 15, 13, 00, 00, 85, C0, 75, 0D, 6A, 01, E8, BA, 11, 00, 00, 59, E9, 9B, 00, 00, 00, C7, 45, FC, 00, 00, 00, 00, E8, 68, 14, 00, 00, E8, F3, 14, 00, 00, E8, 3E, 15, 00, 00, E8, 59, 19, 00, 00, E8, F4, 19, 00, 00, BB, BC, 1D, 42, 00, 81, FB, BC, 1D, 42, 00, 73, 0D, FF, 13, 83, C3, 04, 81, FB... 
[+]

Entropy:

6.3416

Code size:

117 KB (119,808 bytes)

Scan POLINK.EXE - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.