home

postsharp-4.2.20.exe

SharpCrafters s.r.o.

This is a setup program which is used to install the application. The file has been seen being downloaded from visualstudiogallery.msdn.microsoft.com.
Publisher:
SharpCrafters s.r.o.  (signed and verified)

MD5:
c1b53e3eacc634446425b9de5d392bed

SHA-1:
a209846e61f7340d8bbc1d1399f8a47e0c979a84

SHA-256:
1afe1842ace4147947ee04be1fb26330dde9e105ac12a5db49be1cb85374e0ba

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 8:31:26 AM UTC  (today)

File size:
5.9 MB (6,227,936 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\postsharp-4.2.20.exe

Digital Signature
Signed by:
SharpCrafters s.r.o.

Authority:
VeriSign, Inc.

Valid from:
6/12/2014 2:00:00 AM

Valid to:
8/11/2017 1:59:59 AM

Subject:
CN=SharpCrafters s.r.o., O=SharpCrafters s.r.o., L=Prague, S=Prague, C=CZ

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6D559CD921ABF69FB0ED060D1F073561

File PE Metadata
Compilation timestamp:
2/3/2009 9:21:10 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:HV3QPFtV7V+Smv+wGGtaxIrB9CjMPQuYrmLSXmyDFWOKylWYUUDYOB3sNXJMUsRv:HV3QtnZTeGGtoSB9QktBUVBWOAoDqNXO

Entry address:
0x13254

Entry point:
55, 8B, EC, 6A, FF, 68, 28, A9, 41, 00, 68, 7C, 31, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 88, A1, 41, 00, 33, D2, 8A, D4, 89, 15, E0, 22, 42, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, DC, 22, 42, 00, C1, E1, 08, 03, CA, 89, 0D, D8, 22, 42, 00, C1, E8, 10, A3, D4, 22, 42, 00, 6A, 01, E8, 96, 0E, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 48, 09, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
7.9739

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
97 KB (99,328 bytes)

The file postsharp-4.2.20.exe has been seen being distributed by the following URL.

https://visualstudiogallery.msdn.microsoft.com/a058d5d3-e654-43f8-a308-c3bdfdd0be4a/file/89212/.../PostSharp-4.2.20.exe

Scan postsharp-4.2.20.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.