home

PXI.exe

Xml Integrator

TrigoldCrystal

Publisher:
Trigold  (signed by TrigoldCrystal)

Product:
Xml Integrator

Version:
10.01.0012

MD5:
e77258af10a40bb010c605ebe6543d5e

SHA-1:
2f23f973701e74ad0e479bdebcb6988228a5a95d

SHA-256:
f94961be580e2cd7adde5e9c0239ac42a6420c13efcace8e15c5acb4a54e43db

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/19/2024 11:37:04 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Dr.Web
BACKDOOR.Trojan
9.0.1.0312

File size:
1.1 MB (1,107,456 bytes)

Product version:
10.01.0012

Original file name:
PXI.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\trigoldcrystal\prospector\pxi.exe

Digital Signature
Signed by:
TrigoldCrystal

Authority:
Thawte, Inc.

Valid from:
8/9/2013 1:00:00 AM

Valid to:
8/6/2014 12:59:59 AM

Subject:
CN=TrigoldCrystal, O=TrigoldCrystal, L=Bromsgrove, S=Worcestershire, C=GB

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
53D5956C29788305FB4292013B19CDA5

File PE Metadata
Compilation timestamp:
5/23/2014 10:50:01 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:CdA0FFU9RH90000000000000000000000000N9I1vtM4IFmdIZJ7:CdVT4W4EmcB

Entry address:
0x1550

Entry point:
68, 48, 18, 40, 00, E8, EE, FF, FF, FF, 00, 00, 40, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, A9, C0, 15, 37, 09, 38, 7D, 48, 8E, B4, 03, 7C, 5B, 24, 28, 47, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 20, 42, 6F, 6F, 6C, 65, 50, 58, 49, 00, 20, 20, 20, 20, 00, 0A, 20, 20, 20, 20, 73, 46, 00, 00, 00, 00, 88, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 2F, 00, 00, 00, B5, 4C, 66, DC, AC, B5, 73, 4C, A1, 9E, 39, DB, 29, BD, 00, 54, 01, 00, 00, 00, 98, 00, 00, 00, A8, 00, 00, 00, 01, 00, 00, 00...
 
[+]

Entropy:
5.4066

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
1 MB (1,093,632 bytes)

Scan PXI.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.